I have made a custom login plugin, where for the time being I am testing user creation in the handleRetrieveIdentity() method of the Authenticator.

I am currently doing the following to save a user.

UserManager userManager = Framework.getService(UserManager.class);
NuxeoPrincipal principal = userManager.getPrincipal(user.getEmail());
if (principal == null) {
    logger.debug("principal was null. creating a new user for email id {}",user.getEmail());
    DocumentModel userDocModel = userManager.getBareUserModel();
    userDocModel.setProperty("user", "username", user.getEmail());
    userDocModel.setProperty("user", "email", user.getEmail());
    userDocModel.setProperty("user", "password", "fakepassword" + new Random().nextInt());
    //userDocModel.setProperty("user", "groups", groups);
    userManager.createUser(userDocModel);
}

But this is not saving the user in the mongo collection userDirectory where the other predefined users reside. What could I be doing wrong here?

Edit:

I debugged the code and saw that the error was at createUser(userDocModel) call. To create a user the MongoDbSession's inherited method createEntry() checks for permission with the call checkPermission(SecurityConstants.WRITE);, which goes to this piece of code.

public void checkPermission(String permission) {    
    if (hasPermission(permission)) {       
         return;    
    }    
    if (permission.equals(SecurityConstants.WRITE) && isReadOnly()) { 
           throw new DirectorySecurityException("Directory is read-only");    
    } else {        
        NuxeoPrincipal user = ClientLoginModule.getCurrentPrincipal();    
            throw new DirectorySecurityException("User " + user + " does not    have " + permission + " permission");    
}

In my case, the control goes to the line NuxeoPrincipal user = ClientLoginModule.getCurrentPrincipal(); which returns null and then exception is thrown. Thus, since the null user is denied to create any user entry. So, now I know the problem, but how do I fix it. Since I am trying to login, I wont have any user logged-in in the first place. Any help is highly appreciated.