jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Angela Schreiber <anch...@adobe.com>
Subject Re: change username
Date Fri, 08 Feb 2013 13:46:23 GMT
hi torgeir

the current implementation works as follows: the user's ID
is in fact stored in the jcr:uuid property in order to
have an efficient lookup upon Repository#login() such that
UserManager#getAuthorizable(String id) basically doesn't
require any kind of searching but as cheap as Session#getNodeByUUID().
in addition the jcr:uuid is the only property that has
a built-in mechanism to enforce uniqueness which is usually
also desired when it comes to users.

if you want to change the userID you'd have to change the
uuid of the node such that the lookup userId -> jcr:uuid
still works.

in the access control content (to be precise in the rep:ACE
nodes) the principal name is store. the user's ID doesn't
have any relevance here. similarly it's only the Principal
instances stored in the Subject that are used to enforce
the permissions. populating the subject is the responsibility
of the authentication process: either the subject is passed
to the repo login using the java AccessControlContext or a
new one is created and it is populated by the configured
LoginModule(s) upon successful completion (LoginModule#commit).

kind regards
angela

On 2/8/13 12:35 PM, Torgeir Veimo wrote:
> Sorry I was a bit unclear. It's the username used for
> repository.login() i need to change, so not the uuid. This is the
> rep:principalName property?
>
> Is the rep:principalName used verbatim in ACLs etc? or is the rep:User
> nodes' uuid used?
>
> On Fri, Feb 8, 2013 at 8:45 PM, Angela Schreiber<anchela@adobe.com>  wrote:
>> hi torgeir
>>
>> if you are referring to the userID: this can't be changed.
>> moving/renaming a user node will only change the node name
>> but the internal id used for the lookup (uuid) will not be
>> affected.
>>
>> changing the principal name on the other hand would be a different
>> story and has nothing to do with the userId. the principal
>> name is the link to all the access control content for Principal
>> represented by the given user.
>>
>> currently, the only way to change the userID while keeping
>> the other user data was to create a new user and copy over
>> the other information. the old user should be disabled.
>>
>> regards
>> angela
>>
>>
>> On 2/8/13 10:39 AM, Torgeir Veimo wrote:
>>>
>>> Is there a method to change the username of a jackrabbit managed user?
>>>
>>> Or is it the right way to change the rep:principalName property, along
>>> with renaming and moving the rep:User node?
>>>
>>
>
>
>
> --
> -Tor

Mime
View raw message