[
https://issues.apache.org/jira/browse/OAK-1363?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13884830#comment-13884830
]
Tobias Bocanegra commented on OAK-1363:
---------------------------------------
added test:
{{org.apache.jackrabbit.oak.security.authentication.TokenDefaultLoginModuleTest#testTokenAuthInfo}}
> TokenLoginModule does not set userId on auth info
> -------------------------------------------------
>
> Key: OAK-1363
> URL: https://issues.apache.org/jira/browse/OAK-1363
> Project: Jackrabbit Oak
> Issue Type: Bug
> Reporter: Tobias Bocanegra
> Priority: Blocker
> Fix For: 0.16
>
>
> the token login module does not set the userid in the authinfo (because it
> does not know it). and the LoginModuleImpl does not overwrite the AuthInfo if
> it already exists.
> the consequence: {{Session.getUserID()}} returns {{NULL}} for logins that
> create a token.
> I think that the authinfos should be added even if they already exist. and
> all users of the public credentials need to be aware that authinfos can exist
> that are not complete.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
