You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-issues@jackrabbit.apache.org by "angela (JIRA)" <ji...@apache.org> on 2016/05/11 12:56:12 UTC
[jira] [Resolved] (OAK-4346) SyncMBeanImpl.syncExternalUsers
doesn't check for foreign IDP
[ https://issues.apache.org/jira/browse/OAK-4346?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
angela resolved OAK-4346.
-------------------------
Resolution: Fixed
Fix Version/s: 1.5.2
> SyncMBeanImpl.syncExternalUsers doesn't check for foreign IDP
> -------------------------------------------------------------
>
> Key: OAK-4346
> URL: https://issues.apache.org/jira/browse/OAK-4346
> Project: Jackrabbit Oak
> Issue Type: Bug
> Components: auth-external
> Reporter: angela
> Fix For: 1.5.2
>
>
> in the light of OAK-4264 i found that {{SyncMBeanImpl.syncExternalUsers}} doesn't verify that the given external-ids belong to the same IDP that the bean has been created for.
> my expectation for the result-messages was an operation key {{for}} (FOREIGN) but instead the user might even be synchronized depending on the behavior of the IDP or result in {{nsi}} if the a given userID is (by coincidence) not known to the IDP.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)