directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alex Karasulu (JIRA)" <directory-...@incubator.apache.org>
Subject [jira] Commented: (DIR-179) User Documentation Update
Date Sat, 25 Feb 2006 20:54:55 GMT
    [ http://issues.apache.org/jira/browse/DIR-179?page=comments#action_12367780 ] 

Alex Karasulu commented on DIR-179:
-----------------------------------

Darn Ole scratch my comments earlier.  All these xdocs are generated.  The XML is generated
from the confluence docs that are on safehaus.  Take a look here:

http://docs.safehaus.org/display/APACHEDS/User%27s+Guide

I forgot to tell you this :(.  Man I'm mixing things up.  I'll take care of this then ...
meaning no need to do more with it ... I will update the stuff in confluence to generate this
properly by reading your patch and applying it to confluence manually.  Sorry for the complexity
and the confusion.

I'll take it from here on.

Thanks,
Alex


> User Documentation Update
> -------------------------
>
>          Key: DIR-179
>          URL: http://issues.apache.org/jira/browse/DIR-179
>      Project: Directory
>         Type: Task
>   Components: sitedocs
>  Environment: N/A
>     Reporter: Ole Ersoy
>     Assignee: Alex Karasulu
>     Priority: Minor

>
> Updates to the user documentation.  The subversion patch is pasted below.
> Index: /home/ole/workspace-mdc0/mdc.multi/users/authentication.xml
> ===================================================================
> --- /home/ole/workspace-mdc0/mdc.multi/users/authentication.xml	(revision 380975)
> +++ /home/ole/workspace-mdc0/mdc.multi/users/authentication.xml	(working copy)
> @@ -206,8 +206,8 @@
>          <p>
>  The authenticator class has to extend the
>  org.apache.ldap.server.auth.AbstractAuthenticator. This class needs to have a
> -no-argument constructor that calls the super() constructor with parameter the
> -authentication mechanism it is going to handle. In the above example,
> +no-argument constructor that calls the super() constructor with the authentication parameter
the mechanism is
> +going to handle.  In the above example,
>  MyAuthenticator class is going to handle the simple authentication mechanism. To
>  implement a SASL mechanism you need to call super() with the name of the SASL
>  mechanism, e.g. super( "DIGEST-MD5"
> Index: /home/ole/workspace-mdc0/mdc.multi/users/authorization.xml
> ===================================================================
> --- /home/ole/workspace-mdc0/mdc.multi/users/authorization.xml	(revision 380975)
> +++ /home/ole/workspace-mdc0/mdc.multi/users/authorization.xml	(working copy)
> @@ -36,7 +36,7 @@
>        <subsection heading="h3" name="Entry ACI">
>          <p>
>  Entry ACI are access controls added to entries to protect that entry
> -specifically. Meaning the protoected entry is the entry where the ACI resides.
> +specifically. Meaning the protected entry is the entry where the ACI resides.
>  When performing an operation on an entry, ApacheDS checks for the presence of
>  the multivalued operational attribute, *entryACI*. The values of the entryACI
>  attribute contain
> @@ -116,7 +116,7 @@
>  Access to subentries also needs to be controlled. Subentries are special in
>  ApacheDS. Although they subordinate to an administrative entry (entry of an
>  Administrative Point), they are technically considered to be in the same context
> -as their administrative entry. ApacheDS considers the perscriptive ACI applied
> +as their administrative entry. ApacheDS considers the prescriptive ACI applied
>  to the administrative entry, to also apply to its
>  subentries.</p>
>          <p>
> Index: /home/ole/workspace-mdc0/mdc.multi/users/collective.xml
> ===================================================================
> --- /home/ole/workspace-mdc0/mdc.multi/users/collective.xml	(revision 380975)
> +++ /home/ole/workspace-mdc0/mdc.multi/users/collective.xml	(working copy)
> @@ -30,7 +30,7 @@
>  collective attribute can be used in a subentry. Changes to the value of this
>  attribute would immediately be reflected to those entries selected by the
>  subtreeSpecification of subentry. For more information on specifying subtrees
> -take
> +take a look at
>  at
>            <a href="./subentries.html">Subentries</a>
>  .
> Index: /home/ole/workspace-mdc0/mdc.multi/users/configuration.xml
> ===================================================================
> --- /home/ole/workspace-mdc0/mdc.multi/users/configuration.xml	(revision 380975)
> +++ /home/ole/workspace-mdc0/mdc.multi/users/configuration.xml	(working copy)
> @@ -52,7 +52,7 @@
>  schemas&gt;)</li>
>            <li>
>  contextPartitionConfigurations - A collection of ContextPartitionConfigurations.
> -ContextPartitionConfiguration specified ContextPartitions that consist the
> +ContextPartitionConfiguration specified ContextPartitions that define the the
>  ApacheDS DIT. (Default: no context partitions except system
>  partition)</li>
>            <li>
> @@ -129,7 +129,7 @@
>      <section heading="h1" name="Using Spring Framework">
>        <p>
>  The configuration API is designed to fit tightly
> -with
> +with the
>          <a href="http://www.springframework.org/">Spring Framework</a>
>  . Here is an example beans xml
>  file:
> Index: /home/ole/workspace-mdc0/mdc.multi/users/enablesearchforallusers.xml
> ===================================================================
> --- /home/ole/workspace-mdc0/mdc.multi/users/enablesearchforallusers.xml	(revision 380975)
> +++ /home/ole/workspace-mdc0/mdc.multi/users/enablesearchforallusers.xml	(working copy)
> @@ -137,7 +137,7 @@
>  </source>
>        <p>
>  There are several parameters to this simple ACIItem.  Here's a breif
> -exaplanation of each field and it's meaning or
> +explanation of each field and it's meaning or
>  significance.</p>
>        <table>
>          <tr>
> @@ -191,7 +191,7 @@
>        </table>
>        <subsection heading="h2" name="identificationTag">
>          <p>
> -The identificationTag is just that a tag.  It's often used with a subtring
> +The identificationTag is just a tag that is used often with a subtring
>  search filter to lookup a specific ACIItem within an entry.  One or more
>  ACIItems may be present within a subentry, zero or more in entries, so this
>  serves as a means to address the ACIItem within
> @@ -199,7 +199,7 @@
>        </subsection>
>        <subsection heading="h2" name="precedence">
>          <p>
> -Precendence is used to determine the ACI to apply when two or more ACIItem's
> +Precedence is used to determine the ACI to apply when two or more ACIItem's
>  applied to an entry conflict.  The ACIItem with the highest precedence is
>  applied over other conflicting
>  ACIItems.</p>
> Index: /home/ole/workspace-mdc0/mdc.multi/users/index.xml
> ===================================================================
> --- /home/ole/workspace-mdc0/mdc.multi/users/index.xml	(revision 380975)
> +++ /home/ole/workspace-mdc0/mdc.multi/users/index.xml	(working copy)
> @@ -9,7 +9,7 @@
>      <section heading="h1" name="User's Guide">
>        <p>
>  This is a simple guide to various ApacheDS features to help users get going. 
> -It's be no means
> +It's by no means
>  extensive.</p>
>        <table>
>          <tr>
> @@ -83,7 +83,7 @@
>              <a href="./plugin.html">Plugin</a>
>            </td>
>            <td>
> -How to use the plugin to extends the
> +How to use the plugin to extend the
>  schema.</td>
>          </tr>
>        </table>
> Index: /home/ole/workspace-mdc0/mdc.multi/users/partitions.xml
> ===================================================================
> --- /home/ole/workspace-mdc0/mdc.multi/users/partitions.xml	(revision 380975)
> +++ /home/ole/workspace-mdc0/mdc.multi/users/partitions.xml	(working copy)
> @@ -133,8 +133,8 @@
>  on
>              <a href="http://www.prevayler.org/wiki.jsp">Prevayler</a>
>  . This is like an in-memory partition but you can save it at the end of the day.
> -This might be really useful especially for things the system partition which
> -almost always need to be in memory. The system partition can do this by using
> +This might be really useful for things like the system partition which
> +almost always needs to be in memory. The system partition can do this by using
>  really large caches equal to the number of entries in the system
>  partition.
>            </li>
> Index: /home/ole/workspace-mdc0/mdc.multi/users/subentries.xml
> ===================================================================
> --- /home/ole/workspace-mdc0/mdc.multi/users/subentries.xml	(revision 380975)
> +++ /home/ole/workspace-mdc0/mdc.multi/users/subentries.xml	(working copy)
> @@ -9,7 +9,7 @@
>      <section heading="h2" name="Introduction">
>        <p>
>  Subentries are used for managing the administration of different aspects of the
> -directory.  LDAP has just recently formalized the notion of subentires
> +directory.  LDAP has just recently formalized the notion of subentries
>  in
>          <a href="http://www.faqs.org/rfcs/rfc3672.html">RFC 3672</a>
>  .  Subentries have existed within X.500 Directories for years with clear
> @@ -87,7 +87,7 @@
>  Presume you're the uber directory administrator over at WallyWorld (a Walmart
>  competitor). Let's say WallyWorld uses their corporate directory for various
>  things including their product catalog. As the uber admin you're going to have a
> -bunch of people wanting access, update and even administer your directory.
> +bunch of people wanting the ability to access, update and administer the directory.
>  Entire departments within WallyWorld are going to want to control different
>  parts of the directory. Sales may want to manage the product catalog, while
>  operations may want to manage information in other areas dealing with suppliers
> @@ -117,7 +117,7 @@
>  Do you really want to manage the corporate product catalog or just let the sales
>  department manage it? But what do we mean by manage? You want sales people to
>  create, and delete entries but they may only trust a few people to do this.
> -Others may just view the catelog. Who are the people with add/remove powers and
> +Others may just view the catalog. Who are the people with add/remove powers and
>  why should you have to be involved with deciding this ever changing departmental
>  policy? Instead you can delegate the management of access controls in this area
>  to a administrative contact in the sales department. The sales contact can then
> @@ -125,7 +125,7 @@
>  sales than you are and they probably have more bandwidth to handle sales related
>  needs than you do. Delegating authority in this fashion is what X.500 engineers
>  pioneered in the early 80's with the telecom boom in Europe. They knew different
> -authorities will want to manage different aspects of directory administration
> +authorities would want to manage different aspects of directory administration
>  for themselves. These X.500 definitions are there to be able to talk about
>  administrative areas within the directory. Now let's get back to what these
>  things are
> @@ -137,7 +137,7 @@
>  have a partition hanging off of *'dc=example,dc=com'* with an *'ou=product
>  catalog'* area. You may want this area to be managed by the sales department
>  with respect to the content, schema, it's visibility, and collective attributes.
> -Perhaps you only want to delegate only one aspect of administration , access
> +Perhaps you only want to delegate one aspect of administration, access
>  control, since you don't want people messing around with schema. To do so you
>  can define everything under *'ou=product catalog'* to be an administrative area
>  specifically for access control and delegate that aspect only. In that case the
> Index: /home/ole/workspace-mdc0/mdc.multi/users/userclasses.xml
> ===================================================================
> --- /home/ole/workspace-mdc0/mdc.multi/users/userclasses.xml	(revision 380975)
> +++ /home/ole/workspace-mdc0/mdc.multi/users/userclasses.xml	(working copy)
> @@ -63,9 +63,8 @@
>        </table>
>        <p>
>  These are pretty intuitive. Two other user classes may be a bit less easy to
> -understand or may require some explanation. For these we discuss them in the
> -sections
> -below.</p>
> +understand or may require some explanation. These are discussed in the the following
sections.
> +</p>
>      </section>
>      <section heading="h2" name="User Class: userGroup">
>        <p>
> @@ -141,7 +140,7 @@
>  There is no reason to specify allUsers more than once. More than one type of
>  user class mechanism can be used as well. Again some combinations just will not
>  make sense like having a name based userClass then allUsers. The following
> -ACIItem grants delete abilities to a set of users using more than one machanism.
> +ACIItem grants delete abilities to a set of users using more than one mechanism.
>  It allows jbean, jdoe, all users in the Administrators group to delete entries.
>  It also allows requestors to delete their own user
>  entry.</p>
> Here's a change list I created manuallly (It contains things I did not update, but thought
was in need of 
> clarification...):
> Users Guide
>      - http://directory.apache.org/subprojects/apacheds/docs/users/index.html
>      
>      -------------------------------------------------------------------------
>      "be" >> "by" in "be no means extensive"
>      -------------------------------------------------------------------------
>      extends >> extend in "Using Maven to extends the Schema"
>      -------------------------------------------------------------------------     
>      
>      http://directory.apache.org/subprojects/apacheds/docs/users/authentication.html
>      -------------------------------------------------------------------------     
>      parameter the authentication mechanism it is going to handle
>      
>      Interpretation/Fix:
>      the authentication parameter the mechanism is going to handle
>      -------------------------------------------------------------------------
>      
>      http://directory.apache.org/subprojects/apacheds/docs/users/authorization.html
>      -------------------------------------------------------------------------     
>      protoected  >> protected
>      -------------------------------------------------------------------------
>     
>      NOT FIXED
>     
>      If allowed users can arbitrarily add entries where they wanted by putting 
>      entryACI into the new entry being added.
>      
>      
>      Interpretation:
>      entryACI protect individual entries.  So if I were to only allow Alex and 
>      Stefan to update a specific entry, I would store the entryACI in this entry,
>      and that entryACI would say that only Alex and Stefan are allowed to update it.
>      
>      So when I originally add this entry, I would put the entryACI in along with the

>      entry right?
>      
>      If the add operation consulted the entryACI, and I'm not in it, might that 
>      bar me from adding the entry?
>      
>      Also, if I add myself to the entryACI, then I could add subentries, etc. right?
>      Is that what we mean by:
>      
>      "If allowed users can arbitrarily add entries where they wanted by putting 
>      entryACI into the new entry being added"?  I would think not, since if I add
>      myself and I have the authority to add myself, then all is good.
>      
>      -------------------------------------------------------------------------    
>      
>      perscriptive >> prescriptive
>      
>      http://directory.apache.org/subprojects/apacheds/docs/users/subentries.html
>      -------------------------------------------------------------------------    
>      subentires >> subentries	
>      -------------------------------------------------------------------------    
>      wanting access, update and even administer the directory
>      >> wanting the ability to access, update and administer the directory
>      -------------------------------------------------------------------------      
  
>      catelog.  >> catalog
>      -------------------------------------------------------------------------    
>      
>      "will">>"would" in "They knew different
>       authorities would want to manage different aspects of directory administration
>       for themselves." 
>      -------------------------------------------------------------------------    
>           
>      Perhaps you only want to delegate only one aspect of administration , 
>      >> Perhaps you only want to delegate one aspect of administration,
>      -------------------------------------------------------------------------    
>      NOT FIXED
>      disconnected set of selected based 
>      >> ?????
>      -------------------------------------------------------------------------
>      
>      
>      
>      http://directory.apache.org/subprojects/apacheds/docs/users/enablesearchforallusers.html
>      -------------------------------------------------------------------------
>      exaplanation >> explanation
>      -------------------------------------------------------------------------
>      The identificationTag is just that a tag
>      >>
>      The identificationTag is just a tag that is used often with a subtring
> 	 search filter to lookup a specific ACIItem within an entry.
>      -------------------------------------------------------------------------
>      Precendence>>Precedence
>      -------------------------------------------------------------------------
>      
>      
>      
>      
>      http://directory.apache.org/subprojects/apacheds/docs/users/userclasses.html
>      -------------------------------------------------------------------------
>      These are discussed in the the following sections..
>      -------------------------------------------------------------------------
>      machanism.>>mechanism
>      -------------------------------------------------------------------------
>      
>      http://directory.apache.org/subprojects/apacheds/docs/users/collective.html
>      -------------------------------------------------------------------------
>      more information on specifying subtrees take at Subentries
>      >>
>      For more information on specifying subtrees
> 	 take a look at at
>      -------------------------------------------------------------------------
>      
>      http://directory.apache.org/subprojects/apacheds/docs/users/configuration.html
>      -------------------------------------------------------------------------
>      DOUBLE CHECK THIS
>       that consist the ApacheDS DIT
>       >>
>       ContextPartitionConfiguration specifies ContextPartitions that define the
>       ApacheDS DIT.
>       -------------------------------------------------------------------------
>       
>       with Spring Framework
>       >>
>       The configuration API is designed to fit tightly
>       with the
>       -------------------------------------------------------------------------
>       
>       http://directory.apache.org/subprojects/apacheds/docs/users/partitions.html
>       
>       really useful especially for things the system partition which almost always need
to be in memory
>       >>
>       This might be really useful for things like the system partition which
> 	  almost always needs to be in memory. 

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message