Package org.silverpeas.core.jcr.impl.oak.security

The implementation of the JCR is provided by Apache Jackrabbit Oak. It expects, like any other JCR implementations, the users and the groups of users are managed within the JCR. But those are managed directly by Silverpeas itself. In the case they are managed externally, Oak expects a synchronization of them with the repository, and it is what we don't want here to avoid user management duplication, even for satisfying any specific authentication and authorization process. Nevertheless, custom authentication and authorization mechanisms can be plugged into Oak, but they have to be based upon JAAS and the security system of Silverpeas isn't built upon JAAS. So this package provides the components required by Oak to authenticate and to authorize a user but in bypassing all of this security mechanism in Oak.
Author:
mmoquillon