User Documentation Update
-------------------------
Key: DIR-179
URL: http://issues.apache.org/jira/browse/DIR-179
Project: Directory
Type: Task
Components: sitedocs
Environment: N/A
Reporter: Ole Ersoy
Assigned to: Alex Karasulu
Priority: Minor
Updates to the user documentation. The subversion patch is pasted below.
Index: /home/ole/workspace-mdc0/mdc.multi/users/authentication.xml
===================================================================
--- /home/ole/workspace-mdc0/mdc.multi/users/authentication.xml (revision
380975)
+++ /home/ole/workspace-mdc0/mdc.multi/users/authentication.xml (working copy)
@@ -206,8 +206,8 @@
<p>
The authenticator class has to extend the
org.apache.ldap.server.auth.AbstractAuthenticator. This class needs to have a
-no-argument constructor that calls the super() constructor with parameter the
-authentication mechanism it is going to handle. In the above example,
+no-argument constructor that calls the super() constructor with the
authentication parameter the mechanism is
+going to handle. In the above example,
MyAuthenticator class is going to handle the simple authentication mechanism.
To
implement a SASL mechanism you need to call super() with the name of the SASL
mechanism, e.g. super( "DIGEST-MD5"
Index: /home/ole/workspace-mdc0/mdc.multi/users/authorization.xml
===================================================================
--- /home/ole/workspace-mdc0/mdc.multi/users/authorization.xml (revision
380975)
+++ /home/ole/workspace-mdc0/mdc.multi/users/authorization.xml (working copy)
@@ -36,7 +36,7 @@
<subsection heading="h3" name="Entry ACI">
<p>
Entry ACI are access controls added to entries to protect that entry
-specifically. Meaning the protoected entry is the entry where the ACI resides.
+specifically. Meaning the protected entry is the entry where the ACI resides.
When performing an operation on an entry, ApacheDS checks for the presence of
the multivalued operational attribute, *entryACI*. The values of the entryACI
attribute contain
@@ -116,7 +116,7 @@
Access to subentries also needs to be controlled. Subentries are special in
ApacheDS. Although they subordinate to an administrative entry (entry of an
Administrative Point), they are technically considered to be in the same
context
-as their administrative entry. ApacheDS considers the perscriptive ACI applied
+as their administrative entry. ApacheDS considers the prescriptive ACI applied
to the administrative entry, to also apply to its
subentries.</p>
<p>
Index: /home/ole/workspace-mdc0/mdc.multi/users/collective.xml
===================================================================
--- /home/ole/workspace-mdc0/mdc.multi/users/collective.xml (revision
380975)
+++ /home/ole/workspace-mdc0/mdc.multi/users/collective.xml (working copy)
@@ -30,7 +30,7 @@
collective attribute can be used in a subentry. Changes to the value of this
attribute would immediately be reflected to those entries selected by the
subtreeSpecification of subentry. For more information on specifying subtrees
-take
+take a look at
at
<a href="./subentries.html">Subentries</a>
.
Index: /home/ole/workspace-mdc0/mdc.multi/users/configuration.xml
===================================================================
--- /home/ole/workspace-mdc0/mdc.multi/users/configuration.xml (revision
380975)
+++ /home/ole/workspace-mdc0/mdc.multi/users/configuration.xml (working copy)
@@ -52,7 +52,7 @@
schemas>)</li>
<li>
contextPartitionConfigurations - A collection of
ContextPartitionConfigurations.
-ContextPartitionConfiguration specified ContextPartitions that consist the
+ContextPartitionConfiguration specified ContextPartitions that define the the
ApacheDS DIT. (Default: no context partitions except system
partition)</li>
<li>
@@ -129,7 +129,7 @@
<section heading="h1" name="Using Spring Framework">
<p>
The configuration API is designed to fit tightly
-with
+with the
<a href="http://www.springframework.org/";>Spring Framework</a>
. Here is an example beans xml
file:
Index: /home/ole/workspace-mdc0/mdc.multi/users/enablesearchforallusers.xml
===================================================================
--- /home/ole/workspace-mdc0/mdc.multi/users/enablesearchforallusers.xml
(revision 380975)
+++ /home/ole/workspace-mdc0/mdc.multi/users/enablesearchforallusers.xml
(working copy)
@@ -137,7 +137,7 @@
</source>
<p>
There are several parameters to this simple ACIItem. Here's a breif
-exaplanation of each field and it's meaning or
+explanation of each field and it's meaning or
significance.</p>
<table>
<tr>
@@ -191,7 +191,7 @@
</table>
<subsection heading="h2" name="identificationTag">
<p>
-The identificationTag is just that a tag. It's often used with a subtring
+The identificationTag is just a tag that is used often with a subtring
search filter to lookup a specific ACIItem within an entry. One or more
ACIItems may be present within a subentry, zero or more in entries, so this
serves as a means to address the ACIItem within
@@ -199,7 +199,7 @@
</subsection>
<subsection heading="h2" name="precedence">
<p>
-Precendence is used to determine the ACI to apply when two or more ACIItem's
+Precedence is used to determine the ACI to apply when two or more ACIItem's
applied to an entry conflict. The ACIItem with the highest precedence is
applied over other conflicting
ACIItems.</p>
Index: /home/ole/workspace-mdc0/mdc.multi/users/index.xml
===================================================================
--- /home/ole/workspace-mdc0/mdc.multi/users/index.xml (revision 380975)
+++ /home/ole/workspace-mdc0/mdc.multi/users/index.xml (working copy)
@@ -9,7 +9,7 @@
<section heading="h1" name="User's Guide">
<p>
This is a simple guide to various ApacheDS features to help users get going.
-It's be no means
+It's by no means
extensive.</p>
<table>
<tr>
@@ -83,7 +83,7 @@
<a href="./plugin.html">Plugin</a>
</td>
<td>
-How to use the plugin to extends the
+How to use the plugin to extend the
schema.</td>
</tr>
</table>
Index: /home/ole/workspace-mdc0/mdc.multi/users/partitions.xml
===================================================================
--- /home/ole/workspace-mdc0/mdc.multi/users/partitions.xml (revision
380975)
+++ /home/ole/workspace-mdc0/mdc.multi/users/partitions.xml (working copy)
@@ -133,8 +133,8 @@
on
<a href="http://www.prevayler.org/wiki.jsp";>Prevayler</a>
. This is like an in-memory partition but you can save it at the end of the
day.
-This might be really useful especially for things the system partition which
-almost always need to be in memory. The system partition can do this by using
+This might be really useful for things like the system partition which
+almost always needs to be in memory. The system partition can do this by using
really large caches equal to the number of entries in the system
partition.
</li>
Index: /home/ole/workspace-mdc0/mdc.multi/users/subentries.xml
===================================================================
--- /home/ole/workspace-mdc0/mdc.multi/users/subentries.xml (revision
380975)
+++ /home/ole/workspace-mdc0/mdc.multi/users/subentries.xml (working copy)
@@ -9,7 +9,7 @@
<section heading="h2" name="Introduction">
<p>
Subentries are used for managing the administration of different aspects of the
-directory. LDAP has just recently formalized the notion of subentires
+directory. LDAP has just recently formalized the notion of subentries
in
<a href="http://www.faqs.org/rfcs/rfc3672.html";>RFC 3672</a>
. Subentries have existed within X.500 Directories for years with clear
@@ -87,7 +87,7 @@
Presume you're the uber directory administrator over at WallyWorld (a Walmart
competitor). Let's say WallyWorld uses their corporate directory for various
things including their product catalog. As the uber admin you're going to have
a
-bunch of people wanting access, update and even administer your directory.
+bunch of people wanting the ability to access, update and administer the
directory.
Entire departments within WallyWorld are going to want to control different
parts of the directory. Sales may want to manage the product catalog, while
operations may want to manage information in other areas dealing with suppliers
@@ -117,7 +117,7 @@
Do you really want to manage the corporate product catalog or just let the
sales
department manage it? But what do we mean by manage? You want sales people to
create, and delete entries but they may only trust a few people to do this.
-Others may just view the catelog. Who are the people with add/remove powers and
+Others may just view the catalog. Who are the people with add/remove powers and
why should you have to be involved with deciding this ever changing
departmental
policy? Instead you can delegate the management of access controls in this area
to a administrative contact in the sales department. The sales contact can then
@@ -125,7 +125,7 @@
sales than you are and they probably have more bandwidth to handle sales
related
needs than you do. Delegating authority in this fashion is what X.500 engineers
pioneered in the early 80's with the telecom boom in Europe. They knew
different
-authorities will want to manage different aspects of directory administration
+authorities would want to manage different aspects of directory administration
for themselves. These X.500 definitions are there to be able to talk about
administrative areas within the directory. Now let's get back to what these
things are
@@ -137,7 +137,7 @@
have a partition hanging off of *'dc=example,dc=com'* with an *'ou=product
catalog'* area. You may want this area to be managed by the sales department
with respect to the content, schema, it's visibility, and collective
attributes.
-Perhaps you only want to delegate only one aspect of administration , access
+Perhaps you only want to delegate one aspect of administration, access
control, since you don't want people messing around with schema. To do so you
can define everything under *'ou=product catalog'* to be an administrative area
specifically for access control and delegate that aspect only. In that case the
Index: /home/ole/workspace-mdc0/mdc.multi/users/userclasses.xml
===================================================================
--- /home/ole/workspace-mdc0/mdc.multi/users/userclasses.xml (revision
380975)
+++ /home/ole/workspace-mdc0/mdc.multi/users/userclasses.xml (working copy)
@@ -63,9 +63,8 @@
</table>
<p>
These are pretty intuitive. Two other user classes may be a bit less easy to
-understand or may require some explanation. For these we discuss them in the
-sections
-below.</p>
+understand or may require some explanation. These are discussed in the the
following sections.
+</p>
</section>
<section heading="h2" name="User Class: userGroup">
<p>
@@ -141,7 +140,7 @@
There is no reason to specify allUsers more than once. More than one type of
user class mechanism can be used as well. Again some combinations just will not
make sense like having a name based userClass then allUsers. The following
-ACIItem grants delete abilities to a set of users using more than one
machanism.
+ACIItem grants delete abilities to a set of users using more than one
mechanism.
It allows jbean, jdoe, all users in the Administrators group to delete entries.
It also allows requestors to delete their own user
entry.</p>
Here's a change list I created manuallly (It contains things I did not update,
but thought was in need of
clarification...):
Users Guide
- http://directory.apache.org/subprojects/apacheds/docs/users/index.html
-------------------------------------------------------------------------
"be" >> "by" in "be no means extensive"
-------------------------------------------------------------------------
extends >> extend in "Using Maven to extends the Schema"
-------------------------------------------------------------------------
http://directory.apache.org/subprojects/apacheds/docs/users/authentication.html
-------------------------------------------------------------------------
parameter the authentication mechanism it is going to handle
Interpretation/Fix:
the authentication parameter the mechanism is going to handle
-------------------------------------------------------------------------
http://directory.apache.org/subprojects/apacheds/docs/users/authorization.html
-------------------------------------------------------------------------
protoected >> protected
-------------------------------------------------------------------------
NOT FIXED
If allowed users can arbitrarily add entries where they wanted by putting
entryACI into the new entry being added.
Interpretation:
entryACI protect individual entries. So if I were to only allow Alex and
Stefan to update a specific entry, I would store the entryACI in this
entry,
and that entryACI would say that only Alex and Stefan are allowed to
update it.
So when I originally add this entry, I would put the entryACI in along
with the
entry right?
If the add operation consulted the entryACI, and I'm not in it, might that
bar me from adding the entry?
Also, if I add myself to the entryACI, then I could add subentries, etc.
right?
Is that what we mean by:
"If allowed users can arbitrarily add entries where they wanted by putting
entryACI into the new entry being added"? I would think not, since if I
add
myself and I have the authority to add myself, then all is good.
-------------------------------------------------------------------------
perscriptive >> prescriptive
http://directory.apache.org/subprojects/apacheds/docs/users/subentries.html
-------------------------------------------------------------------------
subentires >> subentries
-------------------------------------------------------------------------
wanting access, update and even administer the directory
>> wanting the ability to access, update and administer the directory
-------------------------------------------------------------------------
catelog. >> catalog
-------------------------------------------------------------------------
"will">>"would" in "They knew different
authorities would want to manage different aspects of directory
administration
for themselves."
-------------------------------------------------------------------------
Perhaps you only want to delegate only one aspect of administration ,
>> Perhaps you only want to delegate one aspect of administration,
-------------------------------------------------------------------------
NOT FIXED
disconnected set of selected based
>> ?????
-------------------------------------------------------------------------
http://directory.apache.org/subprojects/apacheds/docs/users/enablesearchforallusers.html
-------------------------------------------------------------------------
exaplanation >> explanation
-------------------------------------------------------------------------
The identificationTag is just that a tag
>>
The identificationTag is just a tag that is used often with a subtring
search filter to lookup a specific ACIItem within an entry.
-------------------------------------------------------------------------
Precendence>>Precedence
-------------------------------------------------------------------------
http://directory.apache.org/subprojects/apacheds/docs/users/userclasses.html
-------------------------------------------------------------------------
These are discussed in the the following sections..
-------------------------------------------------------------------------
machanism.>>mechanism
-------------------------------------------------------------------------
http://directory.apache.org/subprojects/apacheds/docs/users/collective.html
-------------------------------------------------------------------------
more information on specifying subtrees take at Subentries
>>
For more information on specifying subtrees
take a look at at
-------------------------------------------------------------------------
http://directory.apache.org/subprojects/apacheds/docs/users/configuration.html
-------------------------------------------------------------------------
DOUBLE CHECK THIS
that consist the ApacheDS DIT
>>
ContextPartitionConfiguration specifies ContextPartitions that define the
ApacheDS DIT.
-------------------------------------------------------------------------
with Spring Framework
>>
The configuration API is designed to fit tightly
with the
-------------------------------------------------------------------------
http://directory.apache.org/subprojects/apacheds/docs/users/partitions.html
really useful especially for things the system partition which almost
always need to be in memory
>>
This might be really useful for things like the system partition which
almost always needs to be in memory.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
