You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@jackrabbit.apache.org by "Jeffrey Bornemann (JIRA)" <ji...@apache.org> on 2016/11/02 08:25:58 UTC

[jira] [Commented] (JCR-4050) Allow creation of users with existing password hashes

    [ https://issues.apache.org/jira/browse/JCR-4050?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15628189#comment-15628189 ] 

Jeffrey Bornemann commented on JCR-4050:
----------------------------------------

Hey [~anchela]! Thanks for the good information! I appreciate the prompt reply!

Unfortunately, I don't think this approach will help us much in our circumstance for a few reasons.

- Part of our model for syncing nodes in an efficient fashion is to create a continuous binary stream of repository data based on a custom encoding we have built from Google's protocol buffers, as opposed to XML. Sending, or building XML from data would be a bit of an approach departure for this corner case. Really we have only had to wrangle a bit with rep:password; Other protected properties we get by just fine by using UserManager, and the like. 
  
- Our users work with Jackrabbit through AEM, which does not have an elegant way of working with workspace.xml (I believe there are limited configuration options, as exposed from Felix); even furthermore, it's not something we would want to ask our users to do as a prerequisite for synching authorizables. We would love to keep it as plug-n-play as possible.   

I feel my patch https://github.com/apache/jackrabbit/pull/45 offers limited risk, and technical encumbrance; but I certainly will understand if you feel the change is redundant. 

Thanks again for the reply!


>  Allow creation of users with existing password hashes
> ------------------------------------------------------
>
>                 Key: JCR-4050
>                 URL: https://issues.apache.org/jira/browse/JCR-4050
>             Project: Jackrabbit Content Repository
>          Issue Type: New Feature
>          Components: jackrabbit-api, jackrabbit-core, security
>            Reporter: Jeffrey Bornemann
>            Priority: Minor
>
> We utilize the UserManager API within Grabbit for syncing authorizable nodes between servers.
> Unfortunately, when it comes to syncing users, and specifically setting passwords from existing users; we have no public API facing way to create users with existing password hashes. We currently have to resort to using reflection, grabbing internal tree objects, and a bunch of nastiness that we would love to avoid with this change.
> Other consumers may also find this useful. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)