Maintenance Review 2 for JSR-000196 JavaTM Authentication Service Provider Interface for Containers

Changes made throughout the Document

  • Changed the version of the specification from 1.0 to 1.1.

  • Replaced Sun logo with Oracle Logo

  • Removed paragraph tags from PDF bookmarks


Updated The License

Changes to Preface

Changed document Status

Added Names of new contributors

Changes to Servlet Container Profile

As resolution for issue JASPIC_SPEC-1, in Section 3.2, "Application Context Identifier", defined Standard ApContextID generation.


Changes to Appendix B, Issues

Changes to Appendix D, API

  • As part of resolution for JASPIC_SPEC-2 and JASPIC_SPEC-11, in abstract "AuthConfigFactory" class, made public the static permissions that are used to protect the static getFactory and setFactory methods, and improved documentation so users of the SPI can know which permissions are used. Also added an additional public providerRegistrationSecurityPermission and required that it be used by factory implementations to protect methods like registerConfigProvider. Removed incorrect assertion from javadoc of getFactory, both forms of registerConfigProvider, and refresh, that checked AuthException could be thrown (by these methods). Changed the javadoc of these four methods to indicate that the conditions for which they were expected to throw an AuthException should instead be handled within their existing declarations of throwing an (unchecked) SecurityException. Regenerated (mif) javadocs (embedded in spec) from html javadocs, which corrected definition for layer and appContext parameters of getConfigProvider. Javadoc, patch file

  • As part of resolution for JASPIC_SPEC-2, in "AuthConfigProvider" interface, removed incorrect assertion from javadoc of refresh method that checked AuthException could be thrown, and changed javadoc to indicate that the conditions for which refresh was expected to throw an AuthException should instead be handled within its existing declaration of throwing an (unchecked) SecurityException. Javadoc, patch file

  • As part of resolution for JASPIC_SPEC-2, in "AuthConfig" interfaces, made same changes as to AuthConfigProvider interface. Javadoc, patch file