[seam-commits] Seam SVN: r11669 - tags/JBPAPP_4_3_CP07_FP_CR1a/doc/Seam_Reference_Guide/en-US.
seam-commits at lists.jboss.org
seam-commits at lists.jboss.org
Tue Nov 24 02:35:44 EST 2009
Author: laubai
Date: 2009-11-24 02:35:44 -0500 (Tue, 24 Nov 2009)
New Revision: 11669
Modified:
tags/JBPAPP_4_3_CP07_FP_CR1a/doc/Seam_Reference_Guide/en-US/Security.xml
Log:
Edited Security chapter.
Modified: tags/JBPAPP_4_3_CP07_FP_CR1a/doc/Seam_Reference_Guide/en-US/Security.xml
===================================================================
--- tags/JBPAPP_4_3_CP07_FP_CR1a/doc/Seam_Reference_Guide/en-US/Security.xml 2009-11-24 07:14:11 UTC (rev 11668)
+++ tags/JBPAPP_4_3_CP07_FP_CR1a/doc/Seam_Reference_Guide/en-US/Security.xml 2009-11-24 07:35:44 UTC (rev 11669)
@@ -41,7 +41,7 @@
</para>
<para>
- If on the other hand, your application requires security checks based on contextual state or complex business rules,
+ If, on the other hand, your application requires security checks based on contextual state or complex business rules,
then you will require the features provided by the advanced mode.
</para>
</section>
@@ -112,7 +112,7 @@
<para>
The authentication features provided by Seam Security are built upon JAAS (Java Authentication and Authorization Service),
and as such provide a robust and highly configurable API for handling user authentication. However, for less complex
- authentication requirements Seam offers a much more simplified method of authentication that hides the complexity of JAAS.
+ authentication requirements Seam offers a simpler authentication method that hides the complexity of JAAS.
</para>
<section>
@@ -324,7 +324,7 @@
<para>
To prevent users from receiving the default error page in response to a security error, it's recommended that
- <literal>pages.xml</literal> is configured to redirect security errors to a more "pretty" page. The two
+ <literal>pages.xml</literal> is configured to redirect security errors to a more attractive page. The two
main types of exceptions thrown by the security API are:
</para>
@@ -394,8 +394,8 @@
</pages>]]></programlisting>
<para>
- (This is less of a blunt instrument than the exception handler shown above, but should
- probably be used in conjunction with it.)
+ This is more refined than the previous exception handler, but should
+ probably be used in conjunction with it.
</para>
<para>
@@ -1045,8 +1045,7 @@
<para>
So how does the security API know whether a user has the <literal>customer:modify</literal> permission
- for a specific customer? Seam Security provides quite a novel method for determining user permissions,
- based on JBoss Rules. A couple of the advantages of using a rule engine are 1) a centralized location
+ for a specific customer? Seam Security determines permissions based on JBoss Rules. Some advantages of using a rule engine are 1) a centralized location
for the business logic that is behind each user permission, and 2) speed - JBoss Rules uses very efficient
algorithms for evaluating large numbers of complex rules involving multiple conditions.
</para>
@@ -1146,9 +1145,9 @@
<programlisting><![CDATA[c: PermissionCheck(name == "customer", action == "delete")]]></programlisting>
<para>
- In plain english, this condition is stating that there must exist a <literal>PermissionCheck</literal> object
+ This condition specifies that a <literal>PermissionCheck</literal> object
with a <literal>name</literal> property equal to "customer", and an <literal>action</literal> property equal
- to "delete" within the working memory.
+ to "delete" must exist within the working memory.
</para>
<para>
More information about the seam-commits
mailing list