Author: laubai Date: 2009-11-24 02:35:44 -0500 (Tue, 24 Nov 2009) New Revision: 11669 Modified: tags/JBPAPP_4_3_CP07_FP_CR1a/doc/Seam_Reference_Guide/en-US/Security.xml Log: Edited Security chapter. Modified: tags/JBPAPP_4_3_CP07_FP_CR1a/doc/Seam_Reference_Guide/en-US/Security.xml =================================================================== --- tags/JBPAPP_4_3_CP07_FP_CR1a/doc/Seam_Reference_Guide/en-US/Security.xml 2009-11-24 07:14:11 UTC (rev 11668) +++ tags/JBPAPP_4_3_CP07_FP_CR1a/doc/Seam_Reference_Guide/en-US/Security.xml 2009-11-24 07:35:44 UTC (rev 11669) @@ -41,7 +41,7 @@ </para> <para> - If on the other hand, your application requires security checks based on contextual state or complex business rules, + If, on the other hand, your application requires security checks based on contextual state or complex business rules, then you will require the features provided by the advanced mode. </para> </section> @@ -112,7 +112,7 @@ <para> The authentication features provided by Seam Security are built upon JAAS (Java Authentication and Authorization Service), and as such provide a robust and highly configurable API for handling user authentication. However, for less complex - authentication requirements Seam offers a much more simplified method of authentication that hides the complexity of JAAS. + authentication requirements Seam offers a simpler authentication method that hides the complexity of JAAS. </para> <section> @@ -324,7 +324,7 @@ <para> To prevent users from receiving the default error page in response to a security error, it's recommended that - <literal>pages.xml</literal> is configured to redirect security errors to a more "pretty" page. The two + <literal>pages.xml</literal> is configured to redirect security errors to a more attractive page. The two main types of exceptions thrown by the security API are: </para> @@ -394,8 +394,8 @@ </pages>]]></programlisting> <para> - (This is less of a blunt instrument than the exception handler shown above, but should - probably be used in conjunction with it.) + This is more refined than the previous exception handler, but should + probably be used in conjunction with it. </para> <para> @@ -1045,8 +1045,7 @@ <para> So how does the security API know whether a user has the <literal>customer:modify</literal> permission - for a specific customer? Seam Security provides quite a novel method for determining user permissions, - based on JBoss Rules. A couple of the advantages of using a rule engine are 1) a centralized location + for a specific customer? Seam Security determines permissions based on JBoss Rules. Some advantages of using a rule engine are 1) a centralized location for the business logic that is behind each user permission, and 2) speed - JBoss Rules uses very efficient algorithms for evaluating large numbers of complex rules involving multiple conditions. </para> @@ -1146,9 +1145,9 @@ <programlisting><![CDATA[c: PermissionCheck(name == "customer", action == "delete")]]></programlisting> <para> - In plain english, this condition is stating that there must exist a <literal>PermissionCheck</literal> object + This condition specifies that a <literal>PermissionCheck</literal> object with a <literal>name</literal> property equal to "customer", and an <literal>action</literal> property equal - to "delete" within the working memory. + to "delete" must exist within the working memory. </para> <para>