Bug #206
Trac login username not case sensitive but operations are
100%
Description
When logging in to the Trac site the supplied user name is not treated in a case sensitive way which results in the user being authenticated by LDAP, but the account information doesn't match with the credentials internally by Trac. So for example, I can login with username "VIEGLAIS", but that user has no permissions within Trac.
Since authentication is handled by Apache, it is likely the issue lies with mod_auth_ldap ignoring case (likely converting username to lowercase).
Unless there's a configuration option for mod_auth_ldap to preserve case, the best option might be to warn users to always use lower case for their user name when logging in.
History
#1 Updated by Dave Vieglais over 14 years ago
The uid and userid attributes are defined with "caseIgnoreMatch" in the OpenLDAP configuration, so it appears this behavior is by design, and altering it may have unintended consequences. Hence the viable options are to warn users or to hack Trac to force lower-case usernames (undesirable).
( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} }
#2 Updated by Matthew Jones over 13 years ago
- Status changed from New to Closed
Closing, as we are moving off of track so no longer an issue.
