[
https://issues.apache.org/jira/browse/OAK-8802?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Julian Reschke closed OAK-8802.
-------------------------------
> ExternalLoginModule.commit will fail if no principals can be resolved for
> externalUser
> --------------------------------------------------------------------------------------
>
> Key: OAK-8802
> URL: https://issues.apache.org/jira/browse/OAK-8802
> Project: Jackrabbit Oak
> Issue Type: Bug
> Components: auth-external, security
> Reporter: Angela Schreiber
> Assignee: Angela Schreiber
> Priority: Minor
> Fix For: 1.22.0
>
>
> while testing a potential patch for OAK-8710 i noticed that
> {{ExternalLoginModule.commit()}} will not succeed if
> {{AbstractLoginModule.getPrincipals}} returns an empty list. however,
> depending on the oak security setup there the principal lookup may not be
> able to resolve the given external ID while still being able to successfully
> login the given external user e.g. by means of login with a subject that has
> already been populated with the principals to be used.
> i would suggest to let {{ExternalLoginModule.commit()}} succeed as soon as
> the {{externalUser}} field was set during the first login phase. authinfo and
> subject can then be populated accordingly.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
