* This will override any other modules that have already been registered, either via proprietary
- * means or using the standard API.
+ * means or using the standard API. The ServerAuthModule is removed, via a call to
+ * removeServerAuthModule when the context associated with the profile specific context object ends.
+ *
+ *
+ * Note that this method is a convenience method that can be used instead of registerConfigProvider,
+ * but should ultimately have the same effect. That is, the layer and appContext parameters
+ * are generated from the context object, and the ServerAuthModule is wrapped by an implementation
+ * specific AuthConfigProvider, which are then used to call registerConfigProvider or an
+ * internal method with the same effect. The returned registration ID is then associated with the profile specific
+ * context object, and also returned from this method.
+ *
+ *
+ * A "profile specific context object" is for example the ServletContext in the
+ * Servlet Container Profile. The context associated with this ServletContext ends
+ * when for example the application corresponding to it is undeployed. Association of the
+ * registration ID with the ServletContext simply means calling the setAttribute
+ * method on the ServletContext, with the registration ID as value. (The name attribute has not been
+ * standardised in this version of the specification)
*
* @param serverAuthModule the ServerAuthModule instance to be registered
* @param context the profile specific context of the application for which the module is registered
@@ -423,7 +440,6 @@ public static synchronized void setFactory(AuthConfigFactory factory) {
*/
public abstract void removeServerAuthModule(Object context);
-
/**
* Remove the identified provider registration from the factory (and from the persistent declarative representation of
* provider registrations, if appropriate) and invoke any listeners associated with the removed registration.