anchela commented on PR #46:
URL:
https://github.com/apache/sling-org-apache-sling-jcr-repoinit/pull/46#issuecomment-1781160528
hi @jsedding , creating a somewhat reasonable security setup should be too
complicated. you could e.g. use the default created by
{{SecurityProviderBuilder}} (an not calling with with null values) and the
benefit from the test-helper class {{SecurityProviderHelper}} to inject the
additional configuration.
that's probably easier than writing your own validator. what i meant about
the best practices: i would add a comment to the test class mentioning that
manually creating the rep:externalId is making assumptions about implementation
details that may change. so, just add a word of caution :-)
the sync-mechanims defined in oak-auth-external comes with API to sync
users/groups outside of the regular login flow.... that's just not supported by
all IDP implementations.... so an attempt to manually sync users/groups is
probably the result of an imcomplete IDP implementation. so addressing that
would likely be the better option (and avoid the issue about impl-details).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
