You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by md...@apache.org on 2014/05/07 18:31:05 UTC
svn commit: r1593062 - in /jackrabbit/oak/branches/1.0: ./ oak-doc/
oak-doc/src/site/markdown/security/authentication/tokenmanagement.md
oak-doc/src/site/markdown/security/principal.md
oak-doc/src/site/markdown/security/principal/differences.md
Author: mduerig
Date: Wed May 7 16:31:05 2014
New Revision: 1593062
URL: http://svn.apache.org/r1593062
Log:
OAK-301: Document Oak
Merged r1592809
Modified:
jackrabbit/oak/branches/1.0/ (props changed)
jackrabbit/oak/branches/1.0/oak-doc/ (props changed)
jackrabbit/oak/branches/1.0/oak-doc/src/site/markdown/security/authentication/tokenmanagement.md
jackrabbit/oak/branches/1.0/oak-doc/src/site/markdown/security/principal.md
jackrabbit/oak/branches/1.0/oak-doc/src/site/markdown/security/principal/differences.md
Propchange: jackrabbit/oak/branches/1.0/
------------------------------------------------------------------------------
Merged /jackrabbit/oak/trunk:r1592809
Propchange: jackrabbit/oak/branches/1.0/oak-doc/
------------------------------------------------------------------------------
Merged /jackrabbit/oak/trunk/oak-doc:r1592809
Modified: jackrabbit/oak/branches/1.0/oak-doc/src/site/markdown/security/authentication/tokenmanagement.md
URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.0/oak-doc/src/site/markdown/security/authentication/tokenmanagement.md?rev=1593062&r1=1593061&r2=1593062&view=diff
==============================================================================
--- jackrabbit/oak/branches/1.0/oak-doc/src/site/markdown/security/authentication/tokenmanagement.md (original)
+++ jackrabbit/oak/branches/1.0/oak-doc/src/site/markdown/security/authentication/tokenmanagement.md Wed May 7 16:31:05 2014
@@ -22,4 +22,9 @@ _todo_
- TokenProvider
-- TokenInfo
\ No newline at end of file
+- TokenInfo
+
+
+### Custom TokenProvider
+
+_todo_
\ No newline at end of file
Modified: jackrabbit/oak/branches/1.0/oak-doc/src/site/markdown/security/principal.md
URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.0/oak-doc/src/site/markdown/security/principal.md?rev=1593062&r1=1593061&r2=1593062&view=diff
==============================================================================
--- jackrabbit/oak/branches/1.0/oak-doc/src/site/markdown/security/principal.md (original)
+++ jackrabbit/oak/branches/1.0/oak-doc/src/site/markdown/security/principal.md Wed May 7 16:31:05 2014
@@ -18,8 +18,50 @@
Principal Management
--------------------------------------------------------------------------------
-_TODO_
+### Characteristics of the Principal Management Implementation
-### Differences wrt Jackrabbit 2.x
+The default implementation of the principal management API basically corresponds
+to the default in Jackrabbit 2.x and is based on the user management implementation.
+Note however, that as of Oak only a single principal provider is exposed on the
+SPI level (used to be multiple principal providers with the LoginModule configuration
+in Jackrabbit 2.x). See the configuration section below for details.
-see the corresponding [documentation](principal/differences.html).
\ No newline at end of file
+#### Differences wrt Jackrabbit 2.x
+
+See the corresponding [documentation](principal/differences.html).
+
+### API Extensions
+
+- [PrincipalProvider]: SPI level access to principals known to the repository
+which is also used by the default implementation of the `PrincipalManager` interface.
+This interface replaces the internal `PrincipalProvider` interface present in
+Jackrabbit 2.x. Note, that principals from different sources can be supported by
+using [CompositePrincipalProvider] or a similar implementation that proxies
+different sources.
+
+##### Special Principals
+- [AdminPrincipal]: Marker interface to identify the principal associated with administrative user(s).
+- [EveryonePrincipal]: built-in group principal implementation that has every other valid principal as member.
+- [SystemPrincipal]: built-in principal implementation to mark system internal subjects.
+
+### Configuration
+
+The [PrincipalConfiguration] is the Oak level entry point to obtain a new
+[PrincipalManager] or [PrincipalProvider] as well as principal related configuration
+options. The default implementation of the [PrincipalManager] interface is based
+on Oak API and can equally be used for privilege related tasks in the Oak layer.
+
+Note, that in contrast to Jackrabbit 2.x the system may only have one single principal
+provider implementation configured. In order to combine principals from different
+sources a implementation that properly handles the different sources is required;
+the [CompositePrincipalProvider] is an example that combines multiple implementations.
+
+<!-- references -->
+
+[PrincipalManager]: http://svn.apache.org/repos/asf/jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/principal/PrincipalManager.java
+[PrincipalProvider]: /oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.html
+[CompositePrincipalProvider]: /oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.html
+[AdminPrincipal]: /oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/principal/AdminPrincipal.html
+[EveryonePrincipal]: /oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/principal/EveryonePrincipal.html
+[SystemPrincipal]: /oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/principal/SystemPrincipal.html
+[PrincipalConfiguration]: /oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/principal/PrincipalConfiguration.html
Modified: jackrabbit/oak/branches/1.0/oak-doc/src/site/markdown/security/principal/differences.md
URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.0/oak-doc/src/site/markdown/security/principal/differences.md?rev=1593062&r1=1593061&r2=1593062&view=diff
==============================================================================
--- jackrabbit/oak/branches/1.0/oak-doc/src/site/markdown/security/principal/differences.md (original)
+++ jackrabbit/oak/branches/1.0/oak-doc/src/site/markdown/security/principal/differences.md Wed May 7 16:31:05 2014
@@ -16,46 +16,31 @@
-->
### Principal Management : Differences wrt Jackrabbit 2.x
-#### 1. Characteristics of the Principal Management Implementation
+#### Replacement for internal Jackrabbit interfaces and classes
-The default implementation of the principal management API basically corresponds
-to the default in Jackrabbit 2.x and is based on the user management implementation.
-Note however, that as of OAK only a single principal provider is exposed on the
-SPI level (used to be multiple principal providers with the LoginModule configuration
-in Jackrabbit 2.x). See the configuration section below for details.
+As of Oak 1.0 the following interfaces and class that were internal to Jackrabbit
+have been made part of public API exposed by Oak:
-#### 2. API Extensions
-
-- `PrincipalProvider` [0]: SPI level access to principals known to the repository
-which is also used by the default implementation of the `PrincipalManager` interface.
-This interface replaces the internal PrincipalProvider interface present in
-Jackrabbit 2.x. Note, that principals from different sources can be supported by
-using `CompositePrincipalProvider` [1] or a similar implementation that proxies
-different sources.
-
-##### Special Principals
-- `AdminPrincipal`: Marker interface to identify the principal associated with administrative user(s) [2].
-- `EveryonePrincipal`: built-in group principal implementation that has every other valid principal as member [3].
-- `SystemPrincipal`: built-in principal implementation to mark system internal subjects [4].
-
-#### 3. Configuration
-
-##### PrincipalConfiguration [5]:
-- `getPrincipalManager` -> returns a new instance of o.a.j.api.security.principal.PrincipalManager [6] (see also `JackrabbitSession#getPrincipalManager()`
-- `getPrincipalProvider` -> returns a new instance of principal provider. Note, that in contrast to Jackrabbit 2.x the system may only have one single principal provider implementation configured. In order to combine principals from different sources a implementation that properly handles the different sources is required; the `CompositePrincipalProvider` [1] is an example that combines multiple implementations.
-
-#### 4. References
-
-[0] http://svn.apache.org/repos/asf/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java
-
-[1] http://svn.apache.org/repos/asf/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java
-
-[2] http://svn.apache.org/repos/asf/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/AdminPrincipal.java
-
-[3] http://svn.apache.org/repos/asf/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/EveryonePrincipal.java
-
-[4] http://svn.apache.org/repos/asf/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/SystemPrincipal.java
-
-[5] http://svn.apache.org/repos/asf/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalConfiguration.java
-
-[6] http://svn.apache.org/repos/asf/jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/principal/PrincipalManager.java
\ No newline at end of file
+- [org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider]: corresponds to o.a.j.core.security.principal.PrincipalProvider
+- [org.apache.jackrabbit.oak.spi.security.principal.AdminPrincipal]: corresponds to o.a.j.core.security.principal.AdminPrincipal
+- [org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal]: corresponds to o.a.j.core.security.principal.EveryonePrincipal
+- [org.apache.jackrabbit.oak.spi.security.principal.SystemPrincipal]: corresponds to o.a.j.core.security.SystemPrincipal
+
+#### Combine principals from different sources
+
+In contrast to Jackrabbit 2.x Oak only deals with a single `PrincipalProvider`. In
+order to combine principals from different sources a implementation that properly
+handles the different sources is required; the [CompositePrincipalProvider] is an
+example that combines multiple implementations.
+
+NOTE: see [OAK-1798] for an improvement to ease pluggability of custom `PrincipalProvider`
+implementations.
+
+<!-- references -->
+
+[org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider]: http://svn.apache.org/repos/asf/jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/principal/PrincipalManager.java
+[CompositePrincipalProvider]: /oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.html
+[org.apache.jackrabbit.oak.spi.security.principal.AdminPrincipal]: /oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/principal/AdminPrincipal.html
+[org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal]: /oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/principal/EveryonePrincipal.html
+[org.apache.jackrabbit.oak.spi.security.principal.SystemPrincipal]: /oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/principal/SystemPrincipal.html
+[OAK-1798]: https://issues.apache.org/jira/browse/OAK-1798