JavaDoc corrections.

2025-07-30 06:03:32 +00:00 · 2006-05-29 15:06:32 +00:00 · 2006-05-29 15:06:32 +00:00 · b7a579f27a
commit b7a579f27a
parent a6ef43d827
21 changed files with 41 additions and 86 deletions
--- a/core/src/main/java/org/acegisecurity/Authentication.java
+++ b/core/src/main/java/org/acegisecurity/Authentication.java
@ -29,8 +29,7 @@ import java.security.Principal;
 * </p>
 * 
 * <p>
- * Stored in a request {@link
+ * Stored in a request {@link org.acegisecurity.context.SecurityContext}.
 * org.acegisecurity.context.security.SecurityContext}.
 * </p>
 *
 * @author Ben Alex
--- a/core/src/main/java/org/acegisecurity/concurrent/ConcurrentSessionController.java
+++ b/core/src/main/java/org/acegisecurity/concurrent/ConcurrentSessionController.java
@ -47,7 +47,7 @@ public interface ConcurrentSessionController {
    /**
     * Called by an <code>AuthenticationManager</code> when the authentication was successful. An
     * implementation is expected to register the authenticated user in some sort of registry, for future concurrent
-     * tracking via the {@link #checkConcurrentAuthentication(Authentication)} method.
+     * tracking via the {@link #checkAuthenticationAllowed(Authentication)} method.
     *
     * @param authentication the successfully authenticated user (never <code>null</code>)
     */
--- a/core/src/main/java/org/acegisecurity/concurrent/SessionRegistry.java
+++ b/core/src/main/java/org/acegisecurity/concurrent/SessionRegistry.java
@ -27,7 +27,7 @@ public interface SessionRegistry {
    /**
     * Obtains all the known principals in the <code>SessionRegistry</code>.
     *
-     * @return each of the unique principals, which can then be presented to {@link #getAllSessions(Object)}.
+     * @return each of the unique principals, which can then be presented to {@link #getAllSessions(Object, boolean)}.
     */
    public Object[] getAllPrincipals();
--- a/core/src/main/java/org/acegisecurity/event/authentication/InteractiveAuthenticationSuccessEvent.java
+++ b/core/src/main/java/org/acegisecurity/event/authentication/InteractiveAuthenticationSuccessEvent.java
@ -46,7 +46,7 @@ public class InteractiveAuthenticationSuccessEvent extends AbstractAuthenticatio
     * Getter for the <code>Class</code> that generated this event. This can be useful for generating
     * additional logging information.
     *
-     * @return
+     * @return the class
     */
    public Class getGeneratedBy() {
        return generatedBy;
--- a/core/src/main/java/org/acegisecurity/intercept/package.html
+++ b/core/src/main/java/org/acegisecurity/intercept/package.html
@ -8,17 +8,17 @@ secured, but instead refers to some infrastructure object that can have
 security facilities provided for it by the Acegi Security System for
 Spring. For example, one secure object would be
 <code>MethodInvocation</code>, whilst another would be HTTP {@link
-net.sf.acegisecurity.intercept.web.FilterInvocation}. Note these are
+org.acegisecurity.intercept.web.FilterInvocation}. Note these are
 infrastructure objects and their design allows them to represent a large
 variety of actual resources that might need to be secured, such as business
 objects or HTTP request URLs.
 </p>
 <P>Each secure object typically has its 
-own <code>net.sf.acegisecurity.intercept</code> package.
+own <code>org.acegisecurity.intercept</code> package.
 Each package usually includes a concrete security interceptor (which
-subclasses {@link net.sf.acegisecurity.intercept.AbstractSecurityInterceptor},
+subclasses {@link org.acegisecurity.intercept.AbstractSecurityInterceptor},
-an appropriate {@link net.sf.acegisecurity.intercept.ObjectDefinitionSource}
+an appropriate {@link org.acegisecurity.intercept.ObjectDefinitionSource}
 for the type of resources the secure object represents, and a property editor
 to populate the <code>ObjectDefinitionSource</code>.
--- a/core/src/main/java/org/acegisecurity/providers/dao/salt/ReflectionSaltSource.java
+++ b/core/src/main/java/org/acegisecurity/providers/dao/salt/ReflectionSaltSource.java
@ -27,9 +27,10 @@ import java.lang.reflect.Method;
 /**
- * Obtains a salt from a specified property of the {@link User} object.<P>This allows you to subclass
+ * Obtains a salt from a specified property of the {@link org.acegisecurity.userdetails.User} object.<P>This allows
- * <code>User</code> and provide an additional bean getter for a salt. You should use a synthetic value that does not
+ * you to subclass <code>User</code> and provide an additional bean getter for a salt. You should use a synthetic
- * change, such as a database primary key.  Do not use <code>username</code> if it is likely to change.</p>
+ * value that does not change, such as a database primary key.  Do not use <code>username</code> if it is likely to
 * change.</p>
 *
 * @author Ben Alex
 * @version $Id$
--- a/core/src/main/java/org/acegisecurity/providers/dao/salt/SystemWideSaltSource.java
+++ b/core/src/main/java/org/acegisecurity/providers/dao/salt/SystemWideSaltSource.java
@ -24,8 +24,8 @@ import org.springframework.beans.factory.InitializingBean;
 /**
 * Uses a static system-wide <code>String</code> as the salt.<P>Does not supply a different salt for each {@link
- * User}. This means users sharing the same password will still have the same digested password. Of benefit is the
+ * org.acegisecurity.userdetails.User}. This means users sharing the same password will still have the same digested
- * digested passwords will at least be more protected than if stored without any salt.</p>
+ * password. Of benefit is the digested passwords will at least be more protected than if stored without any salt.</p>
 *
 * @author Ben Alex
 * @version $Id$
--- a/core/src/main/java/org/acegisecurity/providers/rememberme/RememberMeAuthenticationProvider.java
+++ b/core/src/main/java/org/acegisecurity/providers/rememberme/RememberMeAuthenticationProvider.java
@ -37,8 +37,8 @@ import org.springframework.util.Assert;
 /**
 * An {@link AuthenticationProvider} implementation that validates {@link
 * org.acegisecurity.providers.rememberme.RememberMeAuthenticationToken}s.<p>To be successfully validated, the
- * {@link{@link org.acegisecurity.providers.rememberme.RememberMeAuthenticationToken#getKeyHash()} must match this
+ * {@link org.acegisecurity.providers.rememberme.RememberMeAuthenticationToken#getKeyHash()} must match this class'
- * class' {@link #getKey()}.</p>
+ * {@link #getKey()}.</p>
 */
 public class RememberMeAuthenticationProvider implements AuthenticationProvider, InitializingBean, MessageSourceAware {
    //~ Static fields/initializers =====================================================================================
--- a/core/src/main/java/org/acegisecurity/providers/x509/X509AuthenticationToken.java
+++ b/core/src/main/java/org/acegisecurity/providers/x509/X509AuthenticationToken.java
@ -36,9 +36,9 @@ public class X509AuthenticationToken extends AbstractAuthenticationToken {
    //~ Constructors ===================================================================================================
-/**
+    /**
-     * Used for an authentication request.  The {@link
+     * Used for an authentication request.  The {@link org.acegisecurity.Authentication#isAuthenticated()} will return
-     * Authentication#isAuthenticated()} will return <code>false</code>.
+     * <code>false</code>.
     *
     * @param credentials the certificate
     */
@ -47,9 +47,9 @@ public class X509AuthenticationToken extends AbstractAuthenticationToken {
        this.credentials = credentials;
    }
-/**
+    /**
-     * Used for an authentication response object. The {@link
+     * Used for an authentication response object. The {@link Authentication#isAuthenticated()}
-     * Authentication#isAuthenticated()} will return <code>true</code>.
+     * will return <code>true</code>.
     *
     * @param principal the principal, which is generally a
     *        <code>UserDetails</code>
--- a/core/src/main/java/org/acegisecurity/securechannel/ChannelDecisionManager.java
+++ b/core/src/main/java/org/acegisecurity/securechannel/ChannelDecisionManager.java
@ -28,12 +28,6 @@ import javax.servlet.ServletException;
 /**
 * Decides whether a web channel provides sufficient security.
 * 
 * <P>
 * If necessary due to the nature of the redirection, implementations should
 * store the original destination of the request in {@link
 * org.acegisecurity.ui.AbstractProcessingFilter#ACEGI_SECURITY_TARGET_URL_KEY}.
 * </p>
 *
 * @author Ben Alex
 * @version $Id$
 */
--- a/core/src/main/java/org/acegisecurity/taglibs/velocity/Authz.java
+++ b/core/src/main/java/org/acegisecurity/taglibs/velocity/Authz.java
@ -73,7 +73,7 @@ public interface Authz {
    /**
     * return true if the principal holds either permission specified for the provided domain object<P>Only
-     * works with permissions that are subclasses of {@link net.sf.acegisecurity.acl.basic.AbstractBasicAclEntry}.</p>
+     * works with permissions that are subclasses of {@link org.acegisecurity.acl.basic.AbstractBasicAclEntry}.</p>
     *  <p>For this class to operate it must be able to access the application context via the
     * <code>WebApplicationContextUtils</code> and locate an {@link AclManager}.</p>
     *
--- a/core/src/main/java/org/acegisecurity/ui/basicauth/BasicProcessingFilterEntryPoint.java
+++ b/core/src/main/java/org/acegisecurity/ui/basicauth/BasicProcessingFilterEntryPoint.java
@ -33,8 +33,8 @@ import javax.servlet.http.HttpServletResponse;
 * Used by the <code>SecurityEnforcementFilter</code> to commence authentication via the {@link
 * BasicProcessingFilter}.<P>Once a user agent is authenticated using BASIC authentication, logout requires that
 * the browser be closed or an unauthorized (401) header be sent. The simplest way of achieving the latter is to call
- * the {@link #commence(ServletRequest, ServletResponse)} method below. This will indicate to the browser its
+ * the {@link #commence(ServletRequest, ServletResponse, AuthenticationException)} method below. This will indicate to
- * credentials are no longer authorized, causing it to prompt the user to login again.</p>
+ * the browser its credentials are no longer authorized, causing it to prompt the user to login again.</p>
 *
 * @author Ben Alex
 * @version $Id$
--- a/core/src/main/java/org/acegisecurity/ui/rememberme/TokenBasedRememberMeServices.java
+++ b/core/src/main/java/org/acegisecurity/ui/rememberme/TokenBasedRememberMeServices.java
@ -71,7 +71,7 @@ import javax.servlet.http.HttpServletResponse;
 *  <p>This is a basic remember-me implementation which is suitable for many applications. However, we recommend a
 * database-based implementation if you require a more secure remember-me approach.</p>
 *  <p>By default the tokens will be valid for 14 days from the last successful authentication attempt. This can be
- * changed using {@link #setTokenValiditySeconds(int)}.</p>
+ * changed using {@link #setTokenValiditySeconds(long)}.</p>
 *
 * @author Ben Alex
 * @version $Id$
--- a/core/src/main/java/org/acegisecurity/ui/session/HttpSessionEventPublisher.java
+++ b/core/src/main/java/org/acegisecurity/ui/session/HttpSessionEventPublisher.java
@ -58,8 +58,7 @@ public class HttpSessionEventPublisher implements HttpSessionListener, ServletCo
    public void contextDestroyed(ServletContextEvent event) {}
    /**
-     * Handled internally by a call to {@link
+     * Handled internally by a call to {@link WebApplicationContextUtils#getWebApplicationContext(javax.servlet.ServletContext)}.
     * org.springframework.web.appContext.support.WebApplicationContextUtils#getRequiredWebApplicationContext(javax.servlet.ServletContext)}
     *
     * @param event the ServletContextEvent passed in by the container, event.getServletContext() will be used to get
     *        the WebApplicationContext
--- a/core/src/main/java/org/acegisecurity/userdetails/User.java
+++ b/core/src/main/java/org/acegisecurity/userdetails/User.java
@ -42,8 +42,7 @@ public class User implements UserDetails {
    //~ Constructors ===================================================================================================
 /**
-     * Construct the <code>User</code> with the details required by {@link
+     * Construct the <code>User</code> with the details required by {@link org.acegisecurity.providers.dao.DaoAuthenticationProvider}.
     * DaoAuthenticationProvider}.
     *
     * @param username the username presented to the
     *        <code>DaoAuthenticationProvider</code>
@ -67,8 +66,7 @@ public class User implements UserDetails {
    }
 /**
-     * Construct the <code>User</code> with the details required by {@link
+     * Construct the <code>User</code> with the details required by {@link org.acegisecurity.providers.dao.DaoAuthenticationProvider}.
     * DaoAuthenticationProvider}.
     *
     * @param username the username presented to the
     *        <code>DaoAuthenticationProvider</code>
@ -97,8 +95,7 @@ public class User implements UserDetails {
    }
 /**
-     * Construct the <code>User</code> with the details required by {@link
+     * Construct the <code>User</code> with the details required by {@link org.acegisecurity.providers.dao.DaoAuthenticationProvider}.
     * DaoAuthenticationProvider}.
     *
     * @param username the username presented to the
     *        <code>DaoAuthenticationProvider</code>
--- a/core/src/main/java/org/acegisecurity/userdetails/jdbc/JdbcDaoImpl.java
+++ b/core/src/main/java/org/acegisecurity/userdetails/jdbc/JdbcDaoImpl.java
@ -171,8 +171,8 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService {
    }
    /**
-     * If <code>true</code> (the default), indicates the {@link #getUsersByUsernameMapping()} returns a
+     * If <code>true</code> (the default), indicates the {@link #getUsersByUsernameQuery()} returns a username
-     * username in response to a query. If <code>false</code>, indicates that a primary key is used instead. If set to
+     * in response to a query. If <code>false</code>, indicates that a primary key is used instead. If set to
     * <code>true</code>, the class will use the database-derived username in the returned <code>UserDetails</code>.
     * If <code>false</code>, the class will use the {@link #loadUserByUsername(String)} derived username in the
     * returned <code>UserDetails</code>.
--- a/core/src/main/java/org/acegisecurity/util/FilterChainProxy.java
+++ b/core/src/main/java/org/acegisecurity/util/FilterChainProxy.java
@ -51,9 +51,9 @@ import javax.servlet.ServletResponse;
 /**
 * Delegates <code>Filter</code> requests to a list of Spring-managed beans.<p>The <code>FilterChainProxy</code> is
 * loaded via a standard {@link org.acegisecurity.util.FilterToBeanProxy} declaration in <code>web.xml</code>.
- * <code>FilterChainProxy</code> will then pass {@link #init(FilterConfig)}, {@link #destroy()}, {@link #doInit()} and
+ * <code>FilterChainProxy</code> will then pass {@link #init(FilterConfig)}, {@link #destroy()} and {@link
- * {@link #doFilter(ServletRequest, ServletResponse, FilterChain)} invocations through to each <code>Filter</code>
+ * #doFilter(ServletRequest, ServletResponse, FilterChain)} invocations through to each <code>Filter</code> defined
- * defined against <code>FilterChainProxy</code>.</p>
+ * against <code>FilterChainProxy</code>.</p>
 *  <p><code>FilterChainProxy</code> is configured using a standard {@link
 * org.acegisecurity.intercept.web.FilterInvocationDefinitionSource}. Each possible URI pattern that
 * <code>FilterChainProxy</code> should service must be entered. The first matching URI pattern located by
--- a/core/src/main/java/org/acegisecurity/vote/AbstractAclVoter.java
+++ b/core/src/main/java/org/acegisecurity/vote/AbstractAclVoter.java
@ -16,9 +16,7 @@
 package org.acegisecurity.vote;
 import org.acegisecurity.AuthorizationServiceException;
 import org.acegisecurity.ConfigAttribute;
 import org.acegisecurity.acl.AclEntry;
 import org.acegisecurity.acl.AclManager;
 import org.aopalliance.intercept.MethodInvocation;
@ -32,40 +30,6 @@ import org.springframework.util.Assert;
 /**
 * <p>Given a domain object instance passed as a method argument, ensures the principal has appropriate permission
 * as defined by the {@link AclManager}.</p>
 *  <p>The <code>AclManager</code> is used to retrieve the access control list (ACL) permissions associated with a
 * domain object instance for the current <code>Authentication</code> object. This class is designed to process {@link
 * AclEntry}s that are subclasses of {@link org.acegisecurity.acl.basic.BasicAclEntry} only. Generally these are
 * obtained by using the {@link org.acegisecurity.acl.basic.BasicAclProvider}.</p>
 *  <p>The voter will vote if any  {@link ConfigAttribute#getAttribute()} matches the {@link
 * #processConfigAttribute}. The provider will then locate the first method argument of type {@link
 * #processDomainObjectClass}. Assuming that method argument is non-null, the provider will then lookup the ACLs from
 * the <code>AclManager</code> and ensure the principal is {@link
 * org.acegisecurity.acl.basic.BasicAclEntry#isPermitted(int)} for at least one of the {@link #requirePermission}s.</p>
 *  <p>If the method argument is <code>null</code>, the voter will abstain from voting. If the method argument
 * could not be found, an {@link org.acegisecurity.AuthorizationServiceException} will be thrown.</p>
 *  <p>In practical terms users will typically setup a number of <code>BasicAclEntryVoter</code>s. Each will have a
 * different {@link #processDomainObjectClass}, {@link #processConfigAttribute} and {@link #requirePermission}
 * combination. For example, a small application might employ the following instances of
 * <code>BasicAclEntryVoter</code>:
 *  <ul>
 *      <li>Process domain object class <code>BankAccount</code>, configuration attribute
 *      <code>VOTE_ACL_BANK_ACCONT_READ</code>, require permission <code>SimpleAclEntry.READ</code></li>
 *      <li>Process domain object class <code>BankAccount</code>, configuration attribute
 *      <code>VOTE_ACL_BANK_ACCOUNT_WRITE</code>, require permission list <code>SimpleAclEntry.WRITE</code> and
 *      <code>SimpleAclEntry.CREATE</code> (allowing the principal to have <b>either</b> of these two permissions</li>
 *      <li>Process domain object class <code>Customer</code>, configuration attribute
 *      <code>VOTE_ACL_CUSTOMER_READ</code>, require permission <code>SimpleAclEntry.READ</code></li>
 *      <li>Process domain object class <code>Customer</code>, configuration attribute
 *      <code>VOTE_ACL_CUSTOMER_WRITE</code>, require permission list <code>SimpleAclEntry.WRITE</code> and
 *      <code>SimpleAclEntry.CREATE</code></li>
 *  </ul>
 *  Alternatively, you could have used a common superclass or interface for the {@link #processDomainObjectClass}
 * if both <code>BankAccount</code> and <code>Customer</code> had common parents.</p>
 *  <p>If the principal does not have sufficient permissions, the voter will vote to deny access.</p>
 *  <p>The <code>AclManager</code> is allowed to return any implementations of <code>AclEntry</code> it wishes.
 * However, this provider will only be able to validate against <code>AbstractBasicAclEntry</code>s, and thus a vote
 * to deny access will be made if no <code>AclEntry</code> is of type <code>AbstractBasicAclEntry</code>.</p>
 *  <p>All comparisons and prefixes are case sensitive.</p>
 *
 * @author Ben Alex
 * @version $Id$
--- a/core/src/main/java/org/acegisecurity/wrapper/SecurityContextHolderAwareRequestWrapper.java
+++ b/core/src/main/java/org/acegisecurity/wrapper/SecurityContextHolderAwareRequestWrapper.java
@ -120,9 +120,10 @@ public class SecurityContextHolderAwareRequestWrapper extends HttpServletRequest
    }
    /**
-     * Simple searches for an exactly matching {@link GrantedAuthority#getAuthority()}.<p>Will always return
+     * Simple searches for an exactly matching {@link org.acegisecurity.GrantedAuthority#getAuthority()}.<p>Will
-     * <code>false</code> if the <code>SecurityContextHolder</code> contains an <code>Authentication</code> with
+     * always return <code>false</code> if the <code>SecurityContextHolder</code> contains an
-     * <code>null</code><code>principal</code> and/or <code>GrantedAuthority[]</code> objects.</p>
+     * <code>Authentication</code> with <code>null</code><code>principal</code> and/or <code>GrantedAuthority[]</code>
     * objects.</p>
     *
     * @param role the <code>GrantedAuthority</code><code>String</code> representation to check for
     *
--- a/doc/deploy.bat
+++ b/doc/deploy.bat
@ -2,4 +2,4 @@ set MAVEN_OPTS=-Xmx768m -XX:MaxPermSize=512m
 call maven -Dmaven.jar.override=on -Dmaven.jar.clover-ant=1.3.3_01 clean
 call maven -Dmaven.jar.override=on -Dmaven.jar.clover-ant=1.3.3_01 multiproject:clean
 call maven -Dmaven.jar.override=on -Dmaven.jar.clover-ant=1.3.3_01 multiproject:artifact
-call maven -X -Dmaven.jar.override=on -Dmaven.jar.clover-ant=1.3.3_01 multiproject:site
+call maven -Dmaven.jar.override=on -Dmaven.jar.clover-ant=1.3.3_01 multiproject:site
--- a/project.properties
+++ b/project.properties
@ -16,7 +16,7 @@ maven.compile.source=1.3
 #signature.storepass=
 #signature.keystore=
-maven.javadoc.links=http://java.sun.com/j2se/1.5.0/docs/api/,http://www.springframework.org/docs/api/,http://jakarta.apache.org/commons/lang/api/index.html,http://developer.ja-sig.org/projects/cas/multiproject/cas-server/apidocs/index.html,http://jakarta.apache.org/commons/codec/apidocs/index.html,http://jakarta.apache.org/commons/collections/api/,http://jakarta.apache.org/commons/logging/apidocs/index.html,http://tomcat.apache.org/tomcat-5.0-doc/servletapi/index.html
+maven.javadoc.links=http://java.sun.com/j2se/1.5.0/docs/api/,http://www.springframework.org/docs/api/,http://jakarta.apache.org/commons/lang/api/,http://developer.ja-sig.org/projects/cas/multiproject/cas-server/apidocs/,http://jakarta.apache.org/commons/codec/apidocs/,http://jakarta.apache.org/commons/collections/api/,http://jakarta.apache.org/commons/logging/apidocs/,http://tomcat.apache.org/tomcat-5.0-doc/servletapi/
 maven.repo.remote=http://www.ibiblio.org/maven,http://acegisecurity.sourceforge.net/maven,http://svn.apache.org/repository/