[ https://issues.apache.org/jira/browse/OAK-6144?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16029463#comment-16029463 ]
Manfred Baedke commented on OAK-6144: ------------------------------------- [~tripod], bq. LGTM, but I think you need to increase the package version to 2.3.1 I tried that, but after adding the @ProviderType annotation to ExternalIdentity the baseline plugin still fails. Can you explain? > ExternalIdentity should have a method indicating if an identity is actually > active > ---------------------------------------------------------------------------------- > > Key: OAK-6144 > URL: https://issues.apache.org/jira/browse/OAK-6144 > Project: Jackrabbit Oak > Issue Type: New Feature > Components: auth-external > Reporter: Manfred Baedke > Assignee: Manfred Baedke > Attachments: oak-6144-1.patch > > > The interface ExternalIdentityProvider currently offers the method > getIdentity(ExternalIdentityRef) to resolve a reference to an external > Identity, but there is no way to tell if the external identity is considered > active by the identity provider. The ability to resolve the reference doesn't > mean that the resulting identity may actually be used for authentication or > authorization. > If ExternaIIdentity isn't able to express this difference, it's hard to come > up with a sensible implemenation of e.g. > SynchronizationMBean#purgeOrphanedUsers(), because the ability to resolve a > reference to an external identity doesn't mean that the corresponding Oak > user is still valid. > A new method ExternalIdentiy#isActive() would allow us to clearly define the > notion of an "orphaned user". -- This message was sent by Atlassian JIRA (v6.3.15#6346)