Hi, Rather than automatically creating JCR users for OpenID users, I would support (and call this mechanism) self-registration.
We can still use AX, SReg, and similar extensions to prefill user details (if available from the OpenID provider). But I would not create users automatically on the fly without user intervention and without adding prevention to automatically fill the user space. As such this issue sounds like a duplicate of SLING-1562. Regards Felix On 21.06.2010 15:36, Justin Edelson (JIRA) wrote: > Automatically create a User object for an OpenID identifier > ----------------------------------------------------------- > > Key: SLING-1563 > URL: https://issues.apache.org/jira/browse/SLING-1563 > Project: Sling > Issue Type: New Feature > Components: Extensions > Reporter: Justin Edelson > > > Similar to how CRX supports autocreating User accounts when a successful LDAP > authentication is done > (http://dev.day.com/docs/en/crx/current/administering/ldap_authentication.html#Auto > Creation), it would be nice if the OpenID authentication bundle could > support autocreate a user account under a certain set of circumstances. > > * This function should be *disabled* by default. > * Use AX (http://openid.net/specs/openid-attribute-exchange-1_0.html) to > request a set of user attributes from the identity provider and the > configurable mappings between these attributes and User node properties. > * Since OpenID doesn't support groups, a default set of one or more groups > needs to be specified for new users. > * A regex can be supplied for OpenID identifiers to limit which identifiers > will result in auto-generated User accounts > > I'm doubtful that this should be done in the openid auth bundle. An > alternative would be to create a whiteboard to look for implementations of > DYU's Listener interface. Newer DYU versions have AX support via a Listener > and I'm pretty sure the autocreation could be done in a Listener as well. >
