Hi, When looking at the login() code for OAK-634 I realized that there's a a lot of duplication between jackrabbit-core and oak-core in this area.
Would it make sense to split out the authentication code to something like jackrabbit-jcr-auth that could be used by both jackrabbit-core and oak-core. AFAICT there aren't too many places in the authentication code that require deep integration with the repository internals (unlike in authorization), so it should be possible to extract the relevant code to a separate component. Or am I mistaken? BR, Jukka Zitting