Return-Path: <oak-issues-return-50887-archive-asf-public=cust-asf.ponee.io@jackrabbit.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id D2F85200CAA
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Fri,  2 Jun 2017 11:35:10 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id D2378160BD1; Fri,  2 Jun 2017 09:35:10 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 24828160BD2
	for <archive-asf-public@cust-asf.ponee.io>; Fri,  2 Jun 2017 11:35:09 +0200 (CEST)
Received: (qmail 96361 invoked by uid 500); 2 Jun 2017 09:35:09 -0000
Mailing-List: contact oak-issues-help@jackrabbit.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:oak-issues-help@jackrabbit.apache.org>
List-Unsubscribe: <mailto:oak-issues-unsubscribe@jackrabbit.apache.org>
List-Post: <mailto:oak-issues@jackrabbit.apache.org>
List-Id: <oak-issues.jackrabbit.apache.org>
Reply-To: oak-dev@jackrabbit.apache.org
Delivered-To: mailing list oak-issues@jackrabbit.apache.org
Received: (qmail 96279 invoked by uid 99); 2 Jun 2017 09:35:08 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 02 Jun 2017 09:35:08 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id 80B4A1810D5
	for <oak-issues@jackrabbit.apache.org>; Fri,  2 Jun 2017 09:35:07 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -99.202
X-Spam-Level: 
X-Spam-Status: No, score=-99.202 tagged_above=-999 required=6.31
	tests=[KAM_ASCII_DIVIDERS=0.8, RP_MATCHES_RCVD=-0.001,
	SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=disabled
Received: from mx1-lw-eu.apache.org ([10.40.0.8])
	by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024)
	with ESMTP id EmB7-T36NFX6 for <oak-issues@jackrabbit.apache.org>;
	Fri,  2 Jun 2017 09:35:06 +0000 (UTC)
Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139])
	by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTP id 1DC515FDEE
	for <oak-issues@jackrabbit.apache.org>; Fri,  2 Jun 2017 09:35:06 +0000 (UTC)
Received: from jira-lw-us.apache.org (unknown [207.244.88.139])
	by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 59784E0237
	for <oak-issues@jackrabbit.apache.org>; Fri,  2 Jun 2017 09:35:05 +0000 (UTC)
Received: from jira-lw-us.apache.org (localhost [127.0.0.1])
	by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id 4D7FE21D62
	for <oak-issues@jackrabbit.apache.org>; Fri,  2 Jun 2017 09:35:04 +0000 (UTC)
Date: Fri, 2 Jun 2017 09:35:04 +0000 (UTC)
From: "Robert Munteanu (JIRA)" <jira@apache.org>
To: oak-issues@jackrabbit.apache.org
Message-ID: <JIRA.13067692.1493387101000.350140.1496396104315@Atlassian.JIRA>
In-Reply-To: <JIRA.13067692.1493387101000@Atlassian.JIRA>
References: <JIRA.13067692.1493387101000@Atlassian.JIRA> <JIRA.13067692.1493387101748@jira-lw-us.apache.org>
Subject: [jira] [Commented] (OAK-6144) ExternalIdentity should have a method
 indicating if an identity is actually active
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394
archived-at: Fri, 02 Jun 2017 09:35:11 -0000


    [ https://issues.apache.org/jira/browse/OAK-6144?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16034387#comment-16034387 ] 

Robert Munteanu commented on OAK-6144:
--------------------------------------

[~baedke] - good news, glad to hear that it works

> ExternalIdentity should have a method indicating if an identity is actually active
> ----------------------------------------------------------------------------------
>
>                 Key: OAK-6144
>                 URL: https://issues.apache.org/jira/browse/OAK-6144
>             Project: Jackrabbit Oak
>          Issue Type: New Feature
>          Components: auth-external
>            Reporter: Manfred Baedke
>            Assignee: Manfred Baedke
>         Attachments: oak-6144-1.patch
>
>
> The interface ExternalIdentityProvider currently offers the method getIdentity(ExternalIdentityRef) to resolve a reference to an external Identity, but there is no way to tell if the external identity is considered active by the identity provider. The ability to resolve the reference doesn't mean that the resulting identity may actually be used for authentication or authorization.
> If ExternaIIdentity isn't able to express this difference, it's hard to come up with a sensible implemenation of e.g. SynchronizationMBean#purgeOrphanedUsers(), because the ability to resolve a reference to an external identity doesn't mean that the corresponding Oak user is still valid.
> A new method ExternalIdentiy#isActive() would allow us to clearly define the notion of an "orphaned user".



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)