[
https://issues.apache.org/jira/browse/OAK-12079?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18055268#comment-18055268
]
Angela Schreiber commented on OAK-12079:
----------------------------------------
[~nscendoni] , [~amoratinos] , i have been looking at this again and trying to
assess how big the risk of making this changes would be.
that's when i had another idea: would it be an option to make a distinction
between depth=0 and depth=-1, where depth 0 would be processed but -1 would
indicate skipping the membership sync?
this is a breaking change for the default-sync-handler but would allow to keep
the cleanup if someone changes from a value > 0 to value = 0 in the dynamic
sync.
wdyt?
> user.membershipNestingDepth=0 not respected for dynamic membership during
> external user sync
> --------------------------------------------------------------------------------------------
>
> Key: OAK-12079
> URL: https://issues.apache.org/jira/browse/OAK-12079
> Project: Jackrabbit Oak
> Issue Type: Bug
> Components: auth-external
> Reporter: Nicola Scendoni
> Priority: Major
>
> When setting user.membershipNestingDepth to 0, external group membership are
> removed when the user is sync.
> h3. *Expected Result*
> * With user.membershipNestingDepth=0, no external group memberships should
> be resolved or modified.
> * Existing external group memberships should remain untouched.
> * Effectively, group synchronization should be disabled.
> h3. *Actual Result*
> * During user synchronization, external group memberships are removed from
> the user.
> * Dynamic membership processing still affects the user despite
> user.membershipNestingDepth being set to 0.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
