Uploaded image for project: 'Jackrabbit Oak'
  1. Jackrabbit Oak
  2. OAK-3508

External login module should reduce LDAP lookups for pre-authenticated users

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.0.22, 1.2, 1.4
    • 1.0.23, 1.2.16, 1.4
    • auth-external
    • None

    Description

      consider the following JAAS setup:

      • sufficient SSO Login Module
      • optional Default Login Module
      • sufficient External Login Module

      This causes each login() to reach the external login module (which is desired) but causes an IDP lookup for each login, even if the user is already synced with the repository.

      ideally the login module could pass the ExternalIdentityRef to the sync handler and to a tentative sync. the lastSyncTime should be respected in this case.

      Attachments

        Issue Links

          is required by

          Task - A task that needs to be done. OAK-4417 Missing LoginModule Test and Documentation for OAK-3508

          • Major - Major loss of function.
          • Closed

          Activity

            People

              tripod Tobias Bocanegra
              tripod Tobias Bocanegra
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: