[MGNLLDAP-126] Login is case sensitive Created: 23/Jul/20  Updated: 11/Mar/21  Resolved: 11/Mar/21

Status: Closed
Project: LDAP Connector
Component/s: None
Affects Version/s: 1.10.3
Fix Version/s: None

Type: Bug Priority: Neutral
Reporter: Carlos Cantalapiedra Assignee: Unassigned
Resolution: Won't Fix Votes: 0
Labels: 622, maintenance
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Problem/Incident
Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Bug DoR:
[ ]* Steps to reproduce, expected, and actual results filled
[ ]* Affected version filled
Date of First Response:
Epic Link: Support

 Description   

After MGNLLDAP-117, LDAP users which logs in Magnolia through MagnoliaRoleResolver or MagnoliaGroupResolver needs an exact match between LDAP and Magnolia username (case sensitive).

Steps to reproduce

  1. Create an user at LDAP server with upperCase (e.g, myTestUser)
  2. Create an user at Magnolia's Security App matching the username in the step 1 but at lowerCase (e.g, mytestuser).
  3. Assign a group to him like travel-demo-editors
  4. At your ldap.properties file, set as groupResolverClass 
    Unknown macro: {{info.magnolia.jaas.sp.ldap.resolver.MagnoliaGroupResolver}

    }

  5. Restart server to apply ldap file changes
  6. Try to login using mytestuser 
  7. Check the login doesn't succeed

Expected results
LDAP users logins without any case sensitive restriction

Actual results
LDAP and Magnolia username must match

Workaround
N/A

Development notes
N/A



 Comments   
Comment by Jan Haderka [ 11/Mar/21 ]

This is not an issue, but a desired functionality. Username of user in Magnolia and in external identity provider (LDAP in this case), but be exact match down to the case to prevent impersonation and connecting incorrect users together.

Generated at Mon Feb 12 02:21:48 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.