[jboss-cvs] jboss-seam/doc/reference/en/modules ...
Shane Bryzak
Shane_Bryzak at symantec.com
Wed Feb 14 08:15:15 EST 2007
User: sbryzak2
Date: 07/02/14 08:15:15
Modified: doc/reference/en/modules security.xml
Log:
Updated to describe simplified and advanced modes
Revision Changes Path
1.39 +57 -3 jboss-seam/doc/reference/en/modules/security.xml
(In the diff below, changes in quantity of whitespace are not shown.)
Index: security.xml
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/doc/reference/en/modules/security.xml,v
retrieving revision 1.38
retrieving revision 1.39
diff -u -b -r1.38 -r1.39
--- security.xml 14 Feb 2007 07:59:09 -0000 1.38
+++ security.xml 14 Feb 2007 13:15:15 -0000 1.39
@@ -7,11 +7,51 @@
</para>
<sect1>
+ <title>Overview</title>
+
+ <para>
+ Seam Security provides two different modes of operation:
+ </para>
+
+ <itemizedlist>
+ <listitem>
+ <para>
+ <emphasis>simplified mode</emphasis> - this mode supports authentication services
+ and simple role-based security checks.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <emphasis>advanced mode</emphasis> - this mode supports all the same features as the simplified mode,
+ plus it offers rule-based security checks using JBoss Rules.
+ </para>
+ </listitem>
+ </itemizedlist>
+
+ <sect2>
+ <title>Which mode is right for my application?</title>
+
+ <para>
+ That all depends on the requirements of your application. If you have minimal security requirements, for example
+ if you only wish to restrict certain pages and actions to users who are logged in, or who belong to a certain role,
+ then the simplified mode will probably be sufficient. The advantages of this is a more simplified configuration,
+ significantly less libraries to include, and a smaller memory footprint.
+ </para>
+
+ <para>
+ If on the other hand, your application requires security checks based on contextual state or complex business rules,
+ then you will require the features provided by the advanced mode.
+ </para>
+ </sect2>
+ </sect1>
+
+ <sect1>
<title>Requirements</title>
<para>
- The following jar files are required to be configured as modules in <literal>application.xml</literal> to use
- Seam Security:
+ If using the advanced mode features of Seam Security, the following jar files are required to be configured as modules in
+ <literal>application.xml</literal>. If you are using Seam Security in simplified mode, these are <emphasis>not</emphasis>
+ required:
</para>
<itemizedlist>
@@ -92,6 +132,17 @@
</components>]]></programlisting>
<para>
+ If you wish to use the advanced security features such as rule-based permission checks, you must instead
+ configure the identity like this:
+ </para>
+
+ <programlisting><![CDATA[
+
+ <security:drools-identity authenticate-method="#{authenticator.authenticate}"/>
+
+</components>]]></programlisting>
+
+ <para>
The EL expression <literal>#{authenticator.authenticate}</literal> is a method binding indicating that
the <literal>authenticate</literal> method of the <literal>authenticator</literal> component will be used
to authenticate the user.
@@ -348,7 +399,10 @@
<para>
There are a number of authorization features provided by the Seam Security API for securing access to
- components, component methods, and pages. This section describes each of these.
+ components, component methods, and pages. This section describes each of these. An important thing to
+ note is that if you wish to use any of the advanced features (such as rule-based permissions) then
+ your <literal>components.xml</literal> must be configured to support this - see the Configuration section
+ above.
</para>
<sect2>
More information about the jboss-cvs-commits
mailing list