Bug 1309566
Summary: | Username is untrimmed with all leading and trailing white space | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | XiaochuanWang <xiaocwan> |
Component: | apiserver-auth | Assignee: | Jordan Liggitt <jliggitt> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | weiwei jiang <wjiang> |
Severity: | medium | Docs Contact: | |
Priority: | unspecified | ||
Version: | unspecified | CC: | aos-bugs, wsun |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2016-05-12 17:09:29 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
XiaochuanWang
2016-02-18 07:05:27 UTC
The current behavior is actually more correct in the general case... OpenShift should not make assumptions about what the identity provider considers significant in its usernames. The AllowAllPasswordIdentityProvider is likely to be the only identity provider this is an issue for. - HTPasswd requires an exact match between the entered username and the user - LDAP reads the preferred username from an LDAP attribute, which normalizes it - BasicAuth reads the preferred username from the remote response, which normalizes it - RequestHeader reads the username from a request header, not what the user entered This is not reproduced on devenv-rhel7_3500 Login with white space in user name as the trimmed user, there is only one user and user id is unique. oc v1.1.3-170-g14b50fd kubernetes v1.2.0-alpha.7-703-gbc4550d |