Bug 1469589 - Auth External Auth SAML - Users with custom groups with special chars can't log in. [NEEDINFO]
Auth External Auth SAML - Users with custom groups with special chars can't l...
Status: NEW
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Appliance (Show other bugs)
5.8.0
Unspecified Unspecified
medium Severity medium
: GA
: cfme-future
Assigned To: Joe Vlcek
Matt Pusateri
auth:externalauth:saml
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2017-07-11 10:17 EDT by Matt Pusateri
Modified: 2017-11-06 16:04 EST (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
jvlcek: needinfo? (mpusater)


Attachments (Terms of Use)
audit log (15.41 KB, text/plain)
2017-07-11 10:25 EDT, Matt Pusateri
no flags Details
evm log (12.69 MB, text/plain)
2017-07-11 10:25 EDT, Matt Pusateri
no flags Details

  None (edit)
Description Matt Pusateri 2017-07-11 10:17:04 EDT
Description of problem:
Auth External Auth SAML - User with custom group with special characters can't log in. -  User with SR-APP-EPM-Membre-équipe Group get's "Authentication failed for userid test-user3, unable to match user's group membership to an EVM role" error message.

Version-Release number of selected component (if applicable):
5.8.1.0 (probably 5.7.3.0 as well)

How reproducible:


Steps to Reproduce:
1. Configure appliance to use SAML
2. Create user who has a custom group like "SR-APP-EPM-Membre-équipe"
3. Add custom group to cfme and assign role.
4. log in with user.

Actual results:
Login fails with unable to match user's group membershipt to a EVM role

Expected results:
User should be able to log in. 

Additional info:
Comment 2 Matt Pusateri 2017-07-11 10:25 EDT
Created attachment 1296266 [details]
audit log
Comment 3 Matt Pusateri 2017-07-11 10:25 EDT
Created attachment 1296267 [details]
evm log
Comment 4 Joe Vlcek 2017-11-06 16:04:24 EST
Matt, Is this still happening? If so it is restricted to only SAML or all External Auth?

Thanks, JoeV

Note You need to log in before you can comment on or make changes to this bug.