From 22c1faa74f98ddfddbf003d259474b61ad6b9774 Mon Sep 17 00:00:00 2001 From: arjantijms Date: Thu, 11 Jul 2019 17:19:01 +0200 Subject: [PATCH 1/2] #118 Change project name to Jakarta Security Signed-off-by: arjantijms --- CONTRIBUTING.md | 2 +- README.md | 10 +++++----- pom.xml | 9 ++++++--- .../javax/security/enterprise/SecurityContext.java | 2 +- .../java/javax/security/enterprise/package-info.java | 6 +++--- 5 files changed, 16 insertions(+), 13 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 8014a05..189a1ba 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -4,7 +4,7 @@ Thanks for your interest in this project. ## Project description -The Java EE security provides a set of required security functionalities +Jakarta Security provides a set of required security functionalities including authentication, authorization, data integrity, and transport security. * https://projects.eclipse.org/projects/ee4j.es diff --git a/README.md b/README.md index f7b9587..28c966a 100644 --- a/README.md +++ b/README.md @@ -1,13 +1,13 @@ -# JSR-375 API Code Repository +# Jakarta Security -This repository contains the code for the Java EE Security API (JSR-375). +This repository contains the code for Jakarta Security. [Online JavaDoc](https://javadoc.io/doc/javax.security.enterprise/javax.security.enterprise-api/) Building -------- -JSR 375 API can be built by executing the following from the project root: +Jakarta Security can be built by executing the following from the project root: ``mvn clean package`` @@ -18,7 +18,7 @@ Making Changes To make changes, fork this repository, make your changes, and submit a pull request. -About JSR-375 +About Jakarta Security ------------- -For more information about JSR-375, see the project web site at [https://javaee.github.io/security-spec/](https://javaee.github.io/security-spec/). +For more information about Jakarta Security, see the project web site at [github.com/eclipse-ee4j/security-api](https://github.com/eclipse-ee4j/security-api). diff --git a/pom.xml b/pom.xml index 3204b6b..a080c2d 100644 --- a/pom.xml +++ b/pom.xml @@ -31,8 +31,11 @@ 1.0.2-SNAPSHOT bundle - Enterprise Security API - Security API for Java EE Applications + Jakarta Security + + Jakarta Security defines a standard for creating secure Jakarta EE applications in modern application paradigms. + It defines an overarching (end-user targeted) Security API for Jakarta EE Applications. + 2015 @@ -181,7 +184,7 @@ ${spec.implementation.version} ${spec.specification.version} - EE Security API ${spec.version} Specification + Jakarta Security ${spec.version} Specification Oracle Corporation ${project.organization.name} diff --git a/src/main/java/javax/security/enterprise/SecurityContext.java b/src/main/java/javax/security/enterprise/SecurityContext.java index bd8e471..ed31f8d 100644 --- a/src/main/java/javax/security/enterprise/SecurityContext.java +++ b/src/main/java/javax/security/enterprise/SecurityContext.java @@ -27,7 +27,7 @@ /** * The SecurityContext provides an access point for programmatic security; an injectable type that is intended to be - * used by application code to query and interact with the Java EE Security API. + * used by application code to query and interact with Jakarta Security. * *

* Unless otherwise indicated, this type must be usable in all Java EE containers, specifically the Servlet diff --git a/src/main/java/javax/security/enterprise/package-info.java b/src/main/java/javax/security/enterprise/package-info.java index b5d42e7..3b2c91c 100644 --- a/src/main/java/javax/security/enterprise/package-info.java +++ b/src/main/java/javax/security/enterprise/package-info.java @@ -15,7 +15,7 @@ */ /** - * The main Java EE Security API package. This package contains classes and interfaces that span authentication, + * The main Jakarta Security package. This package contains classes and interfaces that span authentication, * authorization and identity concerns. * *

EL Support in annotations

@@ -24,7 +24,7 @@ * *

...Definition annotations

* - * The Java EE Security API features several annotations, with names that end with Definition, + * Jakarta Security features several annotations, with names that end with Definition, * which, when used, make CDI beans available. For completeness, this concerns the following annotations: * *
    @@ -57,7 +57,7 @@ * *

    Interceptor annotations

    * - * The Java EE Security API features several annotations with attributes that denote interceptor spec interceptors. + * Jakarta Security features several annotations with attributes that denote interceptor spec interceptors. * For completeness, this concerns the following annotations: * *
      From bd2883fee9776765bd9c3ba821fa0cfb4233f254 Mon Sep 17 00:00:00 2001 From: arjantijms Date: Fri, 12 Jul 2019 00:21:57 +0200 Subject: [PATCH 2/2] #124 Prepare Jakarta Security for Jakarta EE 8 Release * Updated project name * Update acronyms * Update references to other specifications * Remove references to JCP process Signed-off-by: arjantijms --- .../enterprise/AuthenticationException.java | 7 ++- .../enterprise/AuthenticationStatus.java | 26 ++++---- .../security/enterprise/SecurityContext.java | 14 ++--- .../mechanism/http/AutoApplySession.java | 4 +- .../http/HttpAuthenticationMechanism.java | 15 ++--- .../mechanism/http/HttpMessageContext.java | 20 +++---- .../mechanism/http/LoginToContinue.java | 2 +- .../mechanism/http/RememberMe.java | 51 +++++++--------- .../credential/RememberMeCredential.java | 2 +- .../enterprise/credential/package-info.java | 4 +- .../DatabaseIdentityStoreDefinition.java | 12 ++-- .../identitystore/IdentityStore.java | 4 +- .../identitystore/IdentityStoreHandler.java | 9 +-- .../LdapIdentityStoreDefinition.java | 46 +++++++------- .../RememberMeIdentityStore.java | 2 +- .../identitystore/package-info.java | 6 +- .../security/enterprise/package-info.java | 60 ++++++++++--------- 17 files changed, 140 insertions(+), 144 deletions(-) diff --git a/src/main/java/javax/security/enterprise/AuthenticationException.java b/src/main/java/javax/security/enterprise/AuthenticationException.java index 3a45a59..eed0ec5 100644 --- a/src/main/java/javax/security/enterprise/AuthenticationException.java +++ b/src/main/java/javax/security/enterprise/AuthenticationException.java @@ -23,9 +23,10 @@ /** * A generic authentication exception. * - * This exception corresponds to the JASPIC (JSR 196) AuthException in that whenever a method - * from the {@link HttpAuthenticationMechanism} throws this exception, the JASPIC bridge - * has to throw an AuthException back to the JASPIC runtime wrapping this exception. + * This exception corresponds to the Jakarta Authentication AuthException in that whenever a + * method from the {@link HttpAuthenticationMechanism} throws this exception, the Jakarta Authentication + * bridge has to throw an AuthException back to the Jakarta Authentication runtime wrapping + * this exception. * */ public class AuthenticationException extends GeneralSecurityException { diff --git a/src/main/java/javax/security/enterprise/AuthenticationStatus.java b/src/main/java/javax/security/enterprise/AuthenticationStatus.java index 40235a8..003dcae 100644 --- a/src/main/java/javax/security/enterprise/AuthenticationStatus.java +++ b/src/main/java/javax/security/enterprise/AuthenticationStatus.java @@ -26,7 +26,7 @@ * *

      * For the result from {@link HttpAuthenticationMechanism#validateRequest(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, javax.security.enterprise.authentication.mechanism.http.HttpMessageContext)} - * an AuthenticationStatus must be transformed by the Java EE server into the corresponding JASPIC (JSR 196) AuthStatus + * an AuthenticationStatus must be transformed by the Jakarta EE server into the corresponding Jakarta Authentication AuthStatus * according to the following rules: * *

        @@ -37,13 +37,13 @@ *
      * *

      - * After the transformation as outlined above the transformed result has to be processed by the Java EE server as - * specified by the Servlet Container Profile of the JASPIC 1.1 spec (chapter 3). + * After the transformation as outlined above the transformed result has to be processed by the Jakarta EE server as + * specified by the Servlet Container Profile of the Jakarta Authentication spec. * *

      - * Implementation note: while the JASPIC Servlet Container Profile is the authoritative + * Implementation note: while the Jakarta Authentication Servlet Container Profile is the authoritative * source on how to process the AuthStatus.SUCCESS result and this specification puts no constraints - * of any kind on that, the expectation is that Java EE servers in practice will mainly look at the + * of any kind on that, the expectation is that Jakarta EE servers in practice will mainly look at the * result being AuthStatus.SUCCESS or not AuthStatus.SUCCESS. Simply said, if the result is * AuthStatus.SUCCESS the authenticated identity (if any) must be set (established) for the current HTTP request, * otherwise not. @@ -51,7 +51,7 @@ *

      * The return value of {@link SecurityContext#authenticate(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, javax.security.enterprise.authentication.mechanism.http.AuthenticationParameters)} * , which is also of type AuthenticationStatus, strongly relates to the outcome of the HttpAuthenticationMechanism#validateRequest - * method as described above, but must be transformed by the Java EE server from the corresponding outcome of the + * method as described above, but must be transformed by the Jakarta EE server from the corresponding outcome of the * {@link HttpServletRequest#authenticate(javax.servlet.http.HttpServletResponse)} call as follows: * *

        @@ -65,9 +65,9 @@ * the value returned by HttpAuthenticationMechanism#validateRequest. * *

        - * When a JASPIC ServerAuthModule (SAM) was used and an HttpAuthenticationMechanism was not used - * Java EE servers are encouraged, but not required, to set [last status] to the value returned by - * ServerAuthModule#validateRequest transformed as follows: + * When a Jakarta Authentication ServerAuthModule (SAM) was used and an HttpAuthenticationMechanism + * was not used Jakarta EE servers are encouraged, but not required, to set [last status] + * to the value returned by ServerAuthModule#validateRequest transformed as follows: * *

          *
        • AuthStatus.SEND_CONTINUE to AuthenticationStatus.SEND_CONTINUE
          • @@ -77,9 +77,9 @@ *
        * *

        - * When a Java EE Server proprietary identity store equivalent was used and an + * When a Jakarta EE Server proprietary identity store equivalent was used and an * HttpAuthenticationMechanism was not used - * Java EE servers are encouraged, but not required, to set [last status] to a value + * Jakarta EE servers are encouraged, but not required, to set [last status] to a value * that logically corresponds to the description of each enum constant of AuthenticationStatus. This outcome * should never be depended on by application code as being portable. * @@ -108,13 +108,13 @@ public enum AuthenticationStatus { /** * The authentication mechanism was called and the caller was successfully authenticated. After the - * Java EE server has processed this outcome, the caller principal is available. + * Jakarta EE server has processed this outcome, the caller principal is available. */ SUCCESS, /** * The authentication mechanism was called but the caller was not successfully authenticated and - * therefor the caller principal will not be made available. + * therefore the caller principal will not be made available. *

        * Note that this status should be used to indicate a logical problem (such as a credential not matching or a caller * ID that can not be found). Exceptions should be used for system level problems (such as a database connection timing out). diff --git a/src/main/java/javax/security/enterprise/SecurityContext.java b/src/main/java/javax/security/enterprise/SecurityContext.java index ed31f8d..d5cfde0 100644 --- a/src/main/java/javax/security/enterprise/SecurityContext.java +++ b/src/main/java/javax/security/enterprise/SecurityContext.java @@ -30,8 +30,8 @@ * used by application code to query and interact with Jakarta Security. * *

        - * Unless otherwise indicated, this type must be usable in all Java EE containers, specifically the Servlet - * and EJB containers. + * Unless otherwise indicated, this type must be usable in all Jakarta EE containers, specifically the Jakarta Servlet + * and Jakarta Enterprise Beans containers. * * */ @@ -69,14 +69,14 @@ public interface SecurityContext { * If the caller is not authenticated, this always returns false. * *

        - * This method can not be used to test for roles that are mapped to specific named Servlets or - * named EJB beans. For a Servlet an example of this would be the role-name nested in a + * This method can not be used to test for roles that are mapped to specific named Jakarta Servlets or + * named Jakarta Enterprise Beans. For a Servlet an example of this would be the role-name nested in a * security-role-ref element nested in a servlet element in web.xml. * *

        - * Should code in either such Servlet or EJB bean wish to take such mapped (aka referenced, linked) roles into - * account, the facilities for that specific container should be used instead. For instance for Servlet that would - * be {@link HttpServletRequest#isUserInRole(String)} and for EJB beans that would be + * Should code in either such Jakarta Servlet or Jakarta Enterprise Bean wish to take such mapped (aka referenced, linked) + * roles into account, the facilities for that specific container should be used instead. For instance for Servlet that + * would be {@link HttpServletRequest#isUserInRole(String)} and for Jakarta Enterprise Beans that would be * {@link SessionContext#isCallerInRole(String)}. * * diff --git a/src/main/java/javax/security/enterprise/authentication/mechanism/http/AutoApplySession.java b/src/main/java/javax/security/enterprise/authentication/mechanism/http/AutoApplySession.java index 154f39b..880ae39 100644 --- a/src/main/java/javax/security/enterprise/authentication/mechanism/http/AutoApplySession.java +++ b/src/main/java/javax/security/enterprise/authentication/mechanism/http/AutoApplySession.java @@ -32,10 +32,10 @@ * and auto applies this for every request. * *

        - * See the JASPIC 1.1 specification section 3.8.4 for further details on javax.servlet.http.registerSession. + * See the Jakarta Authentication spec for further details on javax.servlet.http.registerSession. * *

        - * This support is provided via an implementation of an interceptor spec interceptor that conducts the + * This support is provided via an implementation of a Jakarta Interceptors interceptor that conducts the * necessary logic. * *

        diff --git a/src/main/java/javax/security/enterprise/authentication/mechanism/http/HttpAuthenticationMechanism.java b/src/main/java/javax/security/enterprise/authentication/mechanism/http/HttpAuthenticationMechanism.java index 9251364..f793717 100644 --- a/src/main/java/javax/security/enterprise/authentication/mechanism/http/HttpAuthenticationMechanism.java +++ b/src/main/java/javax/security/enterprise/authentication/mechanism/http/HttpAuthenticationMechanism.java @@ -32,17 +32,18 @@ * credentials in some way, using the HTTP protocol where necessary. * *

        - * This is used to help in securing Servlet endpoints, including - * endpoints that may be build on top of Servlet like JAX-RS endpoints and JSF views. - * It specifically is not used for endpoints such as remote EJB beans or (JMS) message driven beans. + * This is used to help in securing Jakarta Servlet endpoints, including + * endpoints that may be build on top of Jakarta Servlets like Jakarta RESTful Web Services endpoints and + * Jakarta Faces views. It specifically is not used for endpoints such as remote Jakarta Enterprise Beans + * or (Jakarta Messaging) message driven beans. * *

        - * A HttpAuthenticationMechanism is essentially a Servlet specific and CDI enabled version of - * the {@link ServerAuthModule} that adheres to the Servlet Container Profile. See the JASPIC spec for further - * details on this. + * A HttpAuthenticationMechanism is essentially a Jakarta Servlet specific and CDI enabled version of + * the {@link ServerAuthModule} that adheres to the Servlet Container Profile. See the Jakarta Authentication spec for + * further details on this. * *

        - * Implementations of this class can notify the Servlet container about a successful authentication by using the + * Implementations of this class can notify the Jakarta Servlet container about a successful authentication by using the * {@link HttpMessageContext#notifyContainerAboutLogin(java.security.Principal, java.util.Set)} method. * *

        diff --git a/src/main/java/javax/security/enterprise/authentication/mechanism/http/HttpMessageContext.java b/src/main/java/javax/security/enterprise/authentication/mechanism/http/HttpMessageContext.java index 133cd75..7b57368 100644 --- a/src/main/java/javax/security/enterprise/authentication/mechanism/http/HttpMessageContext.java +++ b/src/main/java/javax/security/enterprise/authentication/mechanism/http/HttpMessageContext.java @@ -39,9 +39,9 @@ public interface HttpMessageContext { /** - * Checks if the currently requested resource is protected or not. A protected resource - * is a resource (e.g. a Servlet, JSF page, JSP page etc) for which a constraint has been defined - * in e.g. web.xml. + * Checks if the currently requested resource is protected or not. A protected resource is a resource (e.g. a Jakarta + * Servlet, Jakarta Faces page, Jakarta Server Pages page etc) for which a constraint has been defined in e.g. + * web.xml. * * @return true if a protected resource was requested, false if a public resource was requested. */ @@ -79,8 +79,8 @@ public interface HttpMessageContext { * Convenience method to clean the subject associated with this context. * *

        - * Cleaning this subject is done as defined by the Servlet Container Profile of JASPIC - * (JSR 196) for the ServerAuthModule#cleanSubject method and the + * Cleaning this subject is done as defined by the Servlet Container Profile of Jakarta Authentication + * for the ServerAuthModule#cleanSubject method and the * {@link HttpAuthenticationMechanism#cleanSubject(HttpServletRequest, HttpServletResponse, HttpMessageContext)} * method defined by this specification. */ @@ -94,8 +94,8 @@ public interface HttpMessageContext { AuthenticationParameters getAuthParameters(); /** - * Returns the low level JSR 196 handler that the runtime provided when creating this {@link HttpMessageContext}, - * and which this context uses to communicate the authentication details to the runtime. + * Returns the low level Jakarta Authentication handler that the runtime provided when creating this + * {@link HttpMessageContext}, and which this context uses to communicate the authentication details to the runtime. * *

        * Note: This is a low level object that most higher level code would not need to use directly. @@ -105,7 +105,7 @@ public interface HttpMessageContext { CallbackHandler getHandler(); /** - * Returns the the low level JSR 196 message info instance for the current request. + * Returns the the low level Jakarta Authentication message info instance for the current request. * *

        * Note: This is a low level object that most higher level code would not need to use directly. @@ -179,7 +179,7 @@ public interface HttpMessageContext { AuthenticationStatus redirect(String location); /** - * Forwards to another resource (servlet, JSP file, or HTML file) on the server. + * Forwards to another resource (Jakarta Servlet, Jakarta Server Pages file, or HTML file) on the server. * *

        * As a convenience this method returns SEND_CONTINUE, so this method can be used in @@ -297,7 +297,7 @@ public interface HttpMessageContext { * Instructs the container to "do nothing". * *

        - * When intending to do nothing, a JSR 375 authentication mechanism has to indicate this + * When intending to do nothing, a Jakarta Security authentication mechanism has to indicate this * explicitly via its return value. * *

        diff --git a/src/main/java/javax/security/enterprise/authentication/mechanism/http/LoginToContinue.java b/src/main/java/javax/security/enterprise/authentication/mechanism/http/LoginToContinue.java index 5eeb9fb..1223d4c 100644 --- a/src/main/java/javax/security/enterprise/authentication/mechanism/http/LoginToContinue.java +++ b/src/main/java/javax/security/enterprise/authentication/mechanism/http/LoginToContinue.java @@ -157,7 +157,7 @@ public String errorPage() { boolean useForwardToLogin() default true; /** - * EL expression variant of useForwardToLogin(). + * Jakarta Expression Language expression variant of useForwardToLogin(). * The expression needs to evaluate to a boolean outcome. All named CDI beans are available * to the expression. If both this attribute and useForwardToLogin() are specified, this * attribute take precedence. diff --git a/src/main/java/javax/security/enterprise/authentication/mechanism/http/RememberMe.java b/src/main/java/javax/security/enterprise/authentication/mechanism/http/RememberMe.java index 185845c..95eec55 100644 --- a/src/main/java/javax/security/enterprise/authentication/mechanism/http/RememberMe.java +++ b/src/main/java/javax/security/enterprise/authentication/mechanism/http/RememberMe.java @@ -67,7 +67,7 @@ * * *

        - * EL expressions in attributes of type String are evaluated for every request requiring + * Jakarta Expression Language expressions in attributes of type String are evaluated for every request requiring * authentication. Both immediate and deferred syntax is supported, but effectively the semantics * are always deferred. * @@ -263,13 +263,11 @@ public String isRememberMeExpression() { int cookieMaxAgeSeconds() default 86400; // 1 day /** - * EL expression variant of cookieMaxAgeSeconds(). - * The expression needs to evaluate to an integer outcome. All named CDI beans are available to the expression - * as well as default classes as specified by EL 3.0 for the {@link ELProcessor} - * and the implicit objects "self" which refers to the interceptor target and - * "httpMessageContext" which refers to the current {@link HttpMessageContext}. - * If both this attribute and cookieMaxAgeSeconds() are specified, this - * attribute takes precedence. + * Jakarta Expression Language expression variant of cookieMaxAgeSeconds(). The expression needs to + * evaluate to an integer outcome. All named CDI beans are available to the expression as well as default classes as + * specified by Jakarta Expression Language 3.0 for the {@link ELProcessor} and the implicit objects "self" which refers + * to the interceptor target and "httpMessageContext" which refers to the current {@link HttpMessageContext}. If both + * this attribute and cookieMaxAgeSeconds() are specified, this attribute takes precedence. * * @return an expression evaluating to an integer designating the max age in seconds for the remember me cookie. */ @@ -289,13 +287,11 @@ public String isRememberMeExpression() { boolean cookieSecureOnly() default true; /** - * EL expression variant of cookieSecureOnly(). - * The expression needs to evaluate to a boolean outcome. All named CDI beans are available to the expression - * as well as default classes as specified by EL 3.0 for the {@link ELProcessor} - * and the implicit objects "self" which refers to the interceptor target and - * "httpMessageContext" which refers to the current {@link HttpMessageContext}. - * If both this attribute and cookieSecureOnly() are specified, this - * attribute takes precedence. + * Jakarta Expression Language expression variant of cookieSecureOnly(). The expression needs to evaluate + * to a boolean outcome. All named CDI beans are available to the expression as well as default classes as specified by + * Jakarta Expression Language 3.0 for the {@link ELProcessor} and the implicit objects "self" which refers to the + * interceptor target and "httpMessageContext" which refers to the current {@link HttpMessageContext}. If both this + * attribute and cookieSecureOnly() are specified, this attribute takes precedence. * * @return an expression evaluating to an integer designating the max age in seconds for the remember me cookie. */ @@ -315,13 +311,11 @@ public String isRememberMeExpression() { boolean cookieHttpOnly() default true; /** - * EL expression variant of cookieHttpOnly(). - * The expression needs to evaluate to a boolean outcome. All named CDI beans are available to the expression - * as well as default classes as specified by EL 3.0 for the {@link ELProcessor} - * and the implicit objects "self" which refers to the interceptor target and - * "httpMessageContext" which refers to the current {@link HttpMessageContext}. - * If both this attribute and cookieHttpOnly() are specified, this - * attribute takes precedence. + * Jakarta Expression Language expression variant of cookieHttpOnly(). The expression needs to evaluate to + * a boolean outcome. All named CDI beans are available to the expression as well as default classes as specified by + * Jakarta Expression Language 3.0 for the {@link ELProcessor} and the implicit objects "self" which refers to the + * interceptor target and "httpMessageContext" which refers to the current {@link HttpMessageContext}. If both this + * attribute and cookieHttpOnly() are specified, this attribute takes precedence. * * @return an expression evaluating to true if the cookie should be sent only with HTTP requests , false otherwise. */ @@ -347,14 +341,13 @@ public String isRememberMeExpression() { boolean isRememberMe() default true; /** - * EL expression to determine if remember me should be used. This is evaluated - * for every request requiring authentication. The expression needs to evaluate - * to a boolean outcome. All named CDI beans are available to the expression - * as well as default classes as specified by EL 3.0 for the {@link ELProcessor} - * and the implicit objects "self" which refers to the interceptor target and - * "httpMessageContext" which refers to the current {@link HttpMessageContext}. + * Jakarta Expression Language expression to determine if remember me should be used. This is evaluated for every + * request requiring authentication. The expression needs to evaluate to a boolean outcome. All named CDI beans are + * available to the expression as well as default classes as specified by Jakarta Expression Language 3.0 for the + * {@link ELProcessor} and the implicit objects "self" which refers to the interceptor target and "httpMessageContext" + * which refers to the current {@link HttpMessageContext}. * - * @return EL expression to determine if remember me should be used + * @return Jakarta Expression Language expression to determine if remember me should be used * */ @Nonbinding diff --git a/src/main/java/javax/security/enterprise/credential/RememberMeCredential.java b/src/main/java/javax/security/enterprise/credential/RememberMeCredential.java index 40ab71b..e23195a 100644 --- a/src/main/java/javax/security/enterprise/credential/RememberMeCredential.java +++ b/src/main/java/javax/security/enterprise/credential/RememberMeCredential.java @@ -18,7 +18,7 @@ /** * RememberMeCredential represents a credential presented as a token, - * for the explicit usage with the JSR 375 provided remember me function. + * for the explicit usage with the Jakarta Security provided remember me function. * */ public class RememberMeCredential implements Credential { diff --git a/src/main/java/javax/security/enterprise/credential/package-info.java b/src/main/java/javax/security/enterprise/credential/package-info.java index eea7a43..d92cfc7 100644 --- a/src/main/java/javax/security/enterprise/credential/package-info.java +++ b/src/main/java/javax/security/enterprise/credential/package-info.java @@ -15,8 +15,8 @@ */ /** - * The Identity Store Credential API package. This package - * contains classes and interfaces associated with submitting credentials. + * The Identity Store Credential API package. This package contains classes and + * interfaces associated with submitting credentials. * * @version 1.0 */ diff --git a/src/main/java/javax/security/enterprise/identitystore/DatabaseIdentityStoreDefinition.java b/src/main/java/javax/security/enterprise/identitystore/DatabaseIdentityStoreDefinition.java index 808ea7b..551c11a 100644 --- a/src/main/java/javax/security/enterprise/identitystore/DatabaseIdentityStoreDefinition.java +++ b/src/main/java/javax/security/enterprise/identitystore/DatabaseIdentityStoreDefinition.java @@ -117,7 +117,7 @@ * Algorithm.param2=32 * *

        - * This attribute supports immediate EL expressions (${} syntax) for both the + * This attribute supports immediate Jakarta Expression Language expressions (${} syntax) for both the * parameterValue as well as for a full array element. If an EL * expression is used for a full array element, the expression must evaluate * to either a single string, a string array or a string {@link Stream} where @@ -135,10 +135,10 @@ int priority() default 70; /** - * Allow priority to be specified as an EL expression. - * If set, overrides any value set with priority. + * Allow priority to be specified as a Jakarta Expression Language expression. + * If set, overrides any value set with priority. * - * @return the priority EL expression + * @return the priority Jakarta Expression Language expression */ String priorityExpression() default ""; @@ -150,10 +150,10 @@ ValidationType[] useFor() default {VALIDATE, PROVIDE_GROUPS}; /** - * Allow useFor to be specified as an EL expression. + * Allow useFor to be specified as an Jakarta Expression Language expression. * If set, overrides any value set with useFor. * - * @return the useFor EL expression + * @return the useFor Jakarta Expression Language expression */ String useForExpression() default ""; diff --git a/src/main/java/javax/security/enterprise/identitystore/IdentityStore.java b/src/main/java/javax/security/enterprise/identitystore/IdentityStore.java index 2ecdb10..487058c 100644 --- a/src/main/java/javax/security/enterprise/identitystore/IdentityStore.java +++ b/src/main/java/javax/security/enterprise/identitystore/IdentityStore.java @@ -34,8 +34,8 @@ /** * IdentityStore is a mechanism for validating a caller's credentials * and accessing a caller's identity attributes. It can be used by an - * authentication mechanism, such as a JSR 375 {@link HttpAuthenticationMechanism} - * or a JSR 196 (JASPIC) {@link ServerAuthModule}. + * authentication mechanism, such as a Jakarta Security {@link HttpAuthenticationMechanism} + * or a Jakarta Authentication {@link ServerAuthModule}. *

        * Stores which do only validation or only group lookup are allowed. *

        diff --git a/src/main/java/javax/security/enterprise/identitystore/IdentityStoreHandler.java b/src/main/java/javax/security/enterprise/identitystore/IdentityStoreHandler.java index 131df4b..52448f4 100644 --- a/src/main/java/javax/security/enterprise/identitystore/IdentityStoreHandler.java +++ b/src/main/java/javax/security/enterprise/identitystore/IdentityStoreHandler.java @@ -26,14 +26,15 @@ * a set of one or more {@link IdentityStore}s. *

        * It is intended for use by an authentication mechanism, such as an - * {@link HttpAuthenticationMechanism} (JSR 375) or a {@link ServerAuthModule} - * (JSR 196/JASPIC). + * {@link HttpAuthenticationMechanism} (Jakarta Security) or a {@link ServerAuthModule} + * (Jakarta Authentication). *

        * Beans should inject only this handler, and not {@link IdentityStore} * directly, as multiple stores may exist. *

        - * Implementations of JSR 375 must supply a default implementation of {@code IdentityStoreHandler} - * that behaves as described in the JSR 375 specification document. + * Implementations of Jakarta Security must supply a default implementation of + * {@code IdentityStoreHandler} that behaves as described in the Jakarta Security + * specification document. * Applications do not need to supply an {@code IdentityStoreHandler} * unless application-specific behavior is desired. */ diff --git a/src/main/java/javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.java b/src/main/java/javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.java index c7b20f6..bfc30be 100644 --- a/src/main/java/javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.java +++ b/src/main/java/javax/security/enterprise/identitystore/LdapIdentityStoreDefinition.java @@ -63,7 +63,7 @@ enum LdapSearchScope { ONE_LEVEL, SUBTREE } *

        * This user needs search permission in the LDAP for persons and/or groups. *

        - * E.g.: uid=ldap,ou=apps,dc=jsr375,dc=net + * E.g.: uid=ldap,ou=apps,dc=eclipse,dc=net * * @return The distinguished name for the application user. */ @@ -79,7 +79,7 @@ enum LdapSearchScope { ONE_LEVEL, SUBTREE } /** * Base distinguished name for callers in the LDAP store - * (e.g., "ou=caller,dc=jsr375,dc=net"). + * (e.g., "ou=caller,dc=eclipse,dc=net"). *

        * When this member value is specified, and callerSearchBase is not, direct binding is attempted. *

        @@ -105,7 +105,7 @@ enum LdapSearchScope { ONE_LEVEL, SUBTREE } * The following gives an example in ldif format: * 

              * 
-     * dn: uid=peter,ou=caller,dc=jsr375,dc=net
+     * dn: uid=peter,ou=caller,dc=eclipse,dc=net
      * objectclass: top
      * objectclass: uidObject
      * objectclass: person
@@ -122,7 +122,7 @@ enum LdapSearchScope { ONE_LEVEL, SUBTREE }
 
     /**
      * Search base for looking up callers
-     * (e.g., "ou=caller,dc=jsr375,dc=net").
+     * (e.g., "ou=caller,dc=eclipse,dc=net").
      * 
        
      * Overrides callerBaseDn, if configured, causing caller search
      * to be used instead of direct binding.
@@ -150,16 +150,16 @@ enum LdapSearchScope { ONE_LEVEL, SUBTREE }
     LdapSearchScope callerSearchScope() default LdapSearchScope.SUBTREE;
 
     /**
-     * Allow callerSearchScope to be specified as an EL expression.
+     * Allow callerSearchScope to be specified as a Jakarta Expression Language expression.
      * If set, overrides any value set with callerSearchScope.
      * 
-     * @return the callerSearchScope EL expression
+     * @return the callerSearchScope Jakarta Expression Language expression
      */
     String callerSearchScopeExpression() default "";
 
     /**
      * Search base for looking up groups
-     * (e.g., "ou=group,dc=jsr375,dc=net").
+     * (e.g., "ou=group,dc=eclipse,dc=net").
      * 
        
      * Needed only for a store that performs group lookup.
      * Requires that the bindDn member be filled in.
@@ -186,10 +186,10 @@ enum LdapSearchScope { ONE_LEVEL, SUBTREE }
     LdapSearchScope groupSearchScope() default LdapSearchScope.SUBTREE;
 
     /**
-     * Allow groupSearchScope to be specified as an EL expression.
+     * Allow groupSearchScope to be specified as a Jakarta Expression Language expression.
      * If set, overrides any value set with groupSearchScope.
      * 
-     * @return the groupSearchScope EL expression
+     * @return the groupSearchScope Jakarta Expression Language expression
      */
     String groupSearchScopeExpression() default "";
 
@@ -210,12 +210,12 @@ enum LdapSearchScope { ONE_LEVEL, SUBTREE }
      * entry in ldif format:
      * 
              * 
-     * dn: cn=foo,ou=group,dc=jsr375,dc=net
+     * dn: cn=foo,ou=group,dc=eclipse,dc=net
      * objectclass: top
      * objectclass: groupOfNames
      * cn: foo
-     * member: uid=pete,ou=caller,dc=jsr375,dc=net
-     * member: uid=john,ou=caller,dc=jsr375,dc=net
+     * member: uid=pete,ou=caller,dc=eclipse,dc=net
+     * member: uid=john,ou=caller,dc=eclipse,dc=net
      * 
      * 
        
      *
@@ -240,14 +240,14 @@ enum LdapSearchScope { ONE_LEVEL, SUBTREE }
      * entry in ldif format:
      * 
              * 
-     * dn: uid=peter,ou=caller,dc=jsr375,dc=net
+     * dn: uid=peter,ou=caller,dc=eclipse,dc=net
      * objectclass: top
      * objectclass: uidObject
      * objectclass: person
      * uid: peter
      * cn: Peter Smith
-     * memberOf: cn=foo,ou=group,dc=jsr375,dc=net
-     * memberOf: cn=bar,ou=group,dc=jsr375,dc=net
+     * memberOf: cn=foo,ou=group,dc=eclipse,dc=net
+     * memberOf: cn=bar,ou=group,dc=eclipse,dc=net
      * 
      * 
        
      *
@@ -268,10 +268,10 @@ enum LdapSearchScope { ONE_LEVEL, SUBTREE }
     int readTimeout() default 0;
 
     /**
-     * Allow readTimeout to be specified as an EL expression.
+     * Allow readTimeout to be specified as an Jakarta Expression Language expression.
      * If set, overrides any value set with readTimeout.
      * 
-     * @return The readTimeout EL expression
+     * @return The readTimeout Jakarta Expression Language expression
      */
     String readTimeoutExpression() default "";
 
@@ -292,10 +292,10 @@ enum LdapSearchScope { ONE_LEVEL, SUBTREE }
     int maxResults() default 1000;
 
     /**
-     * Allow maxResults to be specified as an EL expression.
+     * Allow maxResults to be specified as Jakarta Expression Language expression.
      * If set, overrides any value set with maxResults.
      * 
-     * @return The maxResults EL expression
+     * @return The maxResults Jakarta Expression Language expression
      */
     String maxResultsExpression() default "";
 
@@ -306,10 +306,10 @@ enum LdapSearchScope { ONE_LEVEL, SUBTREE }
     int priority() default 80;
 
     /**
-     * Allow priority to be specified as an EL expression.
+     * Allow priority to be specified as a Jakarta Expression Language expression.
      * If set, overrides any value set with priority.
      * 
-     * @return The priority EL expression
+     * @return The priority Jakarta Expression Language expression
      */
     String priorityExpression() default "";
 
@@ -321,10 +321,10 @@ enum LdapSearchScope { ONE_LEVEL, SUBTREE }
     ValidationType[] useFor() default {VALIDATE, PROVIDE_GROUPS};
 
     /**
-     * Allow useFor to be specified as an EL expression.
+     * Allow useFor to be specified as a Jakarta Expression Language expression.
      * If set, overrides any value set with useFor.
      * 
-     * @return The useFor EL expression
+     * @return The useFor Jakarta Expression Language expression
      */
     String useForExpression() default "";
 
diff --git a/src/main/java/javax/security/enterprise/identitystore/RememberMeIdentityStore.java b/src/main/java/javax/security/enterprise/identitystore/RememberMeIdentityStore.java
index 3aeb285..9025fe7 100644
--- a/src/main/java/javax/security/enterprise/identitystore/RememberMeIdentityStore.java
+++ b/src/main/java/javax/security/enterprise/identitystore/RememberMeIdentityStore.java
@@ -31,7 +31,7 @@
  * 
  * 
        
  * This is not intended to be directly used by an authentication mechanism such as 
- * the JSR 375 {@link HttpAuthenticationMechanism} or the JSR 196 (JASPIC) 
+ * the Jakarta Security {@link HttpAuthenticationMechanism} or the Jakarta Authentication 
  * {@link ServerAuthModule}. Instead, the interceptor implementation backing the 
  * {@link RememberMe} annotation is intended to use this. 
  * 
diff --git a/src/main/java/javax/security/enterprise/identitystore/package-info.java b/src/main/java/javax/security/enterprise/identitystore/package-info.java
index 111a4cd..c7dcb4a 100644
--- a/src/main/java/javax/security/enterprise/identitystore/package-info.java
+++ b/src/main/java/javax/security/enterprise/identitystore/package-info.java
@@ -15,10 +15,8 @@
  */
 
 /**
- * The identity store API package. This package
- * contains classes and interfaces associated with the
- * identity store, which validate a Caller's
- * credentials and access a Caller's identity attributes.
+ * The identity store API package. This package contains classes and interfaces associated with the identity store,
+ * which validate a Caller's credentials and access a Caller's identity attributes.
  *
  * @version 1.0
  */
diff --git a/src/main/java/javax/security/enterprise/package-info.java b/src/main/java/javax/security/enterprise/package-info.java
index 3b2c91c..27e4070 100644
--- a/src/main/java/javax/security/enterprise/package-info.java
+++ b/src/main/java/javax/security/enterprise/package-info.java
@@ -15,50 +15,52 @@
  */
 
 /**
- * The main Jakarta Security package. This package contains classes and interfaces that span authentication, 
+ * The main Jakarta Security package. This package contains classes and interfaces that span authentication,
  * authorization and identity concerns.
  * 
  * 
        EL Support in annotations
        
  * 
- * This specification supports the use of expression language 3.0 in annotations. This is described in more detail below:
+ * This specification supports the use of expression language 3.0 in annotations. This is described in more detail
+ * below:
  * 
  * 
        ...Definition annotations
        
  * 
- * Jakarta Security features several annotations, with names that end with Definition,
- * which, when used, make CDI beans available. For completeness, this concerns the following annotations:
+ * Jakarta Security features several annotations, with names that end with Definition, which, when used,
+ * make CDI beans available. For completeness, this concerns the following annotations:
  * 
- *  
          
- *  
        • {@link javax.security.enterprise.identitystore.DatabaseIdentityStoreDefinition}
          • 
- *  
        • {@link javax.security.enterprise.identitystore.LdapIdentityStoreDefinition}
          • 
- *  
        • {@link javax.security.enterprise.authentication.mechanism.http.BasicAuthenticationMechanismDefinition}
          • 
- *  
        • {@link javax.security.enterprise.authentication.mechanism.http.CustomFormAuthenticationMechanismDefinition}
          • 
- *  
        • {@link javax.security.enterprise.authentication.mechanism.http.FormAuthenticationMechanismDefinition}
          • 
- *  
        
- *  
- * For all attributes of type String on these annotations, Expression Language 3.0 expressions can be used.
- * All named CDI beans are available to that expression, as well as the default classes as specified by EL 3.0 for the
- * {@link ELProcessor}.
+ * 
          
+ * 
        • {@link javax.security.enterprise.identitystore.DatabaseIdentityStoreDefinition}
          • 
+ * 
        • {@link javax.security.enterprise.identitystore.LdapIdentityStoreDefinition}
          • 
+ * 
        • {@link javax.security.enterprise.authentication.mechanism.http.BasicAuthenticationMechanismDefinition}
          • 
+ * 
        • {@link javax.security.enterprise.authentication.mechanism.http.CustomFormAuthenticationMechanismDefinition}
          • 
+ * 
        • {@link javax.security.enterprise.authentication.mechanism.http.FormAuthenticationMechanismDefinition}
          • 
+ * 
        
+ * 
+ * For all attributes of type String on these annotations, Jakarta Expression Language 3.0 expressions can
+ * be used. All named CDI beans are available to that expression, as well as the default classes as specified by
+ * Expression Language 3.0 for the {@link ELProcessor}.
  * 
  * 
        
  * Expressions can be either immediate (${} syntax), or deferred (#{} syntax). Immediate
- * expressions are evaluated once when the bean instance corresponding to the "...Definition" annotation is actually created. 
- * Since such beans are application scoped, that means once for the entire application. Deferred expressions are evaluated in
- * each request where the security runtime needs to use the value of these attributes.
+ * expressions are evaluated once when the bean instance corresponding to the "...Definition" annotation is actually
+ * created. Since such beans are application scoped, that means once for the entire application. Deferred expressions
+ * are evaluated in each request where the security runtime needs to use the value of these attributes.
  * 
  * 
        
- * Attributes that are documented as being EL alternatives to non-String type
- * attributes (attributes for which the name ends with Expression, hereafter called EL alternative attribute)
- * MUST evaluate to the same type as the attribute they are an alternative to. If the EL alternative attribute has a
- * non empty value, it takes precedence over the attribute which it is an alternative to.
+ * Attributes that are documented as being Expression Language alternatives to non-String type attributes
+ * (attributes for which the name ends with Expression, hereafter called Expression alternative attribute) MUST
+ * evaluate to the same type as the attribute they are an alternative to. If the Expression alternative attribute has a non
+ * empty value, it takes precedence over the attribute which it is an alternative to.
  * 
  * 
        
- * The EL alternative attribute MUST contain a valid EL expression. Attributes of type string that are not EL alternative
- * attributes can contain either an expression or a string value that is not an expression.
+ * The Expression alternative attribute MUST contain a valid Expression Language expression. Attributes of type
+ * string that are not Expression alternative attributes can contain either an expression or a string value
+ * that is not an expression.
  * 
- * 
        Interceptor annotations
        
+ * 
        Jakarta Interceptors annotations
        
  * 
- * Jakarta Security features several annotations with attributes that denote interceptor spec interceptors. 
- * For completeness, this concerns the following annotations:
+ * Jakarta Security features several annotations with attributes that denote Jakarta Interceptors. For completeness,
+ * this concerns the following annotations:
  * 
  * 
          
  * 
        • {@link javax.security.enterprise.authentication.mechanism.http.LoginToContinue}
          • 
@@ -66,8 +68,8 @@
  * 
        
  * 
  * 
        
- * Expression language is supported for these annotations as well, but in a slightly different way.
- * See the javadoc of both these annotations for how the expression language support differs.
+ * Expression Language is supported for these annotations as well, but in a slightly different way. See the javadoc of
+ * both these annotations for how the expression language support differs.
  *
  * @version 1.0
  */