jackrabbit-oak-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Angela Schreiber (Jira)" <j...@apache.org>
Subject [jira] [Updated] (OAK-8802) ExternalLoginModule.commit will fail if no principals can be resolved for externalUser
Date Tue, 03 Dec 2019 07:44:00 GMT

     [ https://issues.apache.org/jira/browse/OAK-8802?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Angela Schreiber updated OAK-8802:
----------------------------------
    Priority: Minor  (was: Major)

> ExternalLoginModule.commit will fail if no principals can be resolved for externalUser
> --------------------------------------------------------------------------------------
>
>                 Key: OAK-8802
>                 URL: https://issues.apache.org/jira/browse/OAK-8802
>             Project: Jackrabbit Oak
>          Issue Type: Bug
>          Components: auth-external, security
>            Reporter: Angela Schreiber
>            Assignee: Angela Schreiber
>            Priority: Minor
>             Fix For: 1.22.0
>
>
> while testing a potential patch for OAK-8710 i noticed that {{ExternalLoginModule.commit()}}
will not succeed if {{AbstractLoginModule.getPrincipals}} returns an empty list. however,
depending on the oak security setup there the principal lookup may not be able to resolve
the given external ID while still being able to successfully login the given external user
e.g. by means of login with a subject that has already been populated with the principals
to be used.
> i would suggest to let {{ExternalLoginModule.commit()}} succeed as soon as the {{externalUser}}
field was set during the first login phase. authinfo and subject can then be populated accordingly.




--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message