Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added info on project jars and downloads to manual

This commit is contained in:
Luke Taylor 2009-10-08 00:15:49 +00:00
parent 0e9452c17c
commit 523d5eac10
3 changed files with 140 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

95
docs/manual/src/docbook/community.xml
View File

@ -1,59 +1,50 @@
<chapter xmlns="http://docbook.org/ns/docbook" version="5.0"
xml:id="community"
xmlns:xlink="http://www.w3.org/1999/xlink" >
<chapter xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="community"
xmlns:xlink="http://www.w3.org/1999/xlink">
<info>
<title>Spring Security Community</title></info>
<section xml:id="jira">
<info><title>Issue Tracking</title></info>
<para>Spring Security uses JIRA to manage bug reports and enhancement
requests. If you find a bug, please log a report using JIRA. Do not
log it on the support forum, mailing list or by emailing the project's
developers. Such approaches are ad-hoc and we prefer to manage bugs
using a more formal process.</para>
<para>If possible, in your issue report please provide a JUnit test
that demonstrates any incorrect behaviour. Or, better yet, provide a
patch that corrects the issue. Similarly, enhancements are welcome to
be logged in the issue tracker, although we only accept enhancement requests
if you include corresponding unit tests. This is necessary to ensure
project test coverage is adequately maintained.</para>
<para>You can access the issue tracker at
<link xlink:href="http://jira.springframework.org/browse/SEC">http://jira.springframework.org/browse/SEC</link>.
</para>
</section>
<section xml:id="becoming-involved">
<info><title>Becoming Involved</title></info>
<para>We welcome your involvement in Spring Security project.
There are many ways of contributing, including reading the forum
and responding to questions from other people, writing new code,
improving existing code, assisting with documentation, developing
samples or tutorials, or simply making suggestions.</para>
<!-- TODO: Not currently there on SSec 2.0
<title>Spring Security Community</title>
</info>
<section xml:id="jira">
<info>
<title>Issue Tracking</title>
</info>
<para>Spring Security uses JIRA to manage bug reports and enhancement requests. If you find
a bug, please log a report using JIRA. Do not log it on the support forum, mailing list
or by emailing the project's developers. Such approaches are ad-hoc and we prefer to
manage bugs using a more formal process.</para>
<para>If possible, in your issue report please provide a JUnit test that demonstrates any
incorrect behaviour. Or, better yet, provide a patch that corrects the issue. Similarly,
enhancements are welcome to be logged in the issue tracker, although we only accept
enhancement requests if you include corresponding unit tests. This is necessary to
ensure project test coverage is adequately maintained.</para>
<para>You can access the issue tracker at <link
xlink:href="http://jira.springframework.org/browse/SEC"
>http://jira.springframework.org/browse/SEC</link>. </para>
</section>
<section xml:id="becoming-involved">
<info>
<title>Becoming Involved</title>
</info>
<para>We welcome your involvement in the Spring Security project. There are many ways of
contributing, including reading the forum and responding to questions from other people,
writing new code, improving existing code, assisting with documentation, developing
samples or tutorials, or simply making suggestions.</para>
<!-- TODO: Not currently there on SSec 2.0
<para>Please read our project policies web page that is available on
Spring Security home page. This explains the path to become a
committer, and the administration approaches we use within the
project.</para>
-->
</section>
<section xml:id="further-info">
<info><title>Further Information</title></info>
<para>Questions and comments on Spring Security are welcome. You can use the
Spring Community Forum web site at
<uri xlink:href="http://forum.springframework.org">http://forum.springframework.org</uri>
to discuss Spring Security with other users of the framework.
Remember to use JIRA for bug reports, as explained above.
Everyone is also welcome to join the Acegisecurity-developer mailing
list and participate in design discussions. The
traffic volume is very light.</para>
</section>
</chapter>
</section>
<section xml:id="further-info">
<info>
<title>Further Information</title>
</info>
<para>Questions and comments on Spring Security are welcome. You can use the Spring
Community Forum web site at <uri xlink:href="http://forum.springframework.org"
>http://forum.springsource.org</uri> to discuss Spring Security with other users of
the framework. Remember to use JIRA for bug reports, as explained above. Everyone is
also welcome to join the Acegisecurity-developer mailing list and participate in design
discussions. The traffic volume is very light.</para>
</section>
</chapter>

118
docs/manual/src/docbook/introduction.xml
View File

@ -2,7 +2,7 @@
<chapter version="5.0" xml:id="introduction" xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink">
<title>Introduction</title>
<sect1 xml:id="what-is-acegi-security">
<section xml:id="what-is-acegi-security">
<title>What is Spring Security?</title>
<para>Spring Security provides comprehensive security services for J2EE-based enterprise
software applications. There is a particular emphasis on supporting projects built using
@ -161,8 +161,8 @@
Specification web pattern security, EJB Container Managed Security and file system
security respectively. Spring Security provides deep capabilities in all of these
important areas, which we'll explore later in this reference guide.</para>
</sect1>
<sect1 xml:id="history">
</section>
<section xml:id="history">
<title>History</title>
<para>Spring Security began in late 2003 as "The Acegi Security System for Spring". A
question was posed on the Spring Developers' mailing list asking whether there had been
@ -181,7 +181,7 @@
Container Managed Security was relied upon for the authentication process, with Acegi
Security instead focusing on authorization. This was suitable at first, but as more and
more users requested additional container support, the fundamental limitation of
container-specific authentication realm interfaces was experienced. There was also a
container-specific authentication realm interfaces became clear. There was also a
related issue of adding new JARs to the container's classpath, which was a common source
of end user confusion and misconfiguration.</para>
<para>Acegi Security-specific authentication services were subsequently introduced. Around a
@ -190,13 +190,13 @@
use in numerous production software projects and many hundreds of improvements and
community contributions.</para>
<para>Acegi Security became an official Spring Portfolio project towards the end of 2007 and
was rebranded as "Spring Security".</para>
was rebranded as <quote>Spring Security</quote>.</para>
<para>Today Spring Security enjoys a strong and active open source community. There are
thousands of messages about Spring Security on the support forums. There is an active
core of developers work who work on the code itself and an active community which also
core of developers who work on the code itself and an active community which also
regularly share patches and support their peers.</para>
</sect1>
<sect1 xml:id="release-numbering">
</section>
<section xml:id="release-numbering">
<title>Release Numbering</title>
<para>It is useful to understand how Spring Security release numbers work, as it will help
you identify the effort (or lack thereof) involved in migrating to future releases of
@ -209,22 +209,88 @@
the API. MINOR versions retain source and binary compatibility with older minor
versions, and changes in the PATCH level are perfectly compatible, forwards and
backwards.</quote></para>
</sect1>
<sect1 xml:id="get-source">
<title>Getting the Source</title>
<para> Since Spring Security is an Open Source project, we'd strongly encourage you to check
out the source code using subversion. This will give you full access to all the sample
applications and you can build the most up to date version of the project easily. Having
the source for a project is also a huge help in debugging. Exception stack traces are no
longer obscure black-box issues but you can get straight to the line that's causing the
problem and work out what's happening. The source is the ultimate documentation for a
project and often the simplest place to find out how something actually works. </para>
<para> To obtain the source for the project trunk, use the following subversion command:
<programlisting>
svn checkout https://src.springframework.org/svn/spring-security/trunk/
</programlisting>
You can checkout specific versions from
<literal>https://src.springframework.org/svn/spring-security/tags/</literal>.
</para>
</sect1>
</section>
<section xml:id="get-spring-security">
<title>Getting Spring Security</title>
<para>You can get hold of Spring Security in several ways. You can download a packaged
distribution from the main Spring <link
xlink:href="http://www.springsource.com/download/community?project=Spring%20Security"
>download page</link>, download individual jars (and sample WAR files) from the
Maven Central repository (or a SpringSource Maven repository for snapshot and milestone
releases). Alternatively, you can build the project from source yourself. See the
project web site for more details. </para>
<section xml:id="modules">
<title>Project Modules</title>
<para>In Spring Security 3.0, the codebase has been sub-divided into separate jars which
more clearly separate different functionaltiy areas and third-party dependencies. If
you are using Maven to build your project, then these are the modules you will add
to your <filename>pom.xml</filename>. Even if you're not using Maven, we'd recommend
that you consult the <filename>pom.xml</filename> files to get an idea of
third-party dependencies and versions. Alternatively, a good idea is to examine the
libraries that are included in the sample applications.</para>
<section xml:id="spring-security-core">
<title>Core - <literal>spring-security-core.jar</literal></title>
<para>Contains core authentication and access-contol classes and interfaces,
remoting support and basic provisioning APIs. Required by any application which
uses Spring Security. Supports standalone applications, remote clients, method
(service layer) security and JDBC user provisioning. Contains the top-level packages:<itemizedlist><listitem><para><literal>org.springframework.security.core</literal></para></listitem><listitem><para><literal>org.springframework.security.access</literal></para></listitem><listitem><para><literal>org.springframework.security.authentication</literal></para></listitem><listitem><para><literal>org.springframework.security.provisioning</literal></para></listitem><listitem><para><literal>org.springframework.security.remoting</literal></para></listitem></itemizedlist></para>
</section>
<section xml:id="spring-security-web">
<title>Web - <literal>spring-security-web.jar</literal></title>
<para>Contains filters and related web-security infrastructure code. Anything with a
servlet API dependency. You'll need it if you require Spring Security web
authentication services and URL-based access-control. The main package is
<literal>org.springframework.security.web</literal>.</para>
</section>
<section xml:id="spring-security-config">
<title>Config - <literal>spring-security-config.jar</literal></title>
<para>Contains the security namespace parsing code (and hence nothing that you are
likely yo use directly in your application). You need it if you are using the
Spring Security XML namespace for configuration. The main package is
<literal>org.springframework.security.config</literal>.</para>
</section>
<section xml:id="spring-security-ldap">
<title>LDAP - <literal>spring-security-ldap.jar</literal></title>
<para>LDAP authentication and provisioning code. Required if you need to use LDAP
authentication or manage LDAP user entries. The top-level package is
<literal>org.springframework.security.ldap</literal>.</para>
</section>
<section xml:id="spring-security-acl">
<title>ACL - <literal>spring-security-acl.jar</literal></title>
<para>Specialized domain object ACL implementation. Used to apply security to
specific domain object instances within your application. The top-level package
is <literal>org.springframework.security.acls</literal>.</para>
</section>
<section xml:id="spring-security-cas">
<title>CAS - <literal>spring-security-cas-client.jar</literal></title>
<para>Spring Security's CAS client integration. If you want to use Spring Security
web authentication with a CAS single sign-on server. The top-level package is
<literal>org.springframework.security.cas</literal>.</para>
</section>
<section xml:id="spring-security-openid">
<title>OpenID - <literal>spring-security-openid.jar</literal></title>
<para>OpenID web authentication support. Used to authenticate users against an
external OpenID server. <literal>org.springframework.security.openid</literal>.
Requires OpenID4Java.</para>
</section>
</section>
<section xml:id="get-source">
<title>Checking out the Source</title>
<para> Since Spring Security is an Open Source project, we'd strongly encourage you to
check out the source code using subversion. This will give you full access to all
the sample applications and you can build the most up to date version of the project
easily. Having the source for a project is also a huge help in debugging. Exception
stack traces are no longer obscure black-box issues but you can get straight to the
line that's causing the problem and work out what's happening. The source is the
ultimate documentation for a project and often the simplest place to find out how
something actually works. </para>
<para> To obtain the source for the project trunk, use the following subversion command:
<programlisting>
svn checkout https://src.springframework.org/svn/spring-security/trunk/
</programlisting>
You can checkout specific versions from
<literal>https://src.springframework.org/svn/spring-security/tags/</literal>.
</para>
</section>
</section>
</chapter>

7
docs/manual/src/docbook/springsecurity.xml
View File

@ -76,7 +76,10 @@
approach where you have to wire up all the implementation classes individually. </para>
<para> We'll also take a look at the sample applications that are available. It's worth trying
to run these and experimenting with them a bit even before you read the later sections - you
can dip back into them as your understanding of the framework increases. </para>
can dip back into them as your understanding of the framework increases. Please also check
out the <link xlink:href="http://static.springsource.org/spring-security/site/index.html">project website</link> as
it has useful information on building the project, plus links to articles, videos and tutorials.
</para>
</partintro>
<xi:include href="introduction.xml"/>
<xi:include href="namespace-config.xml"/>
@ -112,7 +115,7 @@
<xi:include href="core-filters.xml"/>
<xi:include href="basic-and-digest-auth.xml"/>
<xi:include href="remember-me-authentication.xml"/>
<xi:include href="concurrent-sessions.xml"/>
<xi:include href="session-mgmt.xml"/>
<xi:include href="anon-auth-provider.xml"/>
</part>
<!--