Minor corrections to namespace chapter. Fixed image paths for pdf version

2025-07-12 21:33:30 +00:00 · 2008-04-09 23:35:29 +00:00 · 2008-04-09 23:35:29 +00:00 · 10e6ed20cf
commit 10e6ed20cf
parent 6de01e0079
5 changed files with 65 additions and 49 deletions
--- a/src/docbkx/authorization-common.xml
+++ b/src/docbkx/authorization-common.xml
@ -95,6 +95,9 @@ public boolean supports(Class clazz);</programlisting></para>
    based on voting. Figure 4 illustrates the relevant classes.</para>
    <para><mediaobject>
        <imageobject role="fo">
          <imagedata align="center" fileref="resources/images/AccessDecisionVoting.gif" format="GIF"/>
        </imageobject>
        <imageobject role="html">
          <imagedata align="center" fileref="images/AccessDecisionVoting.gif" format="GIF"/>
        </imageobject>
@ -266,7 +269,10 @@ public boolean supports(Class clazz);</programlisting></para>
    <para><mediaobject>
        <imageobject>
-          <imagedata align="center" fileref="images/AfterInvocation.gif" format="GIF"/>
+          <imagedata role="fo" align="center" fileref="resources/images/AfterInvocation.gif" format="GIF"/>
        </imageobject>
        <imageobject>
          <imagedata role="html" align="center" fileref="images/AfterInvocation.gif" format="GIF"/>
        </imageobject>
        <caption>
--- a/src/docbkx/domain-acls-old.xml
+++ b/src/docbkx/domain-acls-old.xml
@ -108,6 +108,9 @@
    access control list (ACL) lookups.</para>
    <para><mediaobject>
        <imageobject>
          <imagedata role="fo" align="center" fileref="resources/images/ACLSecurity.gif" format="GIF"/>
        </imageobject>
        <imageobject role="html">
          <imagedata align="center" fileref="images/ACLSecurity.gif" format="GIF"/>
        </imageobject>
@ -166,6 +169,9 @@ public AclEntry[] getAcls(java.lang.Object domainInstance, Authentication authen
    implementation, which is shown in Figure 7.</para>
    <para><mediaobject>
        <imageobject role="fo">
          <imagedata align="center" fileref="resources/images/BasicAclProvider.gif" format="GIF"/>
        </imageobject>
        <imageobject role="html">
          <imagedata align="center" fileref="images/BasicAclProvider.gif" format="GIF"/>
        </imageobject>
@ -457,6 +463,9 @@ END;
    for more information.</para>
    <mediaobject>
      <imageobject role="fo">
        <imagedata align="center" fileref="resources/images/Permissions.gif" format="GIF"/>
      </imageobject>
      <imageobject role="html">
        <imagedata align="center" fileref="images/Permissions.gif" format="GIF"/>
      </imageobject>
--- a/src/docbkx/namespace-config.xml
+++ b/src/docbkx/namespace-config.xml
@ -23,7 +23,7 @@
  <security:ldap-server />
 ]]></programlisting>
      This is much simpler than wiring up the equivalent Apache Directory Server beans. The most
-      common alterative configuration requirements are supported by attributes on the
+      common alternative configuration requirements are supported by attributes on the
      <literal>ldap-server</literal>
      element and the user is isolated from worrying about which beans they need to be set on and
      what the bean property names are.
@ -126,7 +126,7 @@
    <section>
      <info><title><literal>web.xml</literal> Configuration</title></info>
      <para>
-       The first thing you need to do is add the following fiter declaration to your
+       The first thing you need to do is add the following filter declaration to your
      <literal>web.xml</literal>
      file:
      <programlisting>
@ -196,7 +196,7 @@
      </para>
      <para>
        At this point you should be able to start up your application and you will be required to
-        log in to proceed. Try it out, or try experimenting with the "tutorial" sample applicaition
+        log in to proceed. Try it out, or try experimenting with the "tutorial" sample application
        that comes with the project. The above configuration actually adds quite a few services to
        the application because we have used the
        <literal>auto-config</literal>
@ -222,19 +222,23 @@
  </http>
  ]]>
          </programlisting>
-         These other elements are responsible for setting up form-login,  see 
+         These other elements are responsible for setting up form-login, 
          <link xlink:href="#anonymous">anonymous authentication</link>, basic authentication, logout handling and remember-me services
          respectively. They each have attributes which can be used to alter their behaviour. For example, if you
          want to supply your own login page, you could use:
          <programlisting><![CDATA[
  <http auto-config='true'>
    <intercept-url pattern="/login.jsp*" filters="none"/>  
    <intercept-url pattern="/**" access="ROLE_USER" />
    <form-login login-page='/login.jsp'/>
  </http>
  ]]>
          </programlisting>
          Note that you can still use <literal>auto-config</literal>. The <literal>form-login</literal> element just overrides the 
-          default settings. If you want to use basic authentication instead of form login, then change the configuration to
+          default settings. Also note that we've added an extra <literal>intercept-url</literal> element to say that any requests
          for the login page should be excluded from processing by the security filters. Otherwise the request would be matched by
          the pattern <literal>/**</literal> and it wouldn't be possible to access the login page itself!
          If you want to use basic authentication instead of form login, then change the configuration to
          <programlisting><![CDATA[
  <http auto-config='true'>
    <intercept-url pattern="/**" access="ROLE_USER" />
@ -247,34 +251,35 @@
          through a login form embedded in another web page.
        </para>
      </section>
-      <section>
+    </section>
-        <title>Configuring other Authentication Providers</title>
+    <section>
-        <para>
+      <title>Configuring other Authentication Providers</title>
-          In practice you will need a more scalable source of user information than a few names added to the context file.
+      <para>
-          Most likely you will want to store your user information in something like a database or an LDAP server. LDAP namespace
+        In practice you will need a more scalable source of user information than a few names added to the context file.
-          configuration is dealt with in the <link xlink:href="#ldap">LDAP chapter</link>, so we won't cover it here. If you have a
+        Most likely you will want to store your user information in something like a database or an LDAP server. LDAP namespace
-          custom implementation of Spring Security's <classname>UserDetailsService</classname>, called "myUserDetailsService" in your
+        configuration is dealt with in the <link xlink:href="#ldap">LDAP chapter</link>, so we won't cover it here. If you have a
-          application context, then you can authenticate against this using
+        custom implementation of Spring Security's <classname>UserDetailsService</classname>, called "myUserDetailsService" in your
-          <programlisting><![CDATA[
+        application context, then you can authenticate against this using
        <programlisting><![CDATA[
  <authentication-provider user-service-ref='myUserDetailsService'/>
  ]]>
-          </programlisting>
+        </programlisting>
-          If you want to use a database, then you can use 
+        If you want to use a database, then you can use 
-          <programlisting><![CDATA[
+        <programlisting><![CDATA[
  <authentication-provider>
    <jdbc-user-service data-source-ref="securityDataSource"/>
  </authentication-provider>
  ]]>
-          </programlisting>
+        </programlisting>
-          Where "securityDataSource" is the name of a <classname>DataSource</classname> bean in the application context,
+        Where "securityDataSource" is the name of a <classname>DataSource</classname> bean in the application context,
-          pointing at a database containing the standard Spring Security user data tables. Alternatively, you could configure
+        pointing at a database containing the standard Spring Security user data tables. Alternatively, you could configure
-          a Spring Security <classname>JdbcDaoImpl</classname> bean and point at that using the <literal>user-service-ref</literal>
+        a Spring Security <classname>JdbcDaoImpl</classname> bean and point at that using the <literal>user-service-ref</literal>
-          attribute.
+        attribute.
-        </para>
+      </para>
-        <section><title>Adding a Password Encoder</title>
+      <section><title>Adding a Password Encoder</title>
        <para>
-          Often your password data will be encoded using a hashing algorithm. This is supported by the <literal>&gt;password-encoder&lt;</literal>
+          Often your password data will be encoded using a hashing algorithm. This is supported by the <literal>&lt;password-encoder&gt;</literal>
-          element. With SHA-encoded passwords, the original authentication provider configuration would look like this: 
+          element. With SHA encoded passwords, the original authentication provider configuration would look like this: 
          <programlisting><![CDATA[
  <authentication-provider>
    <password-encoder hash="sha"/>
@ -286,22 +291,20 @@
  ]]>
          </programlisting> 
        </para>
-          <para>
+        <para>
-            When using hashed passwords, it's also a good idea to use a salt value to protect against dictionary attacks and Spring Security supports this too.
+          When using hashed passwords, it's also a good idea to use a salt value to protect against dictionary attacks and Spring Security supports this too.
-            Ideally you would want to use a randomly generated salt value for each user, but you can use any property of the <classname>UserDetails</classname>
+          Ideally you would want to use a randomly generated salt value for each user, but you can use any property of the <classname>UserDetails</classname>
-            object which is loaded by your <classname>UserDetailsService</classname>. For example, to use the <literal>username</literal> property, you would use
+          object which is loaded by your <classname>UserDetailsService</classname>. For example, to use the <literal>username</literal> property, you would use
-            <programlisting><![CDATA[
+          <programlisting><![CDATA[
    <password-encoder hash="sha">
      <salt-source user-property="username"/>
    </password-encoder>
    ]]></programlisting>
-            You can use a custom password ecoder bean by using the <literal>ref</literal> attribute of <literal>password-encoder</literal>. This should
+          You can use a custom password encoder bean by using the <literal>ref</literal> attribute of <literal>password-encoder</literal>. This should
-            contain the name of a bean in the application context which is an instance of Spring Security's <interfacename>PasswordEncoder</interfacename>
+          contain the name of a bean in the application context which is an instance of Spring Security's <interfacename>PasswordEncoder</interfacename>
-            interface.
+          interface.
-          </para>
+        </para>
        </section>
      </section>
    </section>
  </section>
 </chapter>
--- a/src/docbkx/springsecurity.xml
+++ b/src/docbkx/springsecurity.xml
@ -84,16 +84,18 @@
  <part xml:id="getting-started">
    <title>Getting Started</title>
    <partintro>
-    <para>The remaining parts of this guide provide an in-depth discussion of the
+    <para>The later parts of this guide provide an in-depth discussion of the
      framework architecture and implementation classes, an understanding of which is important
      if you need to do any serious customization. In this part, we take a slightly
      gentler look at how to get started using some of the features of Spring Security 2.0.
-      The use of namespace configuration provides a much simpler path to securing
+      In particular, the use of namespace configuration provides a much simpler path to securing
      your application with little or no knowledge of the classes involved, unlike the traditional
      Spring bean approach which required you to configure large numbers of beans.
    </para>
    </partintro>
    <xi:include href="introduction.xml" />    
    <xi:include href="namespace-config.xml" />
  </part>
@ -109,8 +111,6 @@
      are necessary to successfully planning and executing a Spring Security
      integration.</para>
    </partintro>
    <xi:include href="introduction.xml" />
    <xi:include href="technical-overview.xml" />
--- a/src/docbkx/technical-overview.xml
+++ b/src/docbkx/technical-overview.xml
@ -1,8 +1,8 @@
-<chapter xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="technical-overview"><info><title>Technical Overview</title></info>
+<chapter xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="technical-overview">
  <info><title>Technical Overview</title></info>
-
+  <section xml:id="runtime-environment">
-  <section xml:id="runtime-environment"><info><title>Runtime Environment</title></info>
+    <info><title>Runtime Environment</title></info>
    <para>Spring Security is written to execute within a standard Java 1.4
    Runtime Environment. It also supports Java 5.0, although the Java
@ -477,11 +477,9 @@ String username = obj.toString();
        <imageobject role="html">
          <imagedata align="center" fileref="images/SecurityInterception.gif" format="GIF"/>
        </imageobject>
        <imageobject role="fo">
-          <imagedata align="center" fileref="images/SecurityInterception.gif" format="GIF"/>
+          <imagedata align="center" fileref="resources/images/SecurityInterception.gif" format="GIF"/>
        </imageobject>
        <caption>
          <para>Figure 1: The key "secure object" model</para>
        </caption>