Description of problem: When user log in to UserPortal(or UserLevelAPI) then user_name of this user is changed to it's previous name without domain.(user@domain => user) Version-Release number of selected component (if applicable): 3.1.0-38.el6ev How reproducible: always Steps to Reproduce: 1. Add user. 2. Give user login permissions. 3. Login as user. Actual results: User_name is changed after login. Expected results: User_name shouldn't be changed. Additional info: 2013-01-07 14:15:21,314 INFO [org.ovirt.engine.core.bll.RemoveUserCommand] (pool-4-thread-47) [581200e8] Running command: RemoveUserCommand internal: false. Entities affected : ID: aaa00000-0000-0000-0000-123456789aaa Type: System 2013-01-07 14:15:37,955 INFO [org.ovirt.engine.core.bll.AddUserCommand] (pool-4-thread-47) [494bb769] Running command: AddUserCommand internal: false. Entities affected : ID: aaa00000-0000-0000-0000-123456789aaa Type: System 2013-01-07 14:16:01,675 INFO [org.ovirt.engine.core.bll.AddPermissionCommand] (pool-4-thread-47) [205b515a] Running command: AddPermissionCommand internal: false. Entities affected : ID: 5f88fda2-5d86-4010-a704-7fbcc3cf4137 Type: Storage 2013-01-07 14:16:20,653 INFO [org.ovirt.engine.core.bll.LoginUserCommand] (ajp-/127.0.0.1:8702-18) [39109076] Checking if user portaluser2 is an admin, result false 2013-01-07 14:16:20,654 INFO [org.ovirt.engine.core.bll.LoginUserCommand] (ajp-/127.0.0.1:8702-18) [39109076] Running command: LoginUserCommand internal: false. [BEFORE login] <user> <name>portaluser2</name> <link .../> <domain .../> <user_name>portaluser2.eng.brq.redhat.com</user_name> </user> [AFTER login] <user> <name>portaluser2</name> <link .../> <domain .../> <user_name>portaluser2</user_name> </user>
link : http://gerrit.ovirt.org/#/c/10869/ change id : I072f9aa8dc706533682b53d8b5a56e9b2dc09b82
http://gerrit.ovirt.org/gitweb?p=ovirt-engine.git;a=commit;h=bfb32d58dfada193d3dd58382f38ede37a6f3e6a
Created attachment 693596 [details] Backport upstream patch to RHEV 3.1
One thing to note is that my backported patch (and presumably the upstream patch) will cause the case of the domain portion of the username to change to lower case -- i.e. rhevadmin becomes rhevadmin. The use of upper case seems to be fairly traditional with Kerberos realms and Active Directory domains, so it seems like it might be a good idea to upper-case the domain (and possibly even "fix" any usernames that have somehow been lower-cased). For example: private String getFullUserName(AdUser adUser) { String userName = adUser.getUserName(); int i = userName.indexOf('@'); if (i >= 0) { userName = userName.substring(0, i); } return userName + "@" + adUser.getDomainControler().toUpperCase(); }
(In reply to comment #5) > One thing to note is that my backported patch (and presumably the upstream > patch) will cause the case of the domain portion of the username to change > to lower case -- i.e. rhevadmin becomes rhevadmin. After rebuilding with the patch from comment #4 and running for a while, I've noticed that *something* has upper-cased the domain portion of my usernames -- both in the database and as returned by the REST API. So it doesn't look like any additional jiggery pokery is necessary on that front.
3.2 has been released