[seam-issues] [JBoss JIRA] (SEAMSECURITY-118) Seam Security documentation issues and comments
Marek Schmidt (Created) (JIRA)
jira-events at lists.jboss.org
Fri Oct 14 07:47:18 EDT 2011
Seam Security documentation issues and comments
-----------------------------------------------
Key: SEAMSECURITY-118
URL: https://issues.jboss.org/browse/SEAMSECURITY-118
Project: Seam Security
Issue Type: Bug
Affects Versions: 3.1.0.Beta3
Reporter: Marek Schmidt
Fix For: 3.1.0.Final
Security
1.2.1. Maven Dependencies
* "<seam.version>3.0.0.Final</seam.version>" should be changed to 3.1.0.Final
* "<artifactId>seam-security-impl</artifactId>" is no longer valud, should be seam-security (only if the suggested seam version "seam.version" is changed to e.g. 3.1.0.Final in the docs)
2.3. Which Authenticator will Seam use?
* "Seam Config" should be something like "Solder XML Config" instead, mentioned twice
3.4.3. Applying the binding to your business methods
* "Seam Catch" should be something like "Solder Exception Handling" instead
4.2.4. Credential
* the example of IdentityObjectCredential should probably contain annotations on "IdentityObject identityObject;" for clarity (as the getter is omitted)
(e.g. @ManyToOne @JoinColumn(name = "IDENTITY_OBJECT_ID")
5.2.2.1. Using OpenID as your only authentication method
* "Seam Config" should be something like "Solder XML Config" instead
* "<security:Identity>" should be "<security:IdentityImpl>"
* "<security:authenticatorClass>org.jboss.seam.security.external.openid.OpenIdAuthenticator</security:authenticator>" is invalid XML (end tag doesn't match)
5.2.4. Managing the OpenID authentication process
* "The API described in this section will likely be changed in a future version of Seam to allow for easier handling of the OpenID authentication lifecycle."
is this still true?
* "The above example assumes that the Seam Servlet module is used to allow injection of the ServletContext."
this note can probably be removed, as Servlet is now in Solder, or changed to reflect that Solder is now responsible for this.
Missing Pieces
# anything from org.jboss.seam.security.annotations.permission and org.jboss.seam.security.permission (Identifier, Permission, SecuredView...) is not documented
(is it supposed to be working yet?)
# package org.jboss.seam.security.annotations.rememberme (TokenValue, TokenUsername) is not documented (should it be removed?)
# security events are not documented (all events from org.jboss.seam.security.events except DeferredAuthenticationEvent, which is mentioned in an OpenID example)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the seam-issues
mailing list