diff --git a/api/src/main/java/jakarta/security/auth/message/config/AuthConfigFactory.java b/api/src/main/java/jakarta/security/auth/message/config/AuthConfigFactory.java index c43de12..d976f01 100644 --- a/api/src/main/java/jakarta/security/auth/message/config/AuthConfigFactory.java +++ b/api/src/main/java/jakarta/security/auth/message/config/AuthConfigFactory.java @@ -401,7 +401,24 @@ public static synchronized void setFactory(AuthConfigFactory factory) { * *
* This will override any other modules that have already been registered, either via proprietary
- * means or using the standard API.
+ * means or using the standard API. The ServerAuthModule
is removed, via a call to
+ * removeServerAuthModule
when the context associated with the profile specific context object ends.
+ *
+ *
+ * Note that this method is a convenience method that can be used instead of registerConfigProvider
,
+ * but should ultimately have the same effect. That is, the layer
and appContext
parameters
+ * are generated from the context object, and the ServerAuthModule
is wrapped by an implementation
+ * specific AuthConfigProvider
, which are then used to call registerConfigProvider
or an
+ * internal method with the same effect. The returned registration ID is then associated with the profile specific
+ * context object, and also returned from this method.
+ *
+ *
+ * A "profile specific context object" is for example the ServletContext
in the
+ * Servlet Container Profile. The context associated with this ServletContext
ends
+ * when for example the application corresponding to it is undeployed. Association of the
+ * registration ID with the ServletContext
simply means calling the setAttribute
+ * method on the ServletContext
, with the registration ID as value. (The name attribute has not been
+ * standardised in this version of the specification)
*
* @param serverAuthModule the ServerAuthModule
instance to be registered
* @param context the profile specific context of the application for which the module is registered
@@ -423,7 +440,6 @@ public static synchronized void setFactory(AuthConfigFactory factory) {
*/
public abstract void removeServerAuthModule(Object context);
-
/**
* Remove the identified provider registration from the factory (and from the persistent declarative representation of
* provider registrations, if appropriate) and invoke any listeners associated with the removed registration.