-
-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
LDAP auth vs database auth case sensitivity leads to HTTP 500 #3516
Comments
I think we would simply add an additional configuration option, telling ZM to use this code. Something like ZM_CASE_INSENSITIVE_USERNAMES. Then people can do whatever they need to do. Pretty trivial. Do you want to fund an hour of my time to get it into the next ZM release? |
Thanks. I'll fork it and do a PR |
Issue #3516 case insensitive login
Thanks! |
…sernames to lower case usernames in database #3516
…RNAMES as name was too long #3516
Case insensitive login - Fix spacing #3516
Just re-opening this issue to check something. Do I need to do a PR specifically to merge these changes into release-1.36 (rather than master), or are these changes scheduled to be in the next major release? I don't mind doing a fresh PR for this and testing again if needed, since there are major differences between master and release-1.36. Thanks! |
…sernames to lower case usernames in database #3516
…RNAMES as name was too long #3516
It has been merged to release-1.36 and will be released in 1.36.29 today. |
To allow Zoneminder to authenticate with LDAP an admin will set AUTH_TYPE to "remote" and configure apache to authenticate with the LDAP server. Then, the same username is created in Zoneminder. Problem is, LDAP authentication is case insensitive a user can login with a valid account which doesn't match the case used for Zoneminder's user.
e.g. user in Zoneminder's database might be "John.Doe" but LDAP would allow "john.doe" to authenticate
After authenticating with the correct username but doesn't match the exact case used for the user in the Zoneminder database, the user is given a HTTP error 500
A temporary solution we have is to change
zoneminder/web/includes/auth.php
Line 323 in 2e22cd5
to
$user = dbFetchOne($sql, NULL, array(strtolower($_SERVER['REMOTE_USER'])));
and then only create lower-case usernames in Zoneminder's database. But, we have to change this file manually after every update. I was thinking of making a pull request for this, but it would break users that just use simple "htpasswd" authentication (and don't use lower case usernames)Are there any long-term solutions for this? Thanks
Extra info, to follow the issue template:
The text was updated successfully, but these errors were encountered: