Bug 1252397

Summary: [QE] Remove needless technical details from LdapExtended login module
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Ondrej Lukas <olukas>
Component: DocumentationAssignee: Zach Rhoads <zrhoads>
Status: CLOSED CURRENTRELEASE QA Contact: Ondrej Lukas <olukas>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 6.4.0CC: dmichael, eap-docs
Target Milestone: post-GAKeywords: Documentation, Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
URL: https://access.stage.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-6.4/login-module-reference
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-10-20 12:48:18 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1233012    

Description Ondrej Lukas 2015-08-11 10:24:16 UTC 
Book: Login Module Reference
Revision: n_1575841_login-module-reference_version_6.4_edition_1.0_release_0-revision_6701191
Section: LOGIN MODULES WITH EXTERNAL IDENTITY STORE

Issue description:
The authentication step 2 contains needless technical details in section about LdapExtended login module: 
"The resulting user DN is authenticated by binding to the LDAP server using the user DN as the InitialLdapContext environment Context.SECURITY_PRINCIPAL. The Context.SECURITY_CREDENTIALS property is set to the String password obtained by the callback handler."

The LDAP bind mechanism behind the step 2 is the same as for the step 1, only the usename and password come from different source.

This should be rewritten to simpler readable form. Just mention that authentication happens via resulting user DN and String password obtained by the callback handler.

Suggestions for improvement:
Replace the step 2. with something like:
"The resulting user DN is authenticated by binding to the LDAP server using the user DN as a principal name and the password obtainded by the callback handler as the principal's credentials."
Comment 3 Ondrej Lukas 2015-08-21 07:56:16 UTC 
Verified in revision "n_1601531_login-module-reference_version_6.4_edition_1.0_release_0-revision_6805721" of https://access.stage.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-6.4/login-module-reference