I understand that UserManager related work is currently in progress and hence might not be stable. However to continue my work around usage of Oak in Sling I had to do some temporary workaround. Below are the details of the changes done in current implementation
1. Creation of default system users - In JR2 the system users are created by repository itself as part of o.a.j.core.DefaultSecurityManager#createSystemUsers. I was not able to find any such support in current implementation. So I had to create admin user from outside. I am doing it in the bundle which registers the repository with OSGi 2. Constraints on path under which users and groups are created - Current logic (o.a.j.oak.security.user.UserValidator) restricts the user creation under /rep:security/rep:authorizables/rep:users path only. This path is possibly configurable as part of UserManagerConfig but currently its not possible to specify them. Due to this I am not able to import platform content packages which has user's under /home/users path. As a workaround I would try to modify the constants in o.a.j.oak.spi.security.user.UserConstants Any better way for the same? 3. Issues in current user creation logic - I had to do some changes in user creation logic in UserProviderImpl - o.a.j.oak.security.user.UserProviderImpl#isAuthorizableTree - Should check for tree being null - o.a.j.oak.security.user.UserProviderImpl#createFolderNodes - The root.getTree("") should use root.getTree("/"). - o.a.j.oak.spi.security.user.UserConstants - User and Group paths have to start with '/' Given its a wip I have not created issues for them. Let me know if issues should be created for them. Chetan Mehrotra