diff --git a/SUMMARY.adoc b/SUMMARY.adoc index e21f518cc6..d2cdf13982 100755 --- a/SUMMARY.adoc +++ b/SUMMARY.adoc @@ -11,15 +11,15 @@ .. link:topics/getting-started/hello-world/overview.adoc[Securing a Servlet Application] - ... link:topics/getting-started/hello-world/create-realm.adoc[Creating a Realm] + ... link:topics/getting-started/hello-world/create-realm.adoc[Creating a Realm and a User] ... link:topics/getting-started/hello-world/create-resource-server.adoc[Enabling Authorization Services] - ... link:topics/getting-started/hello-world/deploy.adoc[Build, Deploy, and Test] + ... link:topics/getting-started/hello-world/deploy.adoc[Build, Deploy, and Test Your Application] .. link:topics/example/overview.adoc[Examples] - {% endif %} - +{% endif %} + . link:topics/resource-server/overview.adoc[Managing Resource Servers] .. link:topics/resource-server/create-client.adoc[Creating a Client Application] @@ -28,9 +28,9 @@ .. link:topics/resource-server/default-config.adoc[Default Configuration] - .. link:topics/resource-server/import-config.adoc[Exporting and Importing Authorization Configuration] + .. link:topics/resource-server/import-config.adoc[Export and Import Authorization Configuration] - . link:topics/resource/overview.adoc[Managing Resources] + . link:topics/resource/overview.adoc[Managing Resources and Scopes] .. link:topics/resource/view.adoc[Viewing Resources] @@ -58,11 +58,11 @@ . link:topics/permission/overview.adoc[Managing Permissions] - .. link:topics/permission/create-resource.adoc[Creating Resource-based Permissions] + .. link:topics/permission/create-resource.adoc[Creating Resource-Based Permissions] ... link:topics/permission/typed-resource-permission.adoc[Typed Resource Permissions] - .. link:topics/permission/create-scope.adoc[Creating Scope-based Permissions] + .. link:topics/permission/create-scope.adoc[Creating Scope-Based Permissions] .. link:topics/permission/decision-strategy.adoc[Policy Decision Strategies] diff --git a/topics/getting-started/hello-world/deploy.adoc b/topics/getting-started/hello-world/deploy.adoc index 5bc917e58e..315972639c 100644 --- a/topics/getting-started/hello-world/deploy.adoc +++ b/topics/getting-started/hello-world/deploy.adoc @@ -1,5 +1,5 @@ [[_getting_started_hello_world_deploy]] -=== Building, Deploying, and Testing Your Application +=== Build, Deploy, and Test Your Application Now that the *hello-world-authz-service* resource server (or client) is properly configured and authorization services are enabled, it can be deployed to the server. diff --git a/topics/getting-started/hello-world/overview.adoc b/topics/getting-started/hello-world/overview.adoc index 05ee53ec62..935f679fa5 100644 --- a/topics/getting-started/hello-world/overview.adoc +++ b/topics/getting-started/hello-world/overview.adoc @@ -1,5 +1,5 @@ [[_getting_started_hello_world_overview]] -=== Hello World +=== Securing a Servlet Application The purpose of this getting started guide is to get you up and running as quickly as possible so that you can experiment with and test various authorization features provided by {{book.project.name}}. This quick tour relies heavily on the default database and server configurations and does not cover complex deployment options. diff --git a/topics/permission/create-resource.adoc b/topics/permission/create-resource.adoc index 9f3d5555fc..dbae915e06 100755 --- a/topics/permission/create-resource.adoc +++ b/topics/permission/create-resource.adoc @@ -1,5 +1,5 @@ [[_permission_create_resource]] -=== Creating Resource-based Permissions +=== Creating Resource-Based Permissions A resource-based permission defines a set of one or more resources to protect using a set of one or more authorization policies. diff --git a/topics/permission/create-scope.adoc b/topics/permission/create-scope.adoc index e7dcd6e7a5..bf31989bea 100755 --- a/topics/permission/create-scope.adoc +++ b/topics/permission/create-scope.adoc @@ -1,5 +1,5 @@ [[_permission_create_scope]] -=== Creating Scope-based Permissions +=== Creating Scope-Based Permissions A scope-based permission defines a set of one or more scopes to protect using a set of one or more authorization policies. Unlike resource-based permissions, you can use this permission type to create permissions not only for a resource, but also for the scopes associated with it, providing more granularity when defining the permissions that govern your resources and the actions that can be performed on them. diff --git a/topics/policy-evaluation-tool/overview.adoc b/topics/policy-evaluation-tool/overview.adoc index 68335918a9..1b97738a00 100755 --- a/topics/policy-evaluation-tool/overview.adoc +++ b/topics/policy-evaluation-tool/overview.adoc @@ -1,5 +1,5 @@ [[_policy_evaluation_overview]] -== Policy Evaluation Tool +== Evaluating and Testing Policies When designing your policies, you can simulate authorization requests to test how your policies are being evaluated. diff --git a/topics/policy/aggregated-policy.adoc b/topics/policy/aggregated-policy.adoc index e3580f565a..de48c2decf 100755 --- a/topics/policy/aggregated-policy.adoc +++ b/topics/policy/aggregated-policy.adoc @@ -1,5 +1,5 @@ [[_policy_aggregated]] -=== Aggregated Policies +=== Aggregated Policy As mentioned previously, {{book.project.name}} allows you to build a policy of policies, a concept referred to as policy aggregation. You can use policy aggregation to reuse existing policies to build more complex ones and keep your permissions even more decoupled from the policies that are evaluated during the processing of authorization requests. diff --git a/topics/policy/evaluation-api.adoc b/topics/policy/evaluation-api.adoc index a5432ceaba..8c83ef4e4b 100755 --- a/topics/policy/evaluation-api.adoc +++ b/topics/policy/evaluation-api.adoc @@ -1,5 +1,5 @@ [[_policy_evaluation_api]] -=== Evaluation API +=== Policy Evaluation API When writing rule-based policies using JavaScript or JBoss Drools, {{book.project.name}} provides an Evaluation API that provides useful information to help determine whether a permission should be granted. diff --git a/topics/resource-server/import-config.adoc b/topics/resource-server/import-config.adoc index c4fa5af87b..4bfb32b038 100755 --- a/topics/resource-server/import-config.adoc +++ b/topics/resource-server/import-config.adoc @@ -1,5 +1,5 @@ [[_resource_server_import_config]] -=== Exporting and Importing Configuration Files +=== Export and Import Authorization Configuration The configuration settings for a resource server (or client) can be exported and downloaded. You can also import an existing configuration file for a resource server. Importing and exporting a configuration file is helpful when you want to create an initial configuration for a resource server or to update an existing configuration. The configuration file contains definitions for: diff --git a/topics/service/authorization/whatis-obtain-aat.adoc b/topics/service/authorization/whatis-obtain-aat.adoc index d8378dbdd2..c8d8319bab 100755 --- a/topics/service/authorization/whatis-obtain-aat.adoc +++ b/topics/service/authorization/whatis-obtain-aat.adoc @@ -1,5 +1,5 @@ [[_service_authorization_aat]] -=== Authorization API Token +=== What is a AAT and How to Obtain It An authorization API token (AAT) is a special OAuth2 access token with the scope *uma_authorization*. When you create a user, {{book.project.name}} automatically assigns the role _uma_authorization_ to the user. The _uma_authorization_ role is a default realm role. diff --git a/topics/service/client-api.adoc b/topics/service/client-api.adoc index df31a59795..b93c58f745 100755 --- a/topics/service/client-api.adoc +++ b/topics/service/client-api.adoc @@ -1,5 +1,5 @@ [[_service_client_api]] -=== Authorization Client API +=== Authorization Client Java API If you are using Java, you can access all {{book.project.name}} {{book.project.module}} using a client API. diff --git a/topics/service/protection/resources-api-papi.adoc b/topics/service/protection/resources-api-papi.adoc index 27628ad85e..07768517eb 100755 --- a/topics/service/protection/resources-api-papi.adoc +++ b/topics/service/protection/resources-api-papi.adoc @@ -1,5 +1,5 @@ [[_service_protection_resources_api]] -=== Managing Resources Using the Protection API +=== Managing Resources Resource servers can manage their resources remotely using a UMA-compliant endpoint. diff --git a/topics/service/protection/whatis-obtain-pat.adoc b/topics/service/protection/whatis-obtain-pat.adoc index a7113a730e..3c51353371 100755 --- a/topics/service/protection/whatis-obtain-pat.adoc +++ b/topics/service/protection/whatis-obtain-pat.adoc @@ -1,5 +1,5 @@ [[_service_protection_whatis_obtain_pat]] -=== What is a PAT and How to Obtain It? +=== What is a PAT and How to Obtain It A *protection API token* (PAT) is a special OAuth2 access token with a scope defined as *uma_protection*. When you create a resource server, {{book.project.name}} automatically creates a role, _uma_protection_, for the corresponding client application and associates it with the client's service account.