-
Improvement
-
Resolution: Fixed
-
Major
-
3.1 M1
-
None
Current implementation of JCR Authorization module forces you to duplicate users in JCR even if authentication source is external.
IMHO
- Authentication module should check for credentials (like it is now) in addition collect groups and roles together with details like user language, email etc..
- Authorization module can use above information to read access control list for this user
this will help us develope authentication modules for any data/directory source without having to duplicate users in JCR
Acceptance criteria