Spring Security
  1. Spring Security
  2. SEC-1122

Incorrect description of AuthorityGranter/JaasAuthenticationProvider actions

    Details

    • Type: Task Task
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 2.0.4
    • Fix Version/s: 3.0.0 M1
    • Component/s: Docs and Website
    • Labels:
      None

      Description

      In section 15.2.2. JAAS AuthorityGranter of the Spring Security Reference Documentation 2.0.x:

      Where it is:
      An AuthorityGranter is responsible for inspecting a JAAS principal and returning a String. The JaasAuthenticationProvider then creates a JaasGrantedAuthority (which implements Spring Security's GrantedAuthority interface) containing both the AuthorityGranter-returned String and the JAAS principal that the AuthorityGranter was passed.

      It should be:
      An AuthorityGranter is responsible for inspecting a JAAS principal and returning a set of Strings each one representing the name of a role assigned to the JAAS principal. For each role, the JaasAuthenticationProvider then creates a JaasGrantedAuthority (which implements Spring Security's GrantedAuthority interface) containing both the AuthorityGranter-returned role name and the JAAS principal that the AuthorityGranter was passed.

        Activity

        Hide
        Luke Taylor added a comment -

        Thanks for the report. I've changed the docs, without the direct reference to "roles", as the authority strings don't necessarily have to represent roles.

        Show
        Luke Taylor added a comment - Thanks for the report. I've changed the docs, without the direct reference to "roles", as the authority strings don't necessarily have to represent roles.

          People

          • Assignee:
            Luke Taylor
            Reporter:
            José Santos
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: