Uploaded image for project: 'Jackrabbit Oak'
  1. Jackrabbit Oak
  2. OAK-3508

External login module should reduce LDAP lookups for pre-authenticated users

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.0.22, 1.2, 1.4
    • Fix Version/s: 1.0.23, 1.2.16, 1.4
    • Component/s: auth-external
    • Labels:
      None

      Description

      consider the following JAAS setup:

      • sufficient SSO Login Module
      • optional Default Login Module
      • sufficient External Login Module

      This causes each login() to reach the external login module (which is desired) but causes an IDP lookup for each login, even if the user is already synced with the repository.

      ideally the login module could pass the ExternalIdentityRef to the sync handler and to a tentative sync. the lastSyncTime should be respected in this case.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                tripod Tobias Bocanegra
                Reporter:
                tripod Tobias Bocanegra
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: