Bug 535603 - (RHQ-2281) LDAP case insensitive authentication may lead to unwanted users
LDAP case insensitive authentication may lead to unwanted users
Product: RHQ Project
Classification: Other
Component: Usability (Show other bugs)
All All
medium Severity medium (vote)
: ---
: ---
Assigned To: RHQ Project Maintainer
: FutureFeature, Improvement
Depends On:
  Show dependency treegraph
Reported: 2009-07-30 14:07 EDT by Jay Shaughnessy
Modified: 2011-05-13 14:53 EDT (History)
1 user (show)

See Also:
Fixed In Version: 2.4
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2011-05-13 14:53:38 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Jay Shaughnessy 2009-07-30 14:07:00 EDT
LDAP authentication may be case insensitive whereas jon usernames are case sesnsitive.   So, a single LDAP username, say 'user1' may pass a login check for 'user1', 'User1', 'USER1', etc.  But, each of these variations will look like a different user to RHQ and each will ask to be registered separately upon successful LDAP authentication.

Perhaps for LDAP we should allow only one case-specific entry.  Meaning, if we invoke LDAP authentication, and it succeeds, check the RHQ db for the username in a case-insensitive way.  If there is a match, change the entered username to the existing entry and continue with the session.
Comment 1 Red Hat Bugzilla 2009-11-10 16:01:24 EST
This bug was previously known as http://jira.rhq-project.org/browse/RHQ-2281
Comment 2 wes hayutin 2010-02-16 12:08:18 EST
mass add of key word FutureFeature to help track
Comment 3 Simeon Pinder 2010-11-02 13:41:26 EDT
This issue should be closed. Is a duplicate of https://bugzilla.redhat.com/show_bug.cgi?id=586435 which was already addressed/closed.
Comment 4 Simeon Pinder 2011-05-13 14:53:38 EDT
Closing as has already been addressed.

Note You need to log in before you can comment on or make changes to this bug.