Bug 961328 - Mistakes in Security Guide (in section 16 and Reference)
Mistakes in Security Guide (in section 16 and Reference)
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Documentation (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: GA
: EAP 6.2.0
Assigned To: Scott Mumford
Russell Dickenson
: Documentation
Depends On:
  Show dependency treegraph
Reported: 2013-05-09 08:25 EDT by Ondrej Lukas
Modified: 2014-08-14 11:25 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Instance Name: Not Defined Build: CSProcessor Builder Version 1.8 Build Name: 13944, Security Guide-6.1-1 Build Date: 19-04-2013 15:46:54
Last Closed: 2013-12-15 11:23:40 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Ondrej Lukas 2013-05-09 08:25:33 EDT
16. Authentication and Authorization
There are two duplicated parts. Part 16.1. is same as 6.3. and part 16.4. is same as 14.5., one of them should be removed. 

16.5. Java Authorization Contract for Containers (JACC)
In Example 16.2., there is three times wrong used "s:" in end tag definition, it should be removed (</security-domain> instead of </s:security-domain> etc.)

In Table A.2. Client Module Options, there is ">" in restore-login-identity option, it should be removed ("restore-login-identity" instead of ">restore-login-identity")
In Table A.6. CertificateUsers Module Options, there should be "hashCharset" instead of "hashCharSet" in options
In Table A.16. Ldap Module Options, there is in options used rolesAttributeID, rolesAttributeIsDN and rolesNameAttributeID. However, right name contain "role" instead of "roles", it should be roleAttributeID, roleAttributeIsDN and roleNameAttributeID.
In Table A.25. ConfiguredIdentity Module Options, there is option principal and it has guest as a default value, but option principal hasn't default value. It should be changed to none.
In Table A.29. PropertiesUsers Module Options, PropertiesUsersLoginModule hasn't option properties. I'm not sure, but I think it should be removed.

A.5. jboss-web.xml Configuration Reference 
There is wrong web.ml in "Many of the available settings map requirements set in the application's web.ml to local resources." It should be web.xml.
Comment 1 Scott Mumford 2013-05-29 00:13:07 EDT
The above issues have been corrected.

The corrections should be visible in the next version on the Docs stage (after revision 1.0-1)

Note: I couldn't find the problematic text in Table A.29. Is it still present?
Comment 2 Scott Mumford 2013-05-29 00:44:42 EDT
Amendment: The duplication issues have not be corrected as the problem seems to be more widespread than the instances mentioned here.

A separate bug will likely be created to deal with these duplications. A link will be posted here for QA purposes.
Comment 3 FIlip Bogyai 2013-06-19 07:23:29 EDT
Please change the status to ON_QA when fixed 6.1.1 and 6.2 documentation will be available on stage. We cannot verify changes if it isn't there.
Comment 4 Scott Mumford 2013-09-18 22:36:55 EDT
The corrections have been made and are viewable at: http://documentation-devel.engineering.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/6.2/html/Security_Guide/index.html

(the duplicate sections have not been removed as the nature of topic-based authoring means that readers may not progress linearly through the book)
Comment 5 Josef Cacek 2013-09-20 07:43:28 EDT
Verification failed:

- the duplication of sections (16.1 and 16.4) is not resolved and no link to other tracking BZ is provided

- the problem is still in table A.29:
The PropertiesUsers login module subclasses UsersRoles login module and it supports only following options: usersProperties, defaultUsersProperties

Other issues seems to be fixed.
Comment 6 Scott Mumford 2013-09-23 19:12:16 EDT
Thanks Josef

As mentioned earlier, the duplication of topics is a by-product of non-linear production/consumption practices and is not inherently problematic (only topics duplicated in obvious error need be highlighted).

Table A.29 has been removed from the document.

Moving ticket to MODIFIED pending re-stage. Will progress to ON_QA when available for review.

Note You need to log in before you can comment on or make changes to this bug.