Author: angela
Date: Tue Feb 11 14:09:45 2014
New Revision: 1567140
URL: http://svn.apache.org/r1567140
Log:
OAK-516 : doc
Modified:
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/external_login_module.md
Modified:
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/external_login_module.md
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/external_login_module.md?rev=1567140&r1=1567139&r2=1567140&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/external_login_module.md
(original)
+++
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/external_login_module.md
Tue Feb 11 14:09:45 2014
@@ -110,7 +110,12 @@ that they are not copied to the local re
actual user synchronization. It has the disadvantage, that users won't be able
to login, if the 3rd party system is
offline.
-The alternative is to cache the passwords in the repository together with the
synced user. this has the advantage that the 3rd party system can be offline
and users will still be able to login. It has the disadvantage that password
are copied to the local system and stored with the users in a encrypted form.
this might be a security concern and might not comply with security policies.
Another disadvantage to this approach is that it only works for simple password
based credentials.
+The alternative is to cache the passwords in the repository together with the
synced user.
+this has the advantage that the 3rd party system can be offline and users will
+still be able to login. It has the following disadvantages:
+
+- password are copied to the local system and stored with the users in a
encrypted form. This might be a security concern and might not comply with
security policies.
+- it only works for simple password based credentials.
### Behavior of the External Login Module
