Is there a way to authenticate users against my own datasource, but not have JBP synchronize the users/roles to itself?
JBP seems to be tightly coupled with Hibernate so that it can synchronize/retrieve user info from a database managed by JBP.
But for security purposes though, I do not want JBP to synchronize this kind of data. Instead, I have my own code module and would like it to supply this data to JBP whenever it is needed. So I only want user/role data stored in one location that can only be accessed from my code module.
Is this possible? I'm using JBP 2.6.2. Thanks!
Its happening in DelegatingUserProfileModule which you can remove from the config. You also need to update the mappings in profile-config.xml. The problem is that LDAP doesn't provide attributes for all the properties that portal stores for user. You can handle it in your own implementation.