edits per review

#6821
OpenLiberty · Nov 30, 2023 · 00cfd59 · 00cfd59
1 parent 480598b
commit 00cfd59
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/modules/reference/pages/feature/appSecurity/examples.adoc b/modules/reference/pages/feature/appSecurity/examples.adoc
@@ -83,7 +83,7 @@ If the `ltpa` element does not specify the `authFilterRef` attribute, all reques
 
 [#tai]
 === Disable LTPA cookies for TAI
-LTPA cookies contain secure tokens that are used to verify user credentials and enable SSO. When you don't want to rely on LTPA tokens for SSO, you can use other methods, such as a Trust Association Interceptor (TAI), for authentication. A TAI is used to validate HTTP requests between a third-party security server and an Open Liberty server to complete authentication.  The following example shows how to disable LTPA cookies for TAI by specifying the `disableLtpaCookie` attribute with a value of `true` in the `server.xml` file:
+LTPA cookies contain secure tokens that are used to verify user credentials and enable SSO. When you don't want to rely on LTPA tokens for SSO, you can use other methods, such as a Trust Association Interceptor (TAI), for authentication. A TAI is used to validate HTTP requests between a third-party security server and an Open Liberty server to complete authentication. The following example shows how to disable LTPA cookies for TAI by specifying the `disableLtpaCookie` attribute with a value of `true` in the `server.xml` file:
 
 [source,xml]
 ----
@@ -112,9 +112,9 @@ To enable Open Liberty to use both primary keys and validation keys, specify the
 +
 The directory monitor looks for any LTPA keys files with the `*.keys` extension in the `${server.config.dir}/resources/security/` directory. Open Liberty reads the LTPA keys in these files and uses them to validate LTPA tokens.
 +
-The `monitorValidationKeysDir` attribute monitors the `${server.config.dir}/resources/security/` directory by default, but can monitor any directory the primary keys file is specified in. If the `monitorInterval` attribute is set to 0, the default value, the directory is not monitored.
+The `monitorValidationKeysDir` attribute monitors the `${server.config.dir}/resources/security/` directory by default, but can monitor any directory the primary keys file is specified in. Monitoring is enabled only when the `updateTrigger` attribute is set to `polled` (the default value) and the `monitorInterval` attribute is set to a duration greater than `0`. The default value of the `monitorInterval` attribute is 0.
 +
-Alternatively, you can specify the `validationKeys` subelement to specify a particular validation keys file. You can also remove the validation keys in this file from use at a particular date and time with the optional `validUntilDate` attribute. In the following example, a validation keys file is specified with an expiration date, after which the keys in the file are removed from use automatically:
+Alternatively, you can specify the `validationKeys` subelement to specify a particular validation keys file. You can also remove the validation keys in this file from use at a particular date and time with the optional `validUntilDate` attribute. In the following example, a validation keys file is specified with an expiration date after which the keys in the file are removed from use automatically:
 +
 [source,xml]
 ----