You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-issues@jackrabbit.apache.org by "angela (JIRA)" <ji...@apache.org> on 2013/07/19 11:14:48 UTC
[jira] [Commented] (OAK-791) UserManagement: Document changes wrt
Jackrabbit 2
[ https://issues.apache.org/jira/browse/OAK-791?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13713475#comment-13713475 ]
angela commented on OAK-791:
----------------------------
1) Characteristics of the Default Implementation
-------------------------------------------------------------------------
The default user management implementation present with OAK always stores user/group information in the workspace associated with the editing Session (see jr2 UserPerWorkspaceUserManager). The implementation of a user mgt variant corresponding to Jackrabbit's default
UserManagerImpl is blocked by missing workspace handling (see OAK-118).
The current user manager has the following characteristics that differ from the corresponding Jackrabbit implementation:
a) General
- Changes made to the user management API are always transient and require Session#save() to be persisted.
- In case of a failure Session#refresh is no longer called in order to prevent reverting other changes unrelated to the user mgt operation. Consequently it's the responsibility of the API consumer to specifically revert pending or invalid transient modifications.
- The implementation is no longer built on top of the JCR API but instead directly acts on Tree and PropertyState defined by the OAK API. This move allows to make use of the user management API within the OAK layer (aka SPI).
b) User/Group creation
- The rep:password property is no longer defined to be mandatory. Therefore a new user might be created without specifying a password. Note however, that User#changePassword does not allow to remove the password property.
- UserManager#createGroup(Principal) will no longer generate a groupID in case the principal name collides with an existing user or group ID. This has been considered redundant as the Jackrabbit API in the mean time added UserManager#createGroup(String groupID).
- Since OAK is designed to scale with flat hierarchies the former configuration options 'autoExpandTree' and 'autoExpandSize' are no longer supported.
c) Handling of the Authorizable ID
- As of OAK the node type definition of rep:Authorizable defines a new property rep:authorizableId which is intended to store the ID of a user or group.
- The default implementation comes with a dedicated property index for rep:authorizableId which asserts the uniqueness of that ID.
- Authorizable#getID returns the string value contained in rep:authorizableID and for backwards compatibility falls back on the node name in case the ID property is missing.
- The name of the authorizable node is generated based on a configurable implementation of the 'AuthorizableNodeName' interface (see configuration section below). By default it uses the ID as name hint and includes a conversion to a valid JCR node name.
> UserManagement: Document changes wrt Jackrabbit 2
> -------------------------------------------------
>
> Key: OAK-791
> URL: https://issues.apache.org/jira/browse/OAK-791
> Project: Jackrabbit Oak
> Issue Type: Sub-task
> Components: jcr
> Reporter: angela
> Assignee: angela
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira