1 files changed, 31 insertions, 25 deletions

diff --git a/qpid/doc/book/src/java-broker/Java-Broker-Security-Group-Providers.xml b/qpid/doc/book/src/java-broker/Java-Broker-Security-Group-Providers.xml
index eaecd85770..34ea443ef7 100644
--- a/qpid/doc/book/src/java-broker/Java-Broker-Security-Group-Providers.xml
+++ b/qpid/doc/book/src/java-broker/Java-Broker-Security-Group-Providers.xml
@@ -22,39 +22,45 @@
 -->
 
 <section id="Java-Broker-Security-Group-Providers">
-  <title>Configuring Group Providers</title>
+  <title>Group Providers</title>
   <para>
-    The Java broker utilises GroupProviders to allow assigning users to groups for use in <link linkend="Java-Broker-Security-ACLs">ACLs</link>. Following authentication by a given <link linkend="Java-Broker-Security-Authentication-Providers">Authentication Provider</link>, the configured Group Providers are consulted to allowing assignment of GroupPrincipals for a given authenticated user.
+    The Java broker utilises GroupProviders to allow assigning users to groups for use in <link linkend="Java-Broker-Security-ACLs">ACLs</link>.
+    Following authentication by a given <link linkend="Java-Broker-Security-Authentication-Providers">Authentication Provider</link>,
+    the configured Group Providers are consulted allowing the assignment of GroupPrincipals for a given authenticated user. Any number of
+    Group Providers can be added into the Broker. All of them will be checked for the presence of the groups for a given authenticated user.
   </para>
-
+  <para>The <emphasis>Group Provider</emphasis> can be configured using <link linkend="Java-Broker-Configuring-And-Managing-REST-API">
+  REST Management interfaces</link> and <link linkend="Java-Broker-Configuring-And-Managing-Web-Console">Web Management Console</link>.</para>
+  <para>The following <emphasis>Group Provider</emphasis> managing operations are available from Web Management Console:
+    <itemizedlist>
+        <listitem><para>A new Group Provider can be added by clicking onto "Add Group Provider" button on a Broker tab.</para></listitem>
+        <listitem><para>An existing providers can be removed by pressing "Delete Group Provider" button
+         on Broker tab or Group Provider tab.</para></listitem>
+        <listitem><para>On clicking onto provider name in the Group Providers grid or Broker object tree,
+         the tab for the Group Provider is displayed.</para></listitem>
+        <listitem><para>A new group can be added into the Group Provider by clicking onto "Add Group" button on provider tab.</para></listitem>
+        <listitem><para>An existing group can be deleted from the Group Provider by clicking onto "Delete Group" button on provider tab.</para></listitem>
+        <listitem><para>On clicking onto group name in the groups grid, the tab with the list of existing
+        group members is displayed for the Group.</para></listitem>
+        <listitem><para>From the Group tab a new member can be added into a group or existing members can be deleted
+        from a group by clicking on "Add Group Member" or "Remove Group Members" accordingly.</para></listitem>
+     </itemizedlist>
+   </para>
 
   <section role="h3" id="File-Group-Manager">
-    <title>FileGroupManager</title>
-    <para>
-      The FileGroupManager allows specifying group membership in a flat file on disk, and is also exposed for inspection and update through the brokers HTTP management interface.
-    </para>
+    <title>GroupFile Provider</title>
     <para>
-      To enable the FileGroupManager, add the following configuration to the config.xml, adjusting the groupFile attribute value to match your desired groups file location.
+      The <emphasis>GroupFile</emphasis> Provider allows specifying group membership in a flat file on disk.
+      On adding a new GroupFile Provider the path to the groups file is required to be specified.
+      If file does not exist an empty file is created automatically. On deletion of GroupFile Provider
+      the groups file is deleted as well. Only one instance of "GroupFile" Provider per groups file location can be created.
+      On attempt to create another GroupFile Provider pointing to the same location the error will be displayed and
+      the creation will be aborted.
     </para>
 
-    <programlisting><![CDATA[
-    ...
-    <security>
-        <file-group-manager>
-            <attributes>
-              <attribute>
-                <name>groupFile</name>
-                 <value>${conf}/groups</value>
-              </attribute>
-            </attributes>
-        </file-group-manager>
-    </security>]]>
-    ...
-</programlisting>
-
-	<section role="h4" id="File-Group-Manager-FileFormat">
+    <section role="h4" id="File-Group-Manager-FileFormat">
        <title>File Format</title>
-	  <para>
+      <para>
             The groups file has the following format:
           </para>
             <programlisting>