Update project.version, fix some typos.

wmhopkins · wmhopkins · commit b754108b6cd4 · 2017-05-25T17:52:03.000-04:00
diff --git a/pom.xml b/pom.xml
@@ -4,7 +4,7 @@
 
     <groupId>javax.security</groupId>
     <artifactId>javax.security-spec</artifactId>
-    <version>1.0-m04-prd</version>
+    <version>1.0-m05-SNAPSHOT</version>
     <packaging>pom</packaging>
 
     <name>EE Security API Specification</name>
diff --git a/src/main/doc/authenticationMechanism.asciidoc b/src/main/doc/authenticationMechanism.asciidoc
@@ -238,9 +238,9 @@ All of the built-in beans MUST support authentication using _IdentityStore_, as
 
 ==== Implementation Notes ====
 
-The Servlet spec, section 14.4 item 18, describes requirements for supporting BASIC and BASIC authentication via the web.xml _login-config_ element. This specification requires that implementations of BASIC and BASIC be made available as _HttpAuthenticationMechanism_ CDI beans. The servlet container is NOT REQUIRED to implement separate and independent mechanisms to satisfy each requirement. Instead, the container MAY choose to provide a single mechanism, for each of BASIC and BASIC, that meets the requirements of both specifications; i.e., an implementation that can be configured via _login-config_, but which is also made available as an _HttpAuthenticationMechanism_ if the application uses the corresponding annotation. Equally, the container is NOT REQUIRED to provide a unified implementation, and MAY satisfy the two requirements using separate, independent implementations.
+The Servlet spec, section 14.4 item 18, describes requirements for supporting BASIC and FORM authentication via the web.xml _login-config_ element. This specification requires that implementations of BASIC and FORM be made available as _HttpAuthenticationMechanism_ CDI beans. The servlet container is NOT REQUIRED to implement separate and independent mechanisms to satisfy each requirement. Instead, the container MAY choose to provide a single mechanism, for each of BASIC and FORM, that meets the requirements of both specifications; i.e., an implementation that can be configured via _login-config_, but which is also made available as an _HttpAuthenticationMechanism_ if the application uses the corresponding annotation. Equally, the container is NOT REQUIRED to provide a unified implementation, and MAY satisfy the two requirements using separate, independent implementations.
 
-An implementation of BASIC or BASIC is NOT REQUIRED to support _IdentityStore_ when configured via _login-config_, regardless of whether the container has provided a single mechanism or separate mechanisms to satisfy the _login-config_ and _HttpAuthenticationMechanism_ requirements. Implementations MAY support _IdentityStore_ for all configuration methods.
+An implementation of BASIC or FORM is NOT REQUIRED to support _IdentityStore_ when configured via _login-config_, regardless of whether the container has provided a single mechanism or separate mechanisms to satisfy the _login-config_ and _HttpAuthenticationMechanism_ requirements. Implementations MAY support _IdentityStore_ for all configuration methods.
 
 ==== Custom FORM Notes ====
 
diff --git a/src/main/doc/identityStore.asciidoc b/src/main/doc/identityStore.asciidoc
@@ -155,7 +155,7 @@ _IdentityStore_ is intended primarily for use by _HttpAuthenticationMechanism_ i
 
 A significant advantage of using _HttpAuthenticationMechanism_ and _IdentityStore_ over container-provided BASIC or FORM implementations is that it allows an application to control the identity stores it will authenticate against, in a standard, portable way.
 
-An _IdentityStore_ is expected to perform only perform context- and environment-independent processing (for example, verifying usernames and passwords and returning caller data). _IdentityStore_ should provide a pure _{credentials in, caller data out}_ function. It should not directly interact with the caller, or attempt to examine request context or application state.
+An _IdentityStore_ is expected to perform only context- and environment-independent processing (for example, verifying usernames and passwords and returning caller data). It should provide a pure _{credentials in, caller data out}_ function. An _IdentityStore_ should not directly interact with the caller, or attempt to examine request context or application state.
 
 The _IdentityStoreHandler_ interface defines a mechanism for invoking on _IdentityStore_ to validate a user credential. An _HttpAuthenticationMechanism_ (or other caller) should not interact directly with an _IdentityStore_, but instead invoke the _IdentityStoreHandler_ to validate credentials. The _IdentityStoreHandler_, in turn, invokes on the _IdentityStore_. An _IdentityStoreHandler_ can also orchestrate an authentication across multiple _IdentityStore_ instances, returning an aggregated result.
 
