[
https://issues.apache.org/jira/browse/OAK-1710?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
angela updated OAK-1710:
------------------------
Component/s: (was: security)
core
> Extend authentication with intelligent loginid->userid mapping
> --------------------------------------------------------------
>
> Key: OAK-1710
> URL: https://issues.apache.org/jira/browse/OAK-1710
> Project: Jackrabbit Oak
> Issue Type: Improvement
> Components: core
> Reporter: Tobias Bocanegra
>
> use cases:
> * login with windows "DOMAIN\userid"
> * login with case insensitive userid
> * login with login id (e.g.) that is not equal to the user id
> * login with ldap DN
> the logical steps to resolve the users are:
> 1. select the correct IDP for the given credentials
> 2. find the user in the IDP based on the credentials
> 3. authenticate the user
> 4. find the oak-user via user manager
> 5. setup subject based on the oak-user
> 6. allow login modules to add more principals
> 7. set AuthInfo to correctly identify the userid that corresponds to the user
> that was logged in
> question:
> * different credentials for different use cases?
> * how much must each login module implement itself?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
