Description
while playing around with overall group principal resolution during the repository login, I thought that having a principal provider that knows about the details of the user management implementation may might be a slight improvement compared to the generic default implementation as present in org.apache.jackrabbit.oak.security.principal.PrincipalProviderImpl, which just acts on the UserManager interface and thus always creates intermediate Authorizable objects.
in order to be able to get there (without having the default principal mgt implementation rely on implementation details of the user mgt module), we would need an addition to the UserConfiguration that allows to optionally obtain a PrincipalProvider; the fallback in the default PrincipalConfiguration in case the user configuration does not expose a specific principal provider would be the current (generic) solution.
Attachments
Attachments
Issue Links
- is required by
-
OAK-3003 Improve login performance with huge group membership
- Closed