Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-29 21:53:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-624: Replace hard-coded figures with xml:ids and xrefs

Browse Source
This commit is contained in:
Luke Taylor 2008-04-12 21:45:43 +00:00
parent a50c202ded
commit ca40295d7c
3 changed files with 48 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
src/docbkx/authorization-common.xml
View File

@ -93,21 +93,18 @@
<literal>AccessDecisionManager</literal> to control all aspects of <literal>AccessDecisionManager</literal> to control all aspects of
authorization, Spring Security includes several authorization, Spring Security includes several
<literal>AccessDecisionManager</literal> implementations that are <literal>AccessDecisionManager</literal> implementations that are
based on voting. Figure 4 illustrates the relevant classes.</para> based on voting. <xref linkend="authz-access-voting"/> illustrates the relevant classes.</para>
<figure xml:id="authz-access-voting">
<para><mediaobject> <title>Voting Decision Manager</title>
<mediaobject>
<imageobject role="fo"> <imageobject role="fo">
<imagedata align="center" fileref="resources/images/AccessDecisionVoting.gif" format="GIF"/> <imagedata align="center" fileref="resources/images/AccessDecisionVoting.gif" format="GIF"/>
</imageobject> </imageobject>
<imageobject role="html"> <imageobject role="html">
<imagedata align="center" fileref="images/AccessDecisionVoting.gif" format="GIF"/> <imagedata align="center" fileref="images/AccessDecisionVoting.gif" format="GIF"/>
</imageobject> </imageobject>
</mediaobject>
<caption> </figure>
<para>Figure 4: Voting Decision Manager</para>
</caption>
</mediaobject></para>
<para>Using this approach, a series of <para>Using this approach, a series of
<literal>AccessDecisionVoter</literal> implementations are polled on <literal>AccessDecisionVoter</literal> implementations are polled on
an authorization decision. The an authorization decision. The
@ -265,21 +262,23 @@ boolean supports(Class clazz);
several concrete implementations that integrate with its ACL several concrete implementations that integrate with its ACL
capabilities.</para> capabilities.</para>
<para>Figure 5 illustrates Spring Security's <para><xref linkend="authz-after-invocation"/> illustrates Spring Security's
<literal>AfterInvocationManager</literal> and its concrete <literal>AfterInvocationManager</literal> and its concrete
implementations.</para> implementations.
<para><mediaobject> <figure xml:id="authz-after-invocation">
<imageobject> <title>After Invocation Implementation</title>
<imagedata role="fo" align="center" fileref="resources/images/AfterInvocation.gif" format="GIF"/> <mediaobject>
<imageobject role="fo">
<imagedata align="center" fileref="resources/images/AfterInvocation.gif" format="GIF"/>
</imageobject> </imageobject>
<imageobject> <imageobject role="html">
<imagedata role="html" align="center" fileref="images/AfterInvocation.gif" format="GIF"/> <imagedata align="center" fileref="images/AfterInvocation.gif" format="GIF"/>
</imageobject> </imageobject>
<caption> </mediaobject>
<para>Figure 5: After Invocation Implementation</para>
</caption> </figure>
</mediaobject></para> </para>
<para>Like many other parts of Spring Security, <para>Like many other parts of Spring Security,
<literal>AfterInvocationManager</literal> has a single concrete <literal>AfterInvocationManager</literal> has a single concrete
@ -316,7 +315,6 @@ boolean supports(Class clazz);
<section xml:id="after-invocation-acl-aware"><info><title>ACL-Aware AfterInvocationProviders</title></info> <section xml:id="after-invocation-acl-aware"><info><title>ACL-Aware AfterInvocationProviders</title></info>
<para>PLEASE NOTE: Acegi Security 1.0.3 contains a preview of a new <para>PLEASE NOTE: Acegi Security 1.0.3 contains a preview of a new
ACL module. The new ACL module is a significant rewrite of the ACL module. The new ACL module is a significant rewrite of the
existing ACL module. The new module can be found under the existing ACL module. The new module can be found under the

42
src/docbkx/domain-acls-old.xml
View File

@ -104,21 +104,21 @@
<para>The <literal>org.springframework.security.acl</literal> package <para>The <literal>org.springframework.security.acl</literal> package
is very simple, comprising only a handful of interfaces and a single is very simple, comprising only a handful of interfaces and a single
class, as shown in Figure 6. It provides the basic foundation for class, as shown in <xref linkend="acl-manager"/>. It provides the basic foundation for
access control list (ACL) lookups.</para> access control list (ACL) lookups.
<para><mediaobject> <figure xml:id="acl-manager">
<imageobject> <title>Access Control List Manager</title>
<imagedata role="fo" align="center" fileref="resources/images/ACLSecurity.gif" format="GIF"/> <mediaobject>
<imageobject role="fo">
<imagedata align="center" fileref="resources/images/ACLSecurity.gif" format="GIF"/>
</imageobject> </imageobject>
<imageobject role="html"> <imageobject role="html">
<imagedata align="center" fileref="images/ACLSecurity.gif" format="GIF"/> <imagedata align="center" fileref="images/ACLSecurity.gif" format="GIF"/>
</imageobject> </imageobject>
</mediaobject>
<caption> </figure>
<para>Figure 6: Access Control List Manager</para> </para>
</caption>
</mediaobject></para>
<para>The central interface is <literal>AclManager</literal>, which is <para>The central interface is <literal>AclManager</literal>, which is
defined by two methods:</para> defined by two methods:</para>
@ -166,20 +166,19 @@ public AclEntry[] getAcls(java.lang.Object domainInstance, Authentication authen
implementation.</para> implementation.</para>
<para>Spring Security includes a production-quality ACL provider <para>Spring Security includes a production-quality ACL provider
implementation, which is shown in Figure 7.</para> implementation, which is shown in <xref linkend="acl-basic-mgr"/>.
<para><mediaobject> <figure xml:id="acl-basic-mgr">
<title>Basic ACL Manager</title>
<mediaobject>
<imageobject role="fo"> <imageobject role="fo">
<imagedata align="center" fileref="resources/images/BasicAclProvider.gif" format="GIF"/> <imagedata align="center" fileref="resources/images/BasicAclProvider.gif" format="GIF"/>
</imageobject> </imageobject>
<imageobject role="html"> <imageobject role="html">
<imagedata align="center" fileref="images/BasicAclProvider.gif" format="GIF"/> <imagedata align="center" fileref="images/BasicAclProvider.gif" format="GIF"/>
</imageobject> </imageobject>
</mediaobject>
<caption> </figure></para>
<para>Figure 7: Basic ACL Manager</para>
</caption>
</mediaobject></para>
<para>The implementation is based on integer masking, which is <para>The implementation is based on integer masking, which is
commonly used for ACL permissions given its flexibility and speed. commonly used for ACL permissions given its flexibility and speed.
@ -462,6 +461,8 @@ END;
<literal>GrantedAuthority</literal>[]s. Please refer to the JavaDocs <literal>GrantedAuthority</literal>[]s. Please refer to the JavaDocs
for more information.</para> for more information.</para>
<figure xml:id="acl-instantiation">
<title>ACL Instantiation Approach</title>
<mediaobject> <mediaobject>
<imageobject role="fo"> <imageobject role="fo">
<imagedata align="center" fileref="resources/images/Permissions.gif" format="GIF"/> <imagedata align="center" fileref="resources/images/Permissions.gif" format="GIF"/>
@ -469,13 +470,10 @@ END;
<imageobject role="html"> <imageobject role="html">
<imagedata align="center" fileref="images/Permissions.gif" format="GIF"/> <imagedata align="center" fileref="images/Permissions.gif" format="GIF"/>
</imageobject> </imageobject>
<caption>
<para>Figure 8: ACL Instantiation Approach</para>
</caption>
</mediaobject> </mediaobject>
</figure>
<para>The above figure explains the key relationships between objects <para><xref linkend="acl-instantiation"/> explains the key relationships between objects
in the Basic ACL package.</para> in the Basic ACL package.</para>
</section> </section>
</chapter> </chapter>

13
src/docbkx/technical-overview.xml
View File

@ -472,19 +472,20 @@ if (obj instanceof UserDetails) {
<para>Because <literal>AbstractSecurityInterceptor</literal> is the <para>Because <literal>AbstractSecurityInterceptor</literal> is the
central template class, it seems fitting that the first figure should central template class, it seems fitting that the first figure should
be devoted to it.</para> be devoted to it.
<para><mediaobject> <figure>
<title>The key "secure object" model</title>
<mediaobject>
<imageobject role="html"> <imageobject role="html">
<imagedata align="center" fileref="images/SecurityInterception.gif" format="GIF"/> <imagedata align="center" fileref="images/SecurityInterception.gif" format="GIF"/>
</imageobject> </imageobject>
<imageobject role="fo"> <imageobject role="fo">
<imagedata align="center" fileref="resources/images/SecurityInterception.gif" format="GIF"/> <imagedata align="center" fileref="resources/images/SecurityInterception.gif" format="GIF"/>
</imageobject> </imageobject>
<caption> </mediaobject>
<para>Figure 1: The key "secure object" model</para> </figure>
</caption> </para>
</mediaobject></para>
<para>Only developers contemplating an entirely new way of <para>Only developers contemplating an entirely new way of
intercepting and authorizing requests would need to use secure objects intercepting and authorizing requests would need to use secure objects