svn commit: r1779195 - in /jackrabbit/oak/trunk/oak-doc/src/site/markdown/security: ./ accesscontrol/ authentication/ authentication/external/ authorization/ permission/ principal/ privilege/ user/

angela Tue, 17 Jan 2017 05:53:11 -0800

Author: angela
Date: Tue Jan 17 13:52:10 2017
New Revision: 1779195

URL: http://svn.apache.org/viewvc?rev=1779195&view=rev
Log:
security documentation: fix  broken links (list provided by alexandre 
collignon, thanks)


Modified:
    jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/accesscontrol.md
    
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/accesscontrol/default.md
    
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/accesscontrol/differences.md
    
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/default.md
    
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/external/defaultusersync.md
    
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/external/dynamic.md
    
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/ldap.md
    
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/tokenmanagement.md
    
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/usersync.md
    
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authorization/composite.md
    jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authorization/cug.md
    
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authorization/restriction.md
    jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/permission.md
    
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/permission/default.md
    
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/principal/principalprovider.md
    jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/privilege.md
    
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/privilege/mappingtoitems.md
    jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user.md
    jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/default.md
    jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/expiry.md
    jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/groupaction.md

Modified: 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/accesscontrol.md
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/accesscontrol.md?rev=1779195&r1=1779194&r2=1779195&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/accesscontrol.md 
(original)
+++ jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/accesscontrol.md 
Tue Jan 17 13:52:10 2017
@@ -28,7 +28,7 @@ read [Using the Access Control Managemen
 a comprehensive list of method calls as well as examples that may be used to
 edit the access control content of the repository.
 
-<a href="jcr_api"/>
+<a name="jcr_api"/>
 ### JCR API
 
 Access Control Management is an optional feature defined by [JSR 283] 
consisting of
@@ -102,7 +102,7 @@ Oak 1.0 defines a dedicated restriction
 [Restriction Management](authorization/restriction.html) for details and 
further
 information regarding extensibility and pluggability.
 
-<a href="utilities"/>
+<a name="utilities"/>
 ### Utilities
 
 The jcr-commons module present with Jackrabbit provide some access control 
related
@@ -124,7 +124,7 @@ the complete list of methods.
     acMgr.setPolicy(path, acl);
     session.save();
 
-<a href="default_implementation"/>
+<a name="default_implementation"/>
 ### Characteristics of the Default Implementation
 
 The behavior of the default access control implementation is described in 
sections 

Modified: 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/accesscontrol/default.md
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/accesscontrol/default.md?rev=1779195&r1=1779194&r2=1779195&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/accesscontrol/default.md
 (original)
+++ 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/accesscontrol/default.md
 Tue Jan 17 13:52:10 2017
@@ -115,7 +115,7 @@ restrictions as mentioned by JSR 283. De
 in Oak 1.0 as well as a list of built-in restrictions and extensibility can be
 found in section [Restriction Management](../authorization/restriction.html).
 
-<a href="representation"/>
+<a name="representation"/>
 ### Representation in the Repository
 
 All access control policies defined with an Oak repository are stores child of

Modified: 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/accesscontrol/differences.md
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/accesscontrol/differences.md?rev=1779195&r1=1779194&r2=1779195&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/accesscontrol/differences.md
 (original)
+++ 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/accesscontrol/differences.md
 Tue Jan 17 13:52:10 2017
@@ -65,7 +65,7 @@ Restrictions: as of OAK the optional res
 ##### Principal-based Access Control
 The principal-based access control management as present in Jackrabbit-core is 
no
 longer present with OAK. The main benefit of the principal-based approach has 
been
-incorporated with the changes in the default [permission 
evaluation](differences_permissions.html)).
+incorporated with the changes in the default [permission 
evaluation](../permission/differences.html)).
 In addition the default access control manager implementation supports all 
methods
 defined by `JackrabbitAccessControlManager`; i.e. editing access control 
information
 by principal is possible as long as the editing session has sufficient 
permission

Modified: 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/default.md
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/default.md?rev=1779195&r1=1779194&r2=1779195&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/default.md
 (original)
+++ 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/default.md
 Tue Jan 17 13:52:10 2017
@@ -50,7 +50,7 @@ The proper way to obtain an guest sessio
 As of Oak 1.0 `Repository#login()` and `Repository#login(null, wspName)` is no
 longer treated as guest login. This behavior of Jackrabbit-core is violating 
the
 specification, which defines that null-login should be used for those cases 
where
-the authentication process is handled outside of the repository (see 
[Pre-Authentication](authentication/preauthentication.html)).
+the authentication process is handled outside of the repository (see 
[Pre-Authentication](preauthentication.html)).
 
 Similarly, any special treatment that Jackrabbit core applied for the guest 
(anonymous)
 user has been omitted altogether from the default [LoginModuleImpl]. In the 
default
@@ -96,12 +96,12 @@ Oak 1.0 comes with 2 different login mod
 [SimpleCredentials]:
 
 - Default (`LoginModuleImpl`) as described below
-- `ExternalLoginModule` as described in section [External 
Authentication](authentication/externalloginmodule.html)
+- `ExternalLoginModule` as described in section [External 
Authentication](externalloginmodule.html)
 
 ##### LoginModuleImpl
 
 The [LoginModuleImpl] defines a regular userId/password login and requires a
-repository setup that supports [User Management](user.html) and is designed to
+repository setup that supports [User Management](../user.html) and is designed 
to
 supports the following `Credentials`:
 
 - `SimpleCredentials`
@@ -171,7 +171,7 @@ with `ImpersonationCredentials` and appl
 - **Regular Impersonation**: Impersonation another user will only succeed if
   the impersonated user is valid (i.e. exists and is not disabled) _and_ the
   the user associated with the editing session is allowed to impersonate this
-  user. The latter depends on the [User Management](user.html) implementation
+  user. The latter depends on the [User Management](../user.html) 
implementation
   specifically on the return value of `User.getImpersonation().allows(Subject 
subject)`.
 
 ##### ImpersonationCredentials
@@ -204,14 +204,14 @@ following steps in order to get JCR impe
 <a name="token"/>
 #### Token Login
 
-See section [Token Authentication](authentication/tokenmanagement.html) for 
details
+See section [Token Authentication](tokenmanagement.html) for details
 regarding token based authentication.
 
 ##### TokenLoginModule
 
 The `TokenLoginModule` is in charge of creating new login tokens and validate
 repository logins with `TokenCredentials`. The exact behavior of this login 
module is
-described in section [Token 
Authentication](authentication/tokenmanagement.html).
+described in section [Token Authentication](tokenmanagement.html).
 
 <a name="pre_authenticated"/>
 #### Pre-Authenticated Login
@@ -223,7 +223,7 @@ validation.
 - Pre-Authentication combined with Login Module Chain
 - Pre-Authentication without Repository Involvement (aka `null` login)
 
-See section [Pre-Authentication Login](authentication/preauthentication.html) 
for
+See section [Pre-Authentication Login](preauthentication.html) for
 further details and examples.
 
 <a name="external"/>
@@ -235,13 +235,13 @@ systems (e.g. LDAP). For those setups th
 against a third party system with repository functionality, Oak provides a 
default
 implementation with extension points:
 
-- [External Authentication](authentication/externalloginmodule.html): Summary 
of
+- [External Authentication](externalloginmodule.html): Summary of
   the external authentication and details about the `ExternalLoginModule`.
-- [User and Group Synchronization](authentication/usersync.html): Details 
regarding
+- [User and Group Synchronization](usersync.html): Details regarding
   user and group synchronization as well as a list of configuration options 
provided
   by the the default implementations present with Oak.
-- [Identity Management](authentication/identitymanagement.html): Further 
information regarding extenal identity management.
-- [LDAP Integration](authentication/ldap.html): How to make use of the 
`ExternalLoginModule`
+- [Identity Management](identitymanagement.html): Further information 
regarding extenal identity management.
+- [LDAP Integration](ldap.html): How to make use of the `ExternalLoginModule`
   with the LDAP identity provider implementation. This combination is aimed to 
replace
   [com.day.crx.security.ldap.LDAPLoginModule], which relies on Jackrabbit 
internals
   and will no longer work with Oak.
@@ -256,7 +256,7 @@ the repository.
 
 This login module implementation requires an valid `SyncHandler` and 
`IdentityProvider`
 to be present. The detailed behavior of the `ExternalLoginModule` is described 
in
-section [External Authentication](authentication/externalloginmodule.html).
+section [External Authentication](externalloginmodule.html).
 
 <!-- hidden references -->
 [GuestCredentials]: 
http://www.day.com/specs/javax.jcr/javadocs/jcr-2.0/javax/jcr/GuestCredentials.html

Modified: 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/external/defaultusersync.md
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/external/defaultusersync.md?rev=1779195&r1=1779194&r2=1779195&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/external/defaultusersync.md
 (original)
+++ 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/external/defaultusersync.md
 Tue Jan 17 13:52:10 2017
@@ -167,10 +167,10 @@ The default `SyncHandler` implementation
 | Group property mapping        | `group.propertyMapping`       | List mapping 
definition of local properties from external ones. |
 | | | |
 
-#### Configuration of the ExternalPrincipalConfiguration
+#### Configuration of the 'Apache Jackrabbit Oak External 
PrincipalConfiguration'
 
-Please note that the [ExternalPrincipalConfiguration] comes with a dedicated
-`RepositoryInitializer`, which requires the repository to be (re)initialized
+Please note that the `ExternalPrincipalConfiguration` _("Apache Jackrabbit Oak 
External PrincipalConfiguration")_ 
+comes with a dedicated `RepositoryInitializer`, which requires the repository 
to be (re)initialized
 once the module `oak-auth-external` is installed.
 
 The recommended way to assert a proper init, is to add 
@@ -178,7 +178,7 @@ The recommended way to assert a proper i
 as additional value to the `requiredServicePids` configuration option of the 
 `SecurityProviderRegistration` _("Apache Jackrabbit Oak SecurityProvider")_.
 
-See section [Introduction to Oak Security](../introduction.html) for further 
details on the `SecurityProviderRegistration`.
+See section [Introduction to Oak Security](../../introduction.html) for 
further details on the `SecurityProviderRegistration`.
 
 The `ExternalPrincipalConfiguration` defines the following configuration 
options:
      
@@ -195,7 +195,6 @@ The `ExternalPrincipalConfiguration` def
 [DefaultSyncedIdentity]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncedIdentity.html
 [DefaultSyncHandler]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/DefaultSyncHandler.html
 [ExternalIdentityRef]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/authentication/external/ExternalIdentityRef.html
-[ExternalPrincipalConfiguration]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalPrincipalConfiguration.html
 [DynamicSyncContext]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/DynamicSyncContext.html
 [OAK-4101]: https://issues.apache.org/jira/browse/OAK-4101
 [OAK-2687]: https://issues.apache.org/jira/browse/OAK-2687

Modified: 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/external/dynamic.md
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/external/dynamic.md?rev=1779195&r1=1779194&r2=1779195&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/external/dynamic.md
 (original)
+++ 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/external/dynamic.md
 Tue Jan 17 13:52:10 2017
@@ -39,8 +39,8 @@ effects:
 
 ##### External Groups
 
-- If enabled the handler will use an alternative [SyncContext] to synchronize 
external groups ([DynamicSyncContext]).
-- Instead of synchronizing groups into the user management, this 
[DynamicSyncContext]
+- If enabled the handler will use an alternative [SyncContext] to synchronize 
external groups (`DynamicSyncContext`).
+- Instead of synchronizing groups into the user management, this 
`DynamicSyncContext`
   will additionally set the property `rep:externalPrincipalNames` on the 
synchronized external user
 - `rep:externalPrincipalNames` is a system maintained multivalued property of 
type 
   'STRING' storing the names of the `java.security.acl.Group`-principals a 
given 
@@ -52,8 +52,8 @@ effects:
 ##### Automatic Membership
 
 - If enabled automatic membership assignment for existing, local groups will 
not longer be written to the repository
-- Instead the [ExternalPrincipalConfiguration] will keep track of the mapping 
-  between registered [SyncHandler]s (i.e. auto-membership configuration) and 
[ExternalIdentityProvider]s.
+- Instead the `ExternalPrincipalConfiguration` _("Apache Jackrabbit Oak 
External PrincipalConfiguration")_ will keep 
+  track of the mapping between registered [SyncHandler]s (i.e. auto-membership 
configuration) and [ExternalIdentityProvider]s.
   This allows to determine auto-membership based on the `rep:externalId` 
stored with the user accounts.
 - The `PrincipalProvider` associated with this dedicated principal 
configuration 
   will expand the collection of `Principal`s generated for the following calls 
@@ -115,8 +115,9 @@ Jackrabbit [User Management API](../../u
 
 The authentication setup provided by Oak is not affected by the dynamic 
membership 
 handling as long as the configured `LoginModule` implementations rely on the 
-`PrincipalProvider` for principal resolution and the 
[ExternalPrincipalConfiguration]
-is properly registered with the `SecurityProvider` (see section 
[Configuration](defaultusersync.html#configuration)).
+`PrincipalProvider` for principal resolution and the 
`ExternalPrincipalConfiguration` 
+_("Apache Jackrabbit Oak External PrincipalConfiguration")_ is properly 
registered 
+with the `SecurityProvider` (see section 
[Configuration](defaultusersync.html#configuration)).
 
 ##### Authorization
 
@@ -130,8 +131,6 @@ membership configuration.
 [DefaultSyncContext]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncContext.html
 [DefaultSyncConfig]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncConfig.html
 [ExternalIdentityProvider]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/authentication/external/ExternalIdentityProvider.html
-[ExternalPrincipalConfiguration]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalPrincipalConfiguration.html
-[DynamicSyncContext]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/DynamicSyncContext.html
 [OAK-4101]: https://issues.apache.org/jira/browse/OAK-4101
 [OAK-2687]: https://issues.apache.org/jira/browse/OAK-2687
 [OAK-4087]: https://issues.apache.org/jira/browse/OAK-4087

Modified: 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/ldap.md
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/ldap.md?rev=1779195&r1=1779194&r2=1779195&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/ldap.md 
(original)
+++ 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/ldap.md 
Tue Jan 17 13:52:10 2017
@@ -69,7 +69,7 @@ Oak repository:
 #### LDAP Configuration
 
 The LDAP IPDs are configured through the 
[org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapProviderConfig]
-which is populated either via OSGi or during manual [Repository 
Construction](../construct.html).
+which is populated either via OSGi or during manual [Repository 
Construction](../../construct.html).
 
 | Name                         | Property                | Description         
                     |
 
|------------------------------|-------------------------|------------------------------------------|

Modified: 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/tokenmanagement.md
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/tokenmanagement.md?rev=1779195&r1=1779194&r2=1779195&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/tokenmanagement.md
 (original)
+++ 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/tokenmanagement.md
 Tue Jan 17 13:52:10 2017
@@ -85,7 +85,7 @@ that is able to aggregate multiple `Toke
 
 See section [Pluggability](#pluggability) for an example.
 
-<a href="default_implementation"/>
+<a name="default_implementation"/>
 ### Characteristics of the Default Implementation
 
 The characteristics of the default token management implementation is

Modified: 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/usersync.md
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/usersync.md?rev=1779195&r1=1779194&r2=1779195&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/usersync.md
 (original)
+++ 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/usersync.md
 Tue Jan 17 13:52:10 2017
@@ -36,7 +36,7 @@ present on the IDP.
 #### JMX Synchronization Tool
 
 In addition to the synchronization API Oak 1.0 defines utilities to manage
-synchronized external identities within JMX ([SynchronizationMBean]) which 
allows
+synchronized external identities within JMX (`SynchronizationMBean`) which 
allows
 for the following tasks:
 
 - `syncUsers(String[] userIds, boolean purge)`
@@ -70,7 +70,6 @@ or plug a new implementation of the `Syn
 
 
 <!-- references -->
-[SynchronizationMBean]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/authentication/external/jmx/SynchronizationMBean.html
 [SyncManager]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/authentication/external/SyncManager.html
 [SyncHandler]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/authentication/external/SyncHandler.html
 [SyncContext]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/authentication/external/SyncContext.html

Modified: 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authorization/composite.md
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authorization/composite.md?rev=1779195&r1=1779194&r2=1779195&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authorization/composite.md
 (original)
+++ 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authorization/composite.md
 Tue Jan 17 13:52:10 2017
@@ -176,6 +176,6 @@ might otherwise result in severe securit
 <!-- hidden references -->
 [PolicyOwner]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/authorization/accesscontrol/PolicyOwner.html
 [AggregatedPermissionProvider]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/authorization/permission/AggregatedPermissionProvider.html
-[CompositeAuthorizationConfiguration]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/security/authorization/composite/CompositeAuthorizationConfiguration.html
-[CompositeAccessControlManager]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/security/authorization/composite/CompositeAccessControlManager.html
-[CompositePermissionProvider]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/security/authorization/composite/CompositePermissionProvider.html
\ No newline at end of file
+[CompositeAuthorizationConfiguration]: 
http://svn.apache.org/repos/asf/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositeAuthorizationConfiguration.java
+[CompositeAccessControlManager]: 
http://svn.apache.org/repos/asf/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositeAccessControlManager.java
+[CompositePermissionProvider]: 
http://svn.apache.org/repos/asf/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositePermissionProvider.java
\ No newline at end of file

Modified: 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authorization/cug.md
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authorization/cug.md?rev=1779195&r1=1779194&r2=1779195&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authorization/cug.md 
(original)
+++ 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authorization/cug.md 
Tue Jan 17 13:52:10 2017
@@ -159,7 +159,7 @@ doesn't match any of the two criteria:
 
 This further implies that the `PermissionProvider` will only evaluate regular 
read 
 permissions (i.e. `READ_NODE` and `READ_PROPERTY`). Evaluation of any other 
-[permissions](../permissions.html#oak_permissions) including reading the cug 
policy 
+[permissions](../permission.html#oak_permissions) including reading the cug 
policy 
 node (access control content) is consequently delegated to other 
 authorization modules. In case there was no module dealing with these 
permissions, 
 access will be denied (see in section _Combining Multiple Authorization 
Models_ for [details](composite.html#details)). 

Modified: 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authorization/restriction.md
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authorization/restriction.md?rev=1779195&r1=1779194&r2=1779195&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authorization/restriction.md
 (original)
+++ 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authorization/restriction.md
 Tue Jan 17 13:52:10 2017
@@ -82,7 +82,7 @@ repository internal permission evaluatio
 - [RestrictionDefinition]: the static definition of a supported restriction
 - [RestrictionPattern]: the processed restriction ready for permission 
evaluation
 
-<a href="default_implementation"/>
+<a name="default_implementation"/>
 ### Default Implementation
 
 Oak 1.0 provides the following base implementations:

Modified: jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/permission.md
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/permission.md?rev=1779195&r1=1779194&r2=1779195&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/permission.md 
(original)
+++ jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/permission.md Tue 
Jan 17 13:52:10 2017
@@ -18,7 +18,7 @@
 Permissions
 
--------------------------------------------------------------------------------
 
-<a href="jcr_api"/>
+<a name="jcr_api"/>
 ### JCR and Jackrabbit API
 
 While access control management is a optional feature, a JCR implementation is
@@ -88,7 +88,7 @@ Important: `absPath` refers to the node
          session.save();
     }
 
-<a href="oak_permissions"/>
+<a name="oak_permissions"/>
 ### Oak Permissions
 
 #### General Notes
@@ -328,7 +328,7 @@ defines the following interfaces and cla
 - [Permissions]: The permissions defined, respected and evaluated by the 
repository.
 - [PermissionConstants]: Constants used throughout the permission evaluation.
 
-<a href="default_implementation"/>
+<a name="default_implementation"/>
 ### Characteristics of the Permission Evaluation
 
 As explained above permission evaluation is completely separated from the 
access

Modified: 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/permission/default.md
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/permission/default.md?rev=1779195&r1=1779194&r2=1779195&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/permission/default.md 
(original)
+++ 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/permission/default.md 
Tue Jan 17 13:52:10 2017
@@ -24,7 +24,7 @@ The default implementation of the `Permi
 based on the information stored in a dedicated part of the repository content 
call
 the [permission store](#permissionStore).
 
-<a href="default_implementation"/>
+<a name="default_implementation"/>
 ### Characteristics of the Permission Evaluation
 
 #### Regular Permission Evaluation

Modified: 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/principal/principalprovider.md
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/principal/principalprovider.md?rev=1779195&r1=1779194&r2=1779195&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/principal/principalprovider.md
 (original)
+++ 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/principal/principalprovider.md
 Tue Jan 17 13:52:10 2017
@@ -75,8 +75,8 @@ can only be retrieved using Jackrabbit P
 User Management calls.
 
 For performance reasons the `ExternalGroupPrincipalProvider` doesn't lookup 
-principals on the IDP but relies on a persisted cache inside the repository 
where
-the names of these external principals are synchronized to based on a 
configurable
+principals on the IDP but relies data persisted inside the repository where
+the names of these external principals are synchronized based on a configurable
 expiration time.
 
 See section [User and Group Synchronization : The Default 
Implementation](../authentication/external/defaultusersync.html)
@@ -85,7 +85,7 @@ for additional details.
 Since Oak 1.5.3
 
 <!-- references -->
-[PrincipalProviderImpl]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.html
+[PrincipalProviderImpl]: 
http://svn.apache.org/repos/asf/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java
 [CompositePrincipalProvider]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.html
-[UserPrincipalProvider]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.html
-[ExternalGroupPrincipalProvider]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.html
+[UserPrincipalProvider]: 
http://svn.apache.org/repos/asf/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java
+[ExternalGroupPrincipalProvider]: 
http://svn.apache.org/repos/asf/jackrabbit/oak/trunk/oak-auth-external/src/main/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java

Modified: jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/privilege.md
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/privilege.md?rev=1779195&r1=1779194&r2=1779195&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/privilege.md 
(original)
+++ jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/privilege.md Tue 
Jan 17 13:52:10 2017
@@ -18,7 +18,7 @@
 Privilege Management
 
--------------------------------------------------------------------------------
 
-<a href="jcr_api"/>
+<a name="jcr_api"/>
 ### JCR API
 
 As of JSR 283 the API contains the following privilege related interfaces and 
methods:
@@ -77,7 +77,7 @@ utility methods:
     - `privilegesFromNames(Session session, String... privilegeNames)`
     - `privilegesFromNames(AccessControlManager accessControlManager, 
String... privilegeNames)`
 
-<a href="default_implementation"/>
+<a name="default_implementation"/>
 ### Oak Privilege Management Implementation
 
 The behavior of the default privilege management implementation is described 
in section 

Modified: 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/privilege/mappingtoitems.md
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/privilege/mappingtoitems.md?rev=1779195&r1=1779194&r2=1779195&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/privilege/mappingtoitems.md
 (original)
+++ 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/privilege/mappingtoitems.md
 Tue Jan 17 13:52:10 2017
@@ -80,7 +80,7 @@ by the system only and cannot be modifie
 #### Annotations
 
 [1] In Oak reading/writing nodes with the following node types provided by the 
implementations present: `rep:Policy`, `rep:ACL`, `rep:ACE`, `rep:GrantACE`, 
`rep:DenyACE`, `rep:Restrictions` and `rep:CugPolicy` and all protected items 
defined therein.
-    See [Default Access Control Management](../accesscontrol/default.html) and 
[Managing Access Control with CUG](../authorization_cug/cug.html), respectively.
+    See [Default Access Control Management](../accesscontrol/default.html) and 
[Managing Access Control with CUG](../authorization/cug.html), respectively.
 
 [2] Granting jcr:versionManagement privilege at a given versionable node will 
allow writing items through JCR version management API which writes below 
`/jcr:system/jcr:versionStorage`, `/jcr:system/jcr:activities`, 
`/jcr:system/jcr:configurations` and the following properties both in the 
storage(s) and with the versionable node: `jcr:activity`, `jcr:activityTitle`, 
`jcr:baseVersion`, `jcr:childVersionHistory`, `jcr:configuration`, 
`jcr:copiedFrom`, `jcr:frozenMixinTypes`, `jcr:frozenPrimaryType`, 
`jcr:frozenUuid`, `jcr:isCheckedOut`, `jcr:mergeFailed`, 
`jcr:predecessors`,`jcr:successors`,`jcr:root`,`jcr:versionableUuid`, 
`jcr:versionHistory`
 

Modified: jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user.md
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user.md?rev=1779195&r1=1779194&r2=1779195&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user.md (original)
+++ jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user.md Tue Jan 17 
13:52:10 2017
@@ -18,7 +18,7 @@
 User Management
 
--------------------------------------------------------------------------------
 
-<a href="jcr_api"/>
+<a name="jcr_api"/>
 ### JCR API
 
 JCR itself doesn't come with a dedicated user management API. The only method
@@ -54,7 +54,7 @@ interfaces and classes:
 - `UserAuthenticationFactory`: see sections 
[pluggability](user/default.html#pluggability) 
 and [user authentication](authentication/default.html#user_authentication) for 
additional details.
 
-<a href="utilities"/>
+<a name="utilities"/>
 ### Utilities
 
 `org.apache.jackrabbit.oak.spi.security.user.*`
@@ -70,7 +70,7 @@ and [user authentication](authentication
   function for password generation.
 - `UserUtil` : Utilities related to general user management tasks.
 
-<a href="default_implementation"/>
+<a name="default_implementation"/>
 ### Oak User Management Implementation
 
 The behavior of the default user management implementation is described in 
section 

Modified: 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/default.md
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/default.md?rev=1779195&r1=1779194&r2=1779195&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/default.md 
(original)
+++ jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/default.md Tue 
Jan 17 13:52:10 2017
@@ -275,10 +275,10 @@ Within the default user management imple
 modified or extended at runtime by providing corresponding OSGi services or 
passing
 appropriate configuration parameters exposing the custom implementations:
 
-- `AuthorizableActionProvider`: Defines the authorizable actions, see 
[Authorizable Actions](user/authorizableaction.html).
+- `AuthorizableActionProvider`: Defines the authorizable actions, see 
[Authorizable Actions](authorizableaction.html).
 - `AuthorizableNodeName`: Defines the generation of the authorizable node names
   in case the user management implementation stores user information in the 
repository.
-  See [Authorizable Node Name Generation](user/authorizablenodename.html).
+  See [Authorizable Node Name Generation](authorizablenodename.html).
 - `UserAuthenticationFactory`: see below
    
 #### UserAuthenticationFactory : Authenticating Users

Modified: jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/expiry.md
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/expiry.md?rev=1779195&r1=1779194&r2=1779195&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/expiry.md 
(original)
+++ jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/expiry.md Tue 
Jan 17 13:52:10 2017
@@ -162,7 +162,7 @@ will fail and the login still throw a [C
 for consumers of the exception to become aware that the credentials are
 still considered expired, and that the password was not changed due to the 
 new password having been found in the password history, the credentials object
-is fitted with an additional attribute with name [PasswordHistoryException].
+is fitted with an additional attribute with name `PasswordHistoryException`.
 
 This attribute may contain the following two values:
 
@@ -195,6 +195,5 @@ data.
 <!-- hidden references -->
 [SimpleCredentials]: 
http://www.day.com/specs/javax.jcr/javadocs/jcr-2.0/javax/jcr/SimpleCredentials.html
 [CredentialExpiredException]: 
https://docs.oracle.com/javase/7/docs/api/javax/security/auth/login/CredentialExpiredException.html
-[PasswordHistoryException]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/security/user/PasswordHistoryException.html
 [UserAuthenticationFactory]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/user/UserAuthenticationFactory.html
 [Authentication]: 
/oak/docs/apidocs/org/apache/jackrabbit/oak/spi/security/authentication/Authentication.html

Modified: 
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/groupaction.md
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/groupaction.md?rev=1779195&r1=1779194&r2=1779195&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/groupaction.md 
(original)
+++ jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/groupaction.md 
Tue Jan 17 13:52:10 2017
@@ -57,7 +57,7 @@ Oak 1.5 provides the following base impl
 
 ### Pluggability
 
-Refer to [Authorizable Actions | Pluggability 
](user/authorizableaction.html#Pluggability) for details on how to plug
+Refer to [Authorizable Actions | Pluggability 
](authorizableaction.html#Pluggability) for details on how to plug
 a new group action into the system.
 
 ### XML Import

svn commit: r1779195 - in /jackrabbit/oak/trunk/oak-doc/src/site/markdown/security: ./ accesscontrol/ authentication/ authentication/external/ authorization/ permission/ principal/ privilege/ user/

Reply via email to