Author: laubai
Date: 2009-11-24 02:35:44 -0500 (Tue, 24 Nov 2009)
New Revision: 11669
Modified:
tags/JBPAPP_4_3_CP07_FP_CR1a/doc/Seam_Reference_Guide/en-US/Security.xml
Log:
Edited Security chapter.
Modified: tags/JBPAPP_4_3_CP07_FP_CR1a/doc/Seam_Reference_Guide/en-US/Security.xml
===================================================================
--- tags/JBPAPP_4_3_CP07_FP_CR1a/doc/Seam_Reference_Guide/en-US/Security.xml 2009-11-24
07:14:11 UTC (rev 11668)
+++ tags/JBPAPP_4_3_CP07_FP_CR1a/doc/Seam_Reference_Guide/en-US/Security.xml 2009-11-24
07:35:44 UTC (rev 11669)
@@ -41,7 +41,7 @@
</para>
<para>
- If on the other hand, your application requires security checks based on
contextual state or complex business rules,
+ If, on the other hand, your application requires security checks based on
contextual state or complex business rules,
then you will require the features provided by the advanced mode.
</para>
</section>
@@ -112,7 +112,7 @@
<para>
The authentication features provided by Seam Security are built upon JAAS (Java
Authentication and Authorization Service),
and as such provide a robust and highly configurable API for handling user
authentication. However, for less complex
- authentication requirements Seam offers a much more simplified method of
authentication that hides the complexity of JAAS.
+ authentication requirements Seam offers a simpler authentication method that hides
the complexity of JAAS.
</para>
<section>
@@ -324,7 +324,7 @@
<para>
To prevent users from receiving the default error page in response to a security
error, it's recommended that
- <literal>pages.xml</literal> is configured to redirect security
errors to a more "pretty" page. The two
+ <literal>pages.xml</literal> is configured to redirect security
errors to a more attractive page. The two
main types of exceptions thrown by the security API are:
</para>
@@ -394,8 +394,8 @@
</pages>]]></programlisting>
<para>
- (This is less of a blunt instrument than the exception handler shown above, but
should
- probably be used in conjunction with it.)
+ This is more refined than the previous exception handler, but should
+ probably be used in conjunction with it.
</para>
<para>
@@ -1045,8 +1045,7 @@
<para>
So how does the security API know whether a user has the
<literal>customer:modify</literal> permission
- for a specific customer? Seam Security provides quite a novel method for
determining user permissions,
- based on JBoss Rules. A couple of the advantages of using a rule engine are 1) a
centralized location
+ for a specific customer? Seam Security determines permissions based on JBoss
Rules. Some advantages of using a rule engine are 1) a centralized location
for the business logic that is behind each user permission, and 2) speed - JBoss
Rules uses very efficient
algorithms for evaluating large numbers of complex rules involving multiple
conditions.
</para>
@@ -1146,9 +1145,9 @@
<programlisting><![CDATA[c: PermissionCheck(name == "customer",
action == "delete")]]></programlisting>
<para>
- In plain english, this condition is stating that there must exist a
<literal>PermissionCheck</literal> object
+ This condition specifies that a <literal>PermissionCheck</literal>
object
with a <literal>name</literal> property equal to
"customer", and an <literal>action</literal> property equal
- to "delete" within the working memory.
+ to "delete" must exist within the working memory.
</para>
<para>