On Tue, Mar 9, 2010 at 8:30 PM, D. Stuart Freeman <[email protected]> wrote: > I've got an AuthenticationHandler and I'd like to allow users to log in > without doing any further registration. My understanding is that my > AuthenticationPlugin will have to create accounts in JCR for users if > they don't exist already.
That is not necessarily true. If you have a custom LoginModulePlugin [1], you can lookup user data from anywhere - it doesn't have to be from JCR. The LoginModulePlugin then instantiates your custom AuthenticationPlugins on LoginModulePlugin.getAuthentication(). > Will it work (and is it advisable) to do > something like: > > userManager.createUser(name, RandomStringUtils.random(32), principal); > > or am I completely misunderstanding something? I'd say, if you already have your user data somewhere else (like an external database or LDAP directory), don't replicate that data in Jackrabbit's UserManager. In fact, don't use UserManager at all (except, perhaps, for the pre-defined admin and anonymous users). Instead, implement a LoginModulePlugin to use your external source. [1] http://sling.apache.org/apidocs/sling5/org/apache/sling/jcr/jackrabbit/server/security/LoginModulePlugin.html -- Vidar S. Ramdal <[email protected]> - http://www.idium.no Sommerrogata 13-15, N-0255 Oslo, Norway + 47 22 00 84 00 / +47 21 531941, ext 2070
