Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Minor doc updates

This commit is contained in:
Luke Taylor 2008-05-28 13:38:33 +00:00
parent d63536cc0d
commit 87ba871605
1 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/docbkx/common-auth-services.xml
View File

@ -6,13 +6,13 @@
<title>Mechanisms, Providers and Entry Points</title>
</info>
<para>If you're using Spring Security-provided authentication
approaches, you'll usually need to configure a web filter, together
<para>To use Spring Security's authentication services,
you'll usually need to configure a web filter, together
with an <literal>AuthenticationProvider</literal> and
<literal>AuthenticationEntryPoint</literal>. In this section we are
going to explore an example application that needs to support both
form-based authentication (ie so a nice HTML page is presented to a
user for them to login) plus BASIC authentication (ie so a web service
form-based authentication (so a nice HTML page is presented to a
user for them to login) and BASIC authentication (so a web service
or similar can access protected resources).</para>
<para>In the web.xml, this application will need a single Spring
@ -236,7 +236,9 @@
<literal>UserDetailsService</literal> interfaces. The contract for
this latter interface consists of a single method:</para>
<para><programlisting>public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException;</programlisting></para>
<para><programlisting>
UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException;
</programlisting></para>
<para>The returned <literal>UserDetails</literal> is an interface that
provides getters that guarantee non-null provision of basic
@ -245,7 +247,7 @@
authentication providers will use a
<literal>UserDetailsService</literal>, even if the username and
password are not actually used as part of the authentication decision.
Generally such provider will be using the returned
Generally such providers will be using the returned
<literal>UserDetails</literal> object just for its
<literal>GrantedAuthority[]</literal> information, because some other
system (like LDAP or X509 or CAS etc) has undertaken the