Description

    This is followup on JBEAP-13445 fix.

    Book: development_guide
    Section:15.2. Configure Java Authorization Contract for Containers (JACC) Security:

    1.

    After this fix these commands are not valid anymore:

    /subsystem=elytron/policy=jacc:add(jacc-policy=[{name=jacc}])
    /subsystem=elytron/policy=policy-provider-a:add(custom-policy=[{name=policy-provider-a, class-name=MyPolicyProviderA, module=x.y.z}])
    

    And shuld be now

    /subsystem=elytron/policy=jacc:add(jacc-policy={})
    /subsystem=elytron/policy=policy-provider-a:add(custom-policy={class-name=MyPolicyProviderA, module=x.y.z})
    

    2.
    As default-policy is now deprecated and ignored, I suggest remove this paragraph:

    "The elytron subsystem provides a specific resource definition that can be used to configure a default Java policy provider. The subsystem allows you to define multiple policy providers but select a single one as the default:"

    After this fix only one of custom-policy and jacc-policy can be configured. Not both in one moment.

    3. default-policy is referenced also in A.3. Policy Provider Properties, which is also not true anymore
    "The name of a default policy provider. If this is not specified then the name of the resource will be used. "

    In model description we have
    "deprecated" =>

    { "since" => "1.2.0", "reason" => "The 'default-policy' attribute is ignored, as a policy resource should be configured with only one policy." }

    ,

    Attachments

      Issue Links

        Activity

          People

            rhn-engineering-nchaudha Nidhi Chaudhary
            mchoma@redhat.com Martin Choma
            Martin Choma Martin Choma
            Martin Choma Martin Choma
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: