Uploaded image for project: 'Jackrabbit Oak'
  1. Jackrabbit Oak
  2. OAK-2687

Introduce Dynamic Groups

    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Resolved
    • Major
    • Resolution: Later
    • None
    • None
    • core, jcr
    • None

    Description

      we may consider extending the jackrabbit user management API by the concept of dynamic groups that would have the following characteristics:

      • the group in the repository is just a marker
      • the group members are not stored with the group and are not revealed by regular membership operations such as 'getMembers', 'getDeclaredMembers', 'memberOf', 'declaredMemberOf'
      • the dynamic group membership is only evaluated upon authentication (e.g. in the principal provider implementation) based on implementation details both in the principal provider and the login module.

      one example to illustrate the concept of the dynamic groups is the 'Everyone' principal where every principal of the default principal management implementation is member of. for consistency, this group principal already requires special treatment in the user management implementation in case there exists an 'everyone' group (match by principal name only).

      Attachments

        Issue Links

          Activity

            People

              angela Angela Schreiber
              angela Angela Schreiber
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: