Hi You probably want to implement an AuthenticationHandler service. You might want to look at the OpenID authentication handler [1]. This handler leverages OpenID to validate the identity of the user and creates the user on-demand linking the user to the OpenID identity.
Another approache, that we have taken in our commercial product is to implement a JAAS LoginModule for the Jackrabbit to sync the user detail information with the LDAP server. The advantage of this implementation is that the authentication is transparent to the consumer of the JCR Repository.login method. But it is somewhat more involved to implement and configure. Hope this helps. Regards Felix [1] http://svn.apache.org/repos/asf/sling/trunk/bundles/auth/openid/ Am 05.11.2013 um 12:02 schrieb Bernd Winterstein <[email protected]>: > Hi > In my sling application I would like to authenticate against an external > system. Scenario is as following: > > 1. The credentials are validated via sling basic/form login against the > external system. (LDAP, Database, whatever) > 2. If the external system grants access and the jcr user is not existing, > autocreate the user with group memberships according to the information > provided by the external system. > > I read the sling documentation about the authentication framework, but I'm > still confused. Where can I plug in the authentication and user creation? > > Regards, > > Bernd
