directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stefan Zoerner (JIRA)" <directory-...@incubator.apache.org>
Subject [jira] Closed: (DIR-179) User Documentation Update
Date Sat, 17 Feb 2007 17:10:06 GMT

     [ https://issues.apache.org/jira/browse/DIR-179?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Stefan Zoerner closed DIR-179.
------------------------------

    Resolution: Fixed

Done by Alex long ago.

> User Documentation Update
> -------------------------
>
>                 Key: DIR-179
>                 URL: https://issues.apache.org/jira/browse/DIR-179
>             Project: Directory
>          Issue Type: Task
>          Components: sitedocs
>         Environment: N/A
>            Reporter: Ole Ersoy
>         Assigned To: Ole Ersoy
>            Priority: Minor
>
> Updates to the user documentation.  The subversion patch is pasted below.
> Index: /home/ole/workspace-mdc0/mdc.multi/users/authentication.xml
> ===================================================================
> --- /home/ole/workspace-mdc0/mdc.multi/users/authentication.xml	(revision 380975)
> +++ /home/ole/workspace-mdc0/mdc.multi/users/authentication.xml	(working copy)
> @@ -206,8 +206,8 @@
>          <p>
>  The authenticator class has to extend the
>  org.apache.ldap.server.auth.AbstractAuthenticator. This class needs to have a
> -no-argument constructor that calls the super() constructor with parameter the
> -authentication mechanism it is going to handle. In the above example,
> +no-argument constructor that calls the super() constructor with the authentication parameter
the mechanism is
> +going to handle.  In the above example,
>  MyAuthenticator class is going to handle the simple authentication mechanism. To
>  implement a SASL mechanism you need to call super() with the name of the SASL
>  mechanism, e.g. super( "DIGEST-MD5"
> Index: /home/ole/workspace-mdc0/mdc.multi/users/authorization.xml
> ===================================================================
> --- /home/ole/workspace-mdc0/mdc.multi/users/authorization.xml	(revision 380975)
> +++ /home/ole/workspace-mdc0/mdc.multi/users/authorization.xml	(working copy)
> @@ -36,7 +36,7 @@
>        <subsection heading="h3" name="Entry ACI">
>          <p>
>  Entry ACI are access controls added to entries to protect that entry
> -specifically. Meaning the protoected entry is the entry where the ACI resides.
> +specifically. Meaning the protected entry is the entry where the ACI resides.
>  When performing an operation on an entry, ApacheDS checks for the presence of
>  the multivalued operational attribute, *entryACI*. The values of the entryACI
>  attribute contain
> @@ -116,7 +116,7 @@
>  Access to subentries also needs to be controlled. Subentries are special in
>  ApacheDS. Although they subordinate to an administrative entry (entry of an
>  Administrative Point), they are technically considered to be in the same context
> -as their administrative entry. ApacheDS considers the perscriptive ACI applied
> +as their administrative entry. ApacheDS considers the prescriptive ACI applied
>  to the administrative entry, to also apply to its
>  subentries.</p>
>          <p>
> Index: /home/ole/workspace-mdc0/mdc.multi/users/collective.xml
> ===================================================================
> --- /home/ole/workspace-mdc0/mdc.multi/users/collective.xml	(revision 380975)
> +++ /home/ole/workspace-mdc0/mdc.multi/users/collective.xml	(working copy)
> @@ -30,7 +30,7 @@
>  collective attribute can be used in a subentry. Changes to the value of this
>  attribute would immediately be reflected to those entries selected by the
>  subtreeSpecification of subentry. For more information on specifying subtrees
> -take
> +take a look at
>  at
>            <a href="./subentries.html">Subentries</a>
>  .
> Index: /home/ole/workspace-mdc0/mdc.multi/users/configuration.xml
> ===================================================================
> --- /home/ole/workspace-mdc0/mdc.multi/users/configuration.xml	(revision 380975)
> +++ /home/ole/workspace-mdc0/mdc.multi/users/configuration.xml	(working copy)
> @@ -52,7 +52,7 @@
>  schemas&gt;)</li>
>            <li>
>  contextPartitionConfigurations - A collection of ContextPartitionConfigurations.
> -ContextPartitionConfiguration specified ContextPartitions that consist the
> +ContextPartitionConfiguration specified ContextPartitions that define the the
>  ApacheDS DIT. (Default: no context partitions except system
>  partition)</li>
>            <li>
> @@ -129,7 +129,7 @@
>      <section heading="h1" name="Using Spring Framework">
>        <p>
>  The configuration API is designed to fit tightly
> -with
> +with the
>          <a href="http://www.springframework.org/">Spring Framework</a>
>  . Here is an example beans xml
>  file:
> Index: /home/ole/workspace-mdc0/mdc.multi/users/enablesearchforallusers.xml
> ===================================================================
> --- /home/ole/workspace-mdc0/mdc.multi/users/enablesearchforallusers.xml	(revision 380975)
> +++ /home/ole/workspace-mdc0/mdc.multi/users/enablesearchforallusers.xml	(working copy)
> @@ -137,7 +137,7 @@
>  </source>
>        <p>
>  There are several parameters to this simple ACIItem.  Here's a breif
> -exaplanation of each field and it's meaning or
> +explanation of each field and it's meaning or
>  significance.</p>
>        <table>
>          <tr>
> @@ -191,7 +191,7 @@
>        </table>
>        <subsection heading="h2" name="identificationTag">
>          <p>
> -The identificationTag is just that a tag.  It's often used with a subtring
> +The identificationTag is just a tag that is used often with a subtring
>  search filter to lookup a specific ACIItem within an entry.  One or more
>  ACIItems may be present within a subentry, zero or more in entries, so this
>  serves as a means to address the ACIItem within
> @@ -199,7 +199,7 @@
>        </subsection>
>        <subsection heading="h2" name="precedence">
>          <p>
> -Precendence is used to determine the ACI to apply when two or more ACIItem's
> +Precedence is used to determine the ACI to apply when two or more ACIItem's
>  applied to an entry conflict.  The ACIItem with the highest precedence is
>  applied over other conflicting
>  ACIItems.</p>
> Index: /home/ole/workspace-mdc0/mdc.multi/users/index.xml
> ===================================================================
> --- /home/ole/workspace-mdc0/mdc.multi/users/index.xml	(revision 380975)
> +++ /home/ole/workspace-mdc0/mdc.multi/users/index.xml	(working copy)
> @@ -9,7 +9,7 @@
>      <section heading="h1" name="User's Guide">
>        <p>
>  This is a simple guide to various ApacheDS features to help users get going. 
> -It's be no means
> +It's by no means
>  extensive.</p>
>        <table>
>          <tr>
> @@ -83,7 +83,7 @@
>              <a href="./plugin.html">Plugin</a>
>            </td>
>            <td>
> -How to use the plugin to extends the
> +How to use the plugin to extend the
>  schema.</td>
>          </tr>
>        </table>
> Index: /home/ole/workspace-mdc0/mdc.multi/users/partitions.xml
> ===================================================================
> --- /home/ole/workspace-mdc0/mdc.multi/users/partitions.xml	(revision 380975)
> +++ /home/ole/workspace-mdc0/mdc.multi/users/partitions.xml	(working copy)
> @@ -133,8 +133,8 @@
>  on
>              <a href="http://www.prevayler.org/wiki.jsp">Prevayler</a>
>  . This is like an in-memory partition but you can save it at the end of the day.
> -This might be really useful especially for things the system partition which
> -almost always need to be in memory. The system partition can do this by using
> +This might be really useful for things like the system partition which
> +almost always needs to be in memory. The system partition can do this by using
>  really large caches equal to the number of entries in the system
>  partition.
>            </li>
> Index: /home/ole/workspace-mdc0/mdc.multi/users/subentries.xml
> ===================================================================
> --- /home/ole/workspace-mdc0/mdc.multi/users/subentries.xml	(revision 380975)
> +++ /home/ole/workspace-mdc0/mdc.multi/users/subentries.xml	(working copy)
> @@ -9,7 +9,7 @@
>      <section heading="h2" name="Introduction">
>        <p>
>  Subentries are used for managing the administration of different aspects of the
> -directory.  LDAP has just recently formalized the notion of subentires
> +directory.  LDAP has just recently formalized the notion of subentries
>  in
>          <a href="http://www.faqs.org/rfcs/rfc3672.html">RFC 3672</a>
>  .  Subentries have existed within X.500 Directories for years with clear
> @@ -87,7 +87,7 @@
>  Presume you're the uber directory administrator over at WallyWorld (a Walmart
>  competitor). Let's say WallyWorld uses their corporate directory for various
>  things including their product catalog. As the uber admin you're going to have a
> -bunch of people wanting access, update and even administer your directory.
> +bunch of people wanting the ability to access, update and administer the directory.
>  Entire departments within WallyWorld are going to want to control different
>  parts of the directory. Sales may want to manage the product catalog, while
>  operations may want to manage information in other areas dealing with suppliers
> @@ -117,7 +117,7 @@
>  Do you really want to manage the corporate product catalog or just let the sales
>  department manage it? But what do we mean by manage? You want sales people to
>  create, and delete entries but they may only trust a few people to do this.
> -Others may just view the catelog. Who are the people with add/remove powers and
> +Others may just view the catalog. Who are the people with add/remove powers and
>  why should you have to be involved with deciding this ever changing departmental
>  policy? Instead you can delegate the management of access controls in this area
>  to a administrative contact in the sales department. The sales contact can then
> @@ -125,7 +125,7 @@
>  sales than you are and they probably have more bandwidth to handle sales related
>  needs than you do. Delegating authority in this fashion is what X.500 engineers
>  pioneered in the early 80's with the telecom boom in Europe. They knew different
> -authorities will want to manage different aspects of directory administration
> +authorities would want to manage different aspects of directory administration
>  for themselves. These X.500 definitions are there to be able to talk about
>  administrative areas within the directory. Now let's get back to what these
>  things are
> @@ -137,7 +137,7 @@
>  have a partition hanging off of *'dc=example,dc=com'* with an *'ou=product
>  catalog'* area. You may want this area to be managed by the sales department
>  with respect to the content, schema, it's visibility, and collective attributes.
> -Perhaps you only want to delegate only one aspect of administration , access
> +Perhaps you only want to delegate one aspect of administration, access
>  control, since you don't want people messing around with schema. To do so you
>  can define everything under *'ou=product catalog'* to be an administrative area
>  specifically for access control and delegate that aspect only. In that case the
> Index: /home/ole/workspace-mdc0/mdc.multi/users/userclasses.xml
> ===================================================================
> --- /home/ole/workspace-mdc0/mdc.multi/users/userclasses.xml	(revision 380975)
> +++ /home/ole/workspace-mdc0/mdc.multi/users/userclasses.xml	(working copy)
> @@ -63,9 +63,8 @@
>        </table>
>        <p>
>  These are pretty intuitive. Two other user classes may be a bit less easy to
> -understand or may require some explanation. For these we discuss them in the
> -sections
> -below.</p>
> +understand or may require some explanation. These are discussed in the the following
sections.
> +</p>
>      </section>
>      <section heading="h2" name="User Class: userGroup">
>        <p>
> @@ -141,7 +140,7 @@
>  There is no reason to specify allUsers more than once. More than one type of
>  user class mechanism can be used as well. Again some combinations just will not
>  make sense like having a name based userClass then allUsers. The following
> -ACIItem grants delete abilities to a set of users using more than one machanism.
> +ACIItem grants delete abilities to a set of users using more than one mechanism.
>  It allows jbean, jdoe, all users in the Administrators group to delete entries.
>  It also allows requestors to delete their own user
>  entry.</p>
> Here's a change list I created manuallly (It contains things I did not update, but thought
was in need of 
> clarification...):
> Users Guide
>      - http://directory.apache.org/subprojects/apacheds/docs/users/index.html
>      
>      -------------------------------------------------------------------------
>      "be" >> "by" in "be no means extensive"
>      -------------------------------------------------------------------------
>      extends >> extend in "Using Maven to extends the Schema"
>      -------------------------------------------------------------------------     
>      
>      http://directory.apache.org/subprojects/apacheds/docs/users/authentication.html
>      -------------------------------------------------------------------------     
>      parameter the authentication mechanism it is going to handle
>      
>      Interpretation/Fix:
>      the authentication parameter the mechanism is going to handle
>      -------------------------------------------------------------------------
>      
>      http://directory.apache.org/subprojects/apacheds/docs/users/authorization.html
>      -------------------------------------------------------------------------     
>      protoected  >> protected
>      -------------------------------------------------------------------------
>     
>      NOT FIXED
>     
>      If allowed users can arbitrarily add entries where they wanted by putting 
>      entryACI into the new entry being added.
>      
>      
>      Interpretation:
>      entryACI protect individual entries.  So if I were to only allow Alex and 
>      Stefan to update a specific entry, I would store the entryACI in this entry,
>      and that entryACI would say that only Alex and Stefan are allowed to update it.
>      
>      So when I originally add this entry, I would put the entryACI in along with the

>      entry right?
>      
>      If the add operation consulted the entryACI, and I'm not in it, might that 
>      bar me from adding the entry?
>      
>      Also, if I add myself to the entryACI, then I could add subentries, etc. right?
>      Is that what we mean by:
>      
>      "If allowed users can arbitrarily add entries where they wanted by putting 
>      entryACI into the new entry being added"?  I would think not, since if I add
>      myself and I have the authority to add myself, then all is good.
>      
>      -------------------------------------------------------------------------    
>      
>      perscriptive >> prescriptive
>      
>      http://directory.apache.org/subprojects/apacheds/docs/users/subentries.html
>      -------------------------------------------------------------------------    
>      subentires >> subentries	
>      -------------------------------------------------------------------------    
>      wanting access, update and even administer the directory
>      >> wanting the ability to access, update and administer the directory
>      -------------------------------------------------------------------------      
  
>      catelog.  >> catalog
>      -------------------------------------------------------------------------    
>      
>      "will">>"would" in "They knew different
>       authorities would want to manage different aspects of directory administration
>       for themselves." 
>      -------------------------------------------------------------------------    
>           
>      Perhaps you only want to delegate only one aspect of administration , 
>      >> Perhaps you only want to delegate one aspect of administration,
>      -------------------------------------------------------------------------    
>      NOT FIXED
>      disconnected set of selected based 
>      >> ?????
>      -------------------------------------------------------------------------
>      
>      
>      
>      http://directory.apache.org/subprojects/apacheds/docs/users/enablesearchforallusers.html
>      -------------------------------------------------------------------------
>      exaplanation >> explanation
>      -------------------------------------------------------------------------
>      The identificationTag is just that a tag
>      >>
>      The identificationTag is just a tag that is used often with a subtring
> 	 search filter to lookup a specific ACIItem within an entry.
>      -------------------------------------------------------------------------
>      Precendence>>Precedence
>      -------------------------------------------------------------------------
>      
>      
>      
>      
>      http://directory.apache.org/subprojects/apacheds/docs/users/userclasses.html
>      -------------------------------------------------------------------------
>      These are discussed in the the following sections..
>      -------------------------------------------------------------------------
>      machanism.>>mechanism
>      -------------------------------------------------------------------------
>      
>      http://directory.apache.org/subprojects/apacheds/docs/users/collective.html
>      -------------------------------------------------------------------------
>      more information on specifying subtrees take at Subentries
>      >>
>      For more information on specifying subtrees
> 	 take a look at at
>      -------------------------------------------------------------------------
>      
>      http://directory.apache.org/subprojects/apacheds/docs/users/configuration.html
>      -------------------------------------------------------------------------
>      DOUBLE CHECK THIS
>       that consist the ApacheDS DIT
>       >>
>       ContextPartitionConfiguration specifies ContextPartitions that define the
>       ApacheDS DIT.
>       -------------------------------------------------------------------------
>       
>       with Spring Framework
>       >>
>       The configuration API is designed to fit tightly
>       with the
>       -------------------------------------------------------------------------
>       
>       http://directory.apache.org/subprojects/apacheds/docs/users/partitions.html
>       
>       really useful especially for things the system partition which almost always need
to be in memory
>       >>
>       This might be really useful for things like the system partition which
> 	  almost always needs to be in memory. 

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message