You are viewing a plain text version of this content. The canonical link for it is here.

Posted to oak-issues@jackrabbit.apache.org by "Tobias Bocanegra (JIRA)" <ji...@apache.org> on 2015/10/13 02:20:05 UTC

[jira] [Created] (OAK-3508) External login module should reduce LDAP lookups for pre-authenticated users

Tobias Bocanegra created OAK-3508:
-------------------------------------

             Summary: External login module should reduce LDAP lookups for pre-authenticated users
                 Key: OAK-3508
                 URL: https://issues.apache.org/jira/browse/OAK-3508
             Project: Jackrabbit Oak
          Issue Type: Improvement
            Reporter: Tobias Bocanegra


consider the following JAAS setup:
- *sufficient* SSO Login Module
- *optional* Default Login Module
- *sufficient* External Login Module

This causes each login() to reach the external login module (which is desired) but causes an IDP lookup for each login, even if the user is already synced with the repository.

ideally the login module could pass the {{ExternalIdentityRef}} to the sync handler and to a tentative sync. the {{lastSyncTime}} should be respected in this case.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)