FC-275 - some java doc cleanup
diff --git a/src/main/java/org/apache/directory/fortress/core/ant/Addconfig.java b/src/main/java/org/apache/directory/fortress/core/ant/Addconfig.java
index ae23a9f..1f98786 100755
--- a/src/main/java/org/apache/directory/fortress/core/ant/Addconfig.java
+++ b/src/main/java/org/apache/directory/fortress/core/ant/Addconfig.java
@@ -26,7 +26,7 @@
/**
* The class is used by {@link FortressAntTask} to load {@link ConfigAnt}s used to drive
- * {@link org.apache.directory.fortress.core.ConfigMgr#add(Configuration).
+ * {@link org.apache.directory.fortress.core.ConfigMgr#add(Configuration)}.
* It is not intended to be callable by programs outside of the Ant load utility. The class name itself maps to the xml tag
* used by load utility.
* <p>
diff --git a/src/main/java/org/apache/directory/fortress/core/model/AdminRole.java b/src/main/java/org/apache/directory/fortress/core/model/AdminRole.java
index 819ee22..0c0c06e 100755
--- a/src/main/java/org/apache/directory/fortress/core/model/AdminRole.java
+++ b/src/main/java/org/apache/directory/fortress/core/model/AdminRole.java
@@ -52,7 +52,7 @@
* <br>The unique key to locate AdminRole entity (which is subsequently assigned both to Users and administrative Permissions) is AdminRole#name.<br>
* <p>
* There is a many-to-many relationship between User's, Administrative Roles and Administrative Permissions.
- * {@link org.apache.directory.fortress.core.model.User}*<->*{@link AdminRole}*<->*{@link org.apache.directory.fortress.core.model.Permission}
+ * {@link org.apache.directory.fortress.core.model.User}*-*{@link AdminRole}*-*{@link org.apache.directory.fortress.core.model.Permission}
* Example to create new ARBAC AdminRole:
* <p>
* <code>AdminRole myRole = new AdminRole("MyRoleName");</code><br>
diff --git a/src/main/java/org/apache/directory/fortress/core/model/OrgUnit.java b/src/main/java/org/apache/directory/fortress/core/model/OrgUnit.java
index 8deaf6e..9a0514b 100755
--- a/src/main/java/org/apache/directory/fortress/core/model/OrgUnit.java
+++ b/src/main/java/org/apache/directory/fortress/core/model/OrgUnit.java
@@ -67,10 +67,10 @@
* </ol>
* <p>
* There is a Many-to-One relationship between a User and OrgUnit.
- * <h3>{@link User}*<->1 {@link OrgUnit}</h3>
+ * <h3>{@link User}*-1 {@link OrgUnit}</h3>
* <p>
* There is a Many-to-One relationship between a {@link PermObj} object and {@link OrgUnit}.
- * <h3>{@link PermObj}*<->1 {@link OrgUnit}</h3>
+ * <h3>{@link PermObj}*-1 {@link OrgUnit}</h3>
* <p>
* Example to create new ARBAC User OrgUnit:
* <p>
diff --git a/src/main/java/org/apache/directory/fortress/core/model/Permission.java b/src/main/java/org/apache/directory/fortress/core/model/Permission.java
index 96b24fe..c404907 100755
--- a/src/main/java/org/apache/directory/fortress/core/model/Permission.java
+++ b/src/main/java/org/apache/directory/fortress/core/model/Permission.java
@@ -114,7 +114,7 @@
* The object to operation pairings enable application resources to be mapped to Fortress permissions in a way that is
* natural for object oriented programming.
* </li>
- * <li>Permissions = Object {@link PermObj} 1<->* Operations {@link Permission}</li>
+ * <li>Permissions = Object {@link PermObj} 1-* Operations {@link Permission}</li>
* <li>Permissions in Fortress may also be assigned directly to {@link #users}.</li>
* <li>
* Objects {@link #objName}, Operations {@link #opName}, Roles {@link #roles}, Users {@link #users} are not case
diff --git a/src/main/java/org/apache/directory/fortress/core/model/UserAudit.java b/src/main/java/org/apache/directory/fortress/core/model/UserAudit.java
index 20a7409..c7fd33a 100755
--- a/src/main/java/org/apache/directory/fortress/core/model/UserAudit.java
+++ b/src/main/java/org/apache/directory/fortress/core/model/UserAudit.java
@@ -111,7 +111,7 @@
* <ul>
* <li>{@link org.apache.directory.fortress.core.impl.AuditMgrImpl#searchInvalidUsers(UserAudit)} maps to (org.apache.directory.fortress.core.impl.AuditDAO#REQENTRIES} == 0)
* <li>{@link org.apache.directory.fortress.core.impl.AuditMgrImpl#searchAuthZs(UserAudit)} maps to (org.apache.directory.fortress.core.impl.AuditDAO#REQENTRIES == 0)
- * <li>{@link org.apache.directory.fortress.core.impl.AuditMgrImpl#searchBinds(UserAudit)} maps to (org.apache.directory.fortress.core.impl.AuditDAO#REQRESULT >= 1)
+ * <li>{@link org.apache.directory.fortress.core.impl.AuditMgrImpl#searchBinds(UserAudit)} maps to (org.apache.directory.fortress.core.impl.AuditDAO#REQRESULT gtr than 1)
* </ul>
*
* @return boolean if true will limit search to failed events.
@@ -128,7 +128,7 @@
* <ul>
* <li>{@link org.apache.directory.fortress.core.impl.AuditMgrImpl#searchInvalidUsers(UserAudit)} maps to (org.apache.directory.fortress.core.impl.AuditDAO#REQENTRIES == 0)
* <li>{@link org.apache.directory.fortress.core.impl.AuditMgrImpl#searchAuthZs(UserAudit)} maps to (org.apache.directory.fortress.core.impl.AuditDAO#REQENTRIES == 0)
- * <li>{@link org.apache.directory.fortress.core.impl.AuditMgrImpl#searchBinds(UserAudit)} maps to (org.apache.directory.fortress.core.impl.AuditDAO#REQRESULT >= 1)
+ * <li>{@link org.apache.directory.fortress.core.impl.AuditMgrImpl#searchBinds(UserAudit)} maps to (org.apache.directory.fortress.core.impl.AuditDAO#REQRESULT gtr than or equal 1)
* </ul>
*
* @param failedOnly if boolean true search will limit to failed only.
diff --git a/src/main/java/org/apache/directory/fortress/core/package.html b/src/main/java/org/apache/directory/fortress/core/package.html
index fd59318..4a74d9c 100755
--- a/src/main/java/org/apache/directory/fortress/core/package.html
+++ b/src/main/java/org/apache/directory/fortress/core/package.html
@@ -22,11 +22,9 @@
<title>Package Documentation for org.apache.directory.fortress</title>
</head>
<body>
-<p>
This package contains public APIs that are used by Java programs to provide Access Management
functionality. The APIs are organized into categories or 'Managers'. Each manager controls a
specific area of functionality.
-
<h3>Managers</h3>
<ol>
<li>{@link org.apache.directory.fortress.core.AccessMgr} is used for RBAC runtime security checking</li>
@@ -40,7 +38,6 @@
</li>
<li>{@link org.apache.directory.fortress.core.ReviewMgr} is used to interrogate RBAC policy</li>
</ol>
-</p>
<p>
The <b>org.apache.directory.fortress</b> package provides managers, factories and exception classes that can be
thrown when
@@ -80,10 +77,10 @@
and maintenance of RBAC element sets and relations; administrative review functions for
performing administrative queries; and system functions for creating and managing
RBAC attributes on user sessions and making access control decisions.
-
<p/>
<h4>RBAC0 - Core</h4>
+<p>
Many-to-many relationship between Users, Roles and Permissions. Selective role activation into sessions. API to add,
update, delete identity data and perform identity and access control decisions during runtime operations.
<p/>
@@ -91,10 +88,10 @@
<h4>RBAC1 - General Hierarchical Roles</h4>
Simplifies role engineering tasks using inheritance of one or more parent roles.
-<p/>
<img src="./doc-files/RbacHier.png" alt="Hierarchical RBAC"/>
<h4>RBAC2 - Static Separation of Duty (SSD) Relations</h4>
+<p>
Enforce mutual membership exclusions across role assignments. Facilitate dual control policies by restricting which
roles may be assigned to users in combination. SSD provide added granularity for authorization limits which help
enterprises meet strict compliance regulations.
@@ -102,13 +99,12 @@
<img src="./doc-files/RbacSSD.png" alt="RBAC Static Separpation of Duties"/>
<h4>RBAC3 - Dynamic Separation of Duty (DSD) Relations</h4>
+<p>
Control allowed role combinations to be activated within an RBAC session. DSD policies fine tune role policies that
facilitate authorization dual control and two man policy restrictions during runtime security checks.
<p/>
<img src="./doc-files/RbacDSD.png" alt="RBAC Dynamic Separation of Duties"/>
-<p/>
-
<hr>
<h3>2. Administrative Role Based Access Control (ARBAC) description</h3>
@@ -120,8 +116,7 @@
administrative access control decisions.
<h4>ARBAC02 Diagram</h4>
<img src="./doc-files/ARbac.png" alt="ARBAC02"/>
-
-<p/>
+<p>
Fortress fully supports the Oh/Sandhu/Zhang ARBAC02 model for delegated administration.
ARBAC provides large enterprises the capability to delegate administrative authority to
users that reside outside of the security admin group.
@@ -160,13 +155,8 @@
<h4>Password Policy diagram</h4>
The following is an example of policies that can be configured. There is no limit to the number of different policies
that can be created and enforced.
-<p/>
<img src="./doc-files/PasswordPolicy.png" alt="Password Policies"/>
-<p/>
-
-<hr>
-
<h3>4. History and Audit trail using OpenLDAP</h3>
Provides an OpenLDAP access log retrieval mechanism that enables security event monitoring.
<ol>
@@ -179,9 +169,7 @@
<h4>Diagram of Audit Events</h4>
<img src="./doc-files/Audit.png" alt="Auditing"/>
-<p/>
All events include Fortress context, see {@code FortEntity}.
-<p/>
<h4>The following APIs generate events subsequently stored in this access log:</h4>
<ul>
<li> {@link org.apache.directory.fortress.core.AccessMgr}</li>
@@ -191,7 +179,6 @@
<li> {@link org.apache.directory.fortress.core.ConfigMgr}</li>
<li> {@link org.apache.directory.fortress.core.PwPolicyMgr}</li>
</ul>
-</p>
</body>
</html>
