You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-dev@jackrabbit.apache.org by Alexander Klimetschek <ak...@adobe.com> on 2016/01/20 23:55:34 UTC
TokenLoginModule ignores shared key javax.security.auth.login.name
Hi,
I came across an issue with the Token mechanism that ties it too much to SimpleCredentials (aka username/password) for the initial create-token login. In case of different credentials and the ExternalLoginModule + external identity provider this currently makes it impossible to use in one go, since it does not take a different user id into account that can be present in the standard shared key "javax.security.auth.login.name".
Details & patch including unit test at https://issues.apache.org/jira/browse/OAK-3899
Cheers,
Alex