Google Git
Sign in
apache / directory-fortress-enmasse / 32329996c0422aa3571a20ecabb7361a8e837d51^! / .
commit32329996c0422aa3571a20ecabb7361a8e837d51[log] [tgz]
authorShawn McKinney <smckinney@apache.org>Wed Apr 24 11:06:59 2019 -0500
committerShawn McKinney <smckinney@apache.org>Wed Apr 24 11:06:59 2019 -0500
treec210f54be481db224a557a8361544fb9ee607cf3
parent1da709e29d9fa52d0bfbe22570a436af9a119271 [diff]
describe the policy load files

diff --git a/README-SECURITY-MODEL.md b/README-SECURITY-MODEL.md
index abb5bae..bdbad1d 100644
--- a/README-SECURITY-MODEL.md
+++ b/README-SECURITY-MODEL.md

@@ -139,15 +139,15 @@
 ## 5. Java EE security and Apache CXF *SimpleAuthorizingInterceptor* policy load
 
  a. The policy load file in this section performs the following:
-  * Creates an RBAC role, *fortress-rest-user* for Java EE simple role check (described earlier). See [web.xml](src/main/webapp/WEB-INF/web.xml).
-  * Create the roles for corresponding Apache CXF **SimpleAuthorizingInterceptor** checks (also described earlier). See [FortressInterceptor](src/main/java/org/apache/directory/fortress/rest/FortressInterceptor.java).
+  * Creates an RBAC Role, *fortress-rest-user* for Java EE simple role check (described earlier). See [web.xml](src/main/webapp/WEB-INF/web.xml).
+  * Create the RBAC Role forcorresponding Apache CXF **SimpleAuthorizingInterceptor** checks (also described earlier). See [FortressInterceptor](src/main/java/org/apache/directory/fortress/rest/FortressInterceptor.java).
     * For example...
-    * Users assigned to *fortress-rest-admin-user* have access to every RBAC admin service.
-    * "        "        *fortress-rest-review-user* have access to every RBAC review services.
+    * Users assigned to *fortress-rest-admin-user* have access to every RBAC admin service. e.g. addUser, addRole, addPermission
+    * "        "        *fortress-rest-review-user* have access to every RBAC review services. e.g. readUser, readRole, readPermission
     * "        "        *fortress-rest-deladmin-user* have access to every ARBAC admin services.
     * etc...
   * Create an RBAC Role, *fortress-rest-power-user*, and make it the child of every other RBAC role.
-    * Users assigned to this role have access to every service.
+    * Users assigned to this Role have access to every service.
   * Create a test user, *demoUser4*, assign to *fortress-rest-power-user* RBAC role.
 
  b. Execute the policy load [FortressRestServerPolicy](./src/main/resources/FortressRestServerPolicy.xml) into LDAP:
@@ -156,7 +156,7 @@
  mvn install -Dload.file=src/main/resources/FortressRestServerPolicy.xml
  ```
 
- c. Now demoUser4 may execute every service and pass the JavaEE and Apache CXF interceptor checks.
+ c. Now *demoUser4* may execute every service and pass the JavaEE and Apache CXF interceptor checks.
 
 ## 6. ARBAC policy load