huangsheng created KYLIN-5600:
---------------------------------
Summary: LDAP DN is not case sensitive, resulting in user login
failure
Key: KYLIN-5600
URL: https://issues.apache.org/jira/browse/KYLIN-5600
Project: Kylin
Issue Type: Bug
Components: REST Service, Security
Affects Versions: 5.0-alpha
Reporter: huangsheng
Fix For: 5.0-alpha
In some user scenarios, uppercase and lowercase logins to LDAP fail.
Root Cause:
When all users are obtained from ldapUserService in the code, the attribute
names in the recorded dn contain uppercase letters, but the DN attribute names
passed in by customers when they log in to ldap are lowercase, resulting in
inconsistent capitalization and login failure. Customers here CN
=xxx,DU=xxx,DC=xxx, but ldap here is cn=xxx,du=xxx,dc=xxx
A point where later maintenance can be optimized:
When troubleshooting LDAP problems, there are often strange problems that the
user names cannot be matched. It is very laborious to troubleshoot. You need to
add this information to the log instead of printing it all the time. You can
consider printing it after polling for a number of times, and printing it when
it is loaded for the first time. and so on
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
