Hi,
The tools seem fine for now, but shouldn't there
be some markers or annotations present in the source
spec document?
For example, take authorization, assertion 4:
<assertion required = "true" impl-spec =
"false" defined-by = "technology" status =
"active" testable = "true">
<id>4</id>
<description>
Each Policy provider that satisfies this
contract must perform or delegate to another
provider
all the permission evaluations requested
via its interface in the JRE; not just those made
by the container to
implement Jakarta EE security
functionality.
</description>
Now in the spec document we have:
=== Requirements
. This contract must support providers that are
unable to determine, before returning from
`Policy.getPermissions()`,
all the permissions that pertain to a
subject/protection domain.
. Each Policy provider that satisfies this
contract must perform or delegate to another
provider all the permission
evaluations requested via its interface in the
JRE; not just those made by the container to
implement
Jakarta EE security functionality.
. Each provider must export interfaces (defined
by this contract) for use by containers and or
container deployment
tools to create policy statements within the
policy store of the provider. These interfaces
must be used when an
application or module is deployed in a
container.
I think the assumption is that there's a marker,
annotation or tag involving "4" around the second
list item. But it's not there. Meaning, the tools
can't extract that paragraph automatically and put
it in an XML file with the ID 4.
Now I wonder, was the original document marked in
some way and didn't this marking or tag transfer, or
am I just totally missing something?
Kind regards,
Arjan