Lou DeGenaro commented on UIMA-5114:

Add new Java class CmdId which issues /usr/bin/id <userid> and returns the 
result.  Employ same during WS Login by user to determine userid o/s validity 
before attempting ldap validation.  Returned string must contain 
"("<userid>")", e.g. "(degenaro)", in the first blank-delimited token in order 
to be considered o/s valid.

> DUCC Web Server (WS) needs better user validation for login
> -----------------------------------------------------------
>                 Key: UIMA-5114
>                 URL: https://issues.apache.org/jira/browse/UIMA-5114
>             Project: UIMA
>          Issue Type: Bug
>          Components: DUCC
>            Reporter: Lou DeGenaro
>            Assignee: Lou DeGenaro
>             Fix For: 2.2.0-Ducc
> A user is able to login to ducc (via ldap) as first.last.  But the actual 
> linux userid is First.Last, and when ducc_ling tries to employ first.last the 
> switch-to-user fails.
> WS could employ the command "/usr/bin/id first.last" to validate the userid 
> before delegating to ldap.

This message was sent by Atlassian JIRA

Reply via email to