We have an external identity management system which has to manage the lifecycle of users in CQ5 using Sling and REST.
We are able to create and delete users and groups with
Create
POST http://$host:$port/libs/cq/security/authorizables/POST
Content: rep:[email protected]&givenName=Example&familyName=Example&[email protected]&rep:password=random
Delete
POST http://$host:$port/home/users/e/[email protected]
Content: deleteAuthorizable=1
Our problem is that we did not find out how to rename a user (or a group).
How can we rename a user?
The only solution we found would be to
Although this solution could work it will most likely pose some performance problems (we have more than 70K users and more than 15K groups). If this is the only solution: how can we perform the first step (list all the memberships) efficiently via REST
Know that this doesn't provide a solution to your issue, but just to point out that renaming via REST seems to be a no-go. The docs seem to be fairly explicit on it:
The jackrabbit-usermanager bundle delivers a REST interface to create, update and delete users and groups in the JCR.
To update an existing user POST a request to /system/userManager/user/username.update.. You can NOT update the username or the password (see Change Password below) only the additional properties are updateable through this URL.
Though on the same page, it does seem that a query for a particular user should bring back their group membership:
$ curl http://localhost:8080/system/userManager/user/admin.tidy.1.json
{
"memberOf": [],
"declaredMemberOf": []
}
Not sure if CQ locks down access to user info in this way.