hi torgeir
the current implementation works as follows: the user's ID
is in fact stored in the jcr:uuid property in order to
have an efficient lookup upon Repository#login() such that
UserManager#getAuthorizable(String id) basically doesn't
require any kind of searching but as cheap as Session#getNodeByUUID().
in addition the jcr:uuid is the only property that has
a built-in mechanism to enforce uniqueness which is usually
also desired when it comes to users.
if you want to change the userID you'd have to change the
uuid of the node such that the lookup userId -> jcr:uuid
still works.
in the access control content (to be precise in the rep:ACE
nodes) the principal name is store. the user's ID doesn't
have any relevance here. similarly it's only the Principal
instances stored in the Subject that are used to enforce
the permissions. populating the subject is the responsibility
of the authentication process: either the subject is passed
to the repo login using the java AccessControlContext or a
new one is created and it is populated by the configured
LoginModule(s) upon successful completion (LoginModule#commit).
kind regards
angela
On 2/8/13 12:35 PM, Torgeir Veimo wrote:
Sorry I was a bit unclear. It's the username used for
repository.login() i need to change, so not the uuid. This is the
rep:principalName property?
Is the rep:principalName used verbatim in ACLs etc? or is the rep:User
nodes' uuid used?
On Fri, Feb 8, 2013 at 8:45 PM, Angela Schreiber<anch...@adobe.com> wrote:
hi torgeir
if you are referring to the userID: this can't be changed.
moving/renaming a user node will only change the node name
but the internal id used for the lookup (uuid) will not be
affected.
changing the principal name on the other hand would be a different
story and has nothing to do with the userId. the principal
name is the link to all the access control content for Principal
represented by the given user.
currently, the only way to change the userID while keeping
the other user data was to create a new user and copy over
the other information. the old user should be disabled.
regards
angela
On 2/8/13 10:39 AM, Torgeir Veimo wrote:
Is there a method to change the username of a jackrabbit managed user?
Or is it the right way to change the rep:principalName property, along
with renaming and moving the rep:User node?
--
-Tor
