Uploaded image for project: 'CDAP'
  1. CDAP
  2. CDAP-9181

LDAP is case insensitive but authorization is, causing a mismatch.

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Won't Fix
    • Affects Version/s: 4.1.0, 4.0.0, 3.5.0
    • Fix Version/s: 5.0.0
    • Component/s: Security
    • Labels:
    • Rank:
      1|hzzyq7:

      Description

      This case insensitivity allows users to log in with any combination of lower and upper case e.g. a user alice can log in to the CDAP UI as Alice, aLice, ALICE etc. but if the privileges were granted to the user "alice" then the user won't be able to access the entities logged in as "Alice".

      This probably can not be solved by simply ignoring the case while enforcing authorization as some other authentication integration could be case sensitive and authorization enforcement will have to respect that.

        Attachments

          Activity

            People

            • Assignee:
              poorna Poorna Chandra
              Reporter:
              Nishith Nishith Nand
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: