[OAK-2687] Introduce Dynamic Groups - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Resolved
Priority: Major
Resolution: Later
Affects Version/s: None
Fix Version/s: None
Component/s: core, jcr
Labels:
None

Description

we may consider extending the jackrabbit user management API by the concept of dynamic groups that would have the following characteristics:

the group in the repository is just a marker
the group members are not stored with the group and are not revealed by regular membership operations such as 'getMembers', 'getDeclaredMembers', 'memberOf', 'declaredMemberOf'
the dynamic group membership is only evaluated upon authentication (e.g. in the principal provider implementation) based on implementation details both in the principal provider and the login module.

one example to illustrate the concept of the dynamic groups is the 'Everyone' principal where every principal of the default principal management implementation is member of. for consistency, this group principal already requires special treatment in the user management implementation in case there exists an 'everyone' group (match by principal name only).

Attachments

Issue Links

is related to

OAK-4101 Consider separate external (group) principal management

Closed

is superceded by

OAK-9462 Extensible DynamicMembershipProvider

Closed

relates to

OAK-4087 Replace Sync of configured AutoMembership by Dynamic Principal Generation

Closed

Activity

People

Assignee:: Angela Schreiber

Reporter:: Angela Schreiber

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 26/Mar/15 11:21

Updated:: 14/Jun/22 12:20

Resolved:: 10/Nov/16 15:49