[
https://issues.apache.org/jira/browse/JCR-4050?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15693929#comment-15693929
]
angela commented on JCR-4050:
-----------------------------
[~bornemannjs], i see your point. on the other hand, the creation of the
pw-hash should be consideren an implementation detail of a given user
management implementation and i don't see too much benefit of having such an
API call without the ability to generate the hash. in other words: a caller of
that API would only be able to create a pw-hash by relying on implementation
details, which IMO is looking for troubles.
but since you are mentioning AEM Package Manager: is this related to Jackrabbit
FileVault project? afaik that project within the Jackrabbit family provides
means to package and install repository content including users. If that was
anyhow related, I would recommend to provide patches there if you find room for
improvement in terms of performance and scalability.
> Allow creation of users with existing password hashes in UserManager
> ---------------------------------------------------------------------
>
> Key: JCR-4050
> URL: https://issues.apache.org/jira/browse/JCR-4050
> Project: Jackrabbit Content Repository
> Issue Type: New Feature
> Components: jackrabbit-api, jackrabbit-core, security
> Reporter: Jeffrey Bornemann
> Priority: Minor
>
> We utilize the UserManager API within Grabbit for syncing authorizable nodes
> between servers.
> Unfortunately, when it comes to syncing users, and specifically setting
> passwords from existing users; we have no public API facing way to create
> users with existing password hashes. We currently have to resort to using
> reflection, grabbing internal tree objects, and a bunch of nastiness that we
> would love to avoid with this change.
> Other consumers may also find this useful.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
