You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-issues@jackrabbit.apache.org by "angela (JIRA)" <ji...@apache.org> on 2017/03/07 16:36:38 UTC
[jira] [Resolved] (OAK-4462) LoginModuleImpl: option to have
AuthInfo populated with userId instead of loginName
[ https://issues.apache.org/jira/browse/OAK-4462?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
angela resolved OAK-4462.
-------------------------
Resolution: Fixed
Fix Version/s: 1.8
1.7.0
Committed revision 1785855.
> LoginModuleImpl: option to have AuthInfo populated with userId instead of loginName
> -----------------------------------------------------------------------------------
>
> Key: OAK-4462
> URL: https://issues.apache.org/jira/browse/OAK-4462
> Project: Jackrabbit Oak
> Issue Type: Improvement
> Components: core
> Reporter: angela
> Assignee: angela
> Priority: Minor
> Fix For: 1.7.0, 1.8
>
>
> The current implementation of {{LoginModuleImpl}} _always_ populates the {{AuthInfo}} with the userId as extracted from the {{Credentials}} or the shared state; doing so will make {{Session.getUserID()}} expose the 'login-id', which may or may not correspond to the ID of the corresponding {{User}} as it is expected to exist with this login module implementation.
> While this clearly is a design decision with the {{LoginModuleImpl}} and perfectly in accordance with the API contract of {{Session.getUserID()}}, there might be cases, where equality of {{Session.getUserID()}} and {{User.getID()}} would be desirable.
> So, we may think about adding an option to the default authentication; be it with {{LoginModuleImpl}} and|or the {{UserAuthenticationFactory}}|{{UserAuthentication}}.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)