Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Usernames are case sensitive #6733

Closed
khudgins opened this issue Jan 20, 2021 · 8 comments · Fixed by #9062
Closed

Usernames are case sensitive #6733

khudgins opened this issue Jan 20, 2021 · 8 comments · Fixed by #9062

Comments

@khudgins
Copy link

Describe the bug
Usernames in the Rundeck database are case sensitive. This creates issues when interacting with LDAPuser stores that are case insensitive - we can create multiple user records for the same actual user when that happens.

My Rundeck detail

  • Rundeck version: All of them, current as of 3.3.7+
  • install type: All
  • OS Name/version: all
  • DB Type/version: all

To Reproduce

Log into Rundeck through the Rundeck login screen with LDAP auth enabled.

Log out.

Log in with the same user, but capitalized differently.

Log out.

Rundeck creates two internal user records based on the different capitalized usernames.
@hs-hub-world
Copy link

Agree! And it generates redundant entries under the user summary page.

@gaddman
Copy link

gaddman commented Mar 10, 2021

This also creates problems with ACLs. For example, if an ACL is created with a lower-case username allowing access to key storage, and then the user logs in with the same username but in a different case they will have no access to their keys.

@niall-munnelly
Copy link

niall-munnelly commented Mar 10, 2021 via email

@a118n
Copy link

a118n commented Oct 8, 2021
edited

Can confirm, fresh installation of Rundeck 3.4.4 - the bug is present.
Anything being done about it?
I think LDAP users should be distinguishable by their SID, not case-sensitive SamAccountName...

@a118n
Copy link

a118n commented Nov 10, 2021
edited

Rundeck 3.4.5 - issue still persists.

@gaddman
Copy link

gaddman commented Dec 13, 2021

For matching ACLs the support team have advised us to use a regex. Which works and, because our ACLs are scripted, is easy enough:

by:
  username: [mM][yY][uU][sS][eE][rR]

@runwaldo
Copy link

another workaround could be adding caseInsensitive="true" to the jaas login module so all usernames are passed to the payload as lower case by the default.

@stale
Copy link

stale bot commented Sep 17, 2023

In an effort to focus on bugs and issues that impact currently supported versions of Rundeck, we have elected to notify GitHub issue creators if their issue is classified as stale and close the issue. An issue is identified as stale when there have been no new comments, responses or other activity within the last 12 months. If a closed issue is still present please feel free to open a new Issue against the current version and we will review it. If you are an enterprise customer, please contact your Rundeck Support to assist in your request.
Thank you, The Rundeck Team

@stale stale bot added the wontfix:stale label Sep 17, 2023
@gschueler gschueler mentioned this issue Apr 30, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

RSE-864 Fix: Case sensitive in users when used LDAP OSS rundeck/rundeck
7 participants
@khudgins @gschueler @gaddman @a118n @niall-munnelly @hs-hub-world @runwaldo