[
https://issues.apache.org/jira/browse/UIMA-5114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15506609#comment-15506609
]
Lou DeGenaro commented on UIMA-5114:
------------------------------------
Add new Java class CmdId which issues /usr/bin/id <userid> and returns the
result. Employ same during WS Login by user to determine userid o/s validity
before attempting ldap validation. Returned string must contain
"("<userid>")", e.g. "(degenaro)", in the first blank-delimited token in order
to be considered o/s valid.
> DUCC Web Server (WS) needs better user validation for login
> -----------------------------------------------------------
>
> Key: UIMA-5114
> URL: https://issues.apache.org/jira/browse/UIMA-5114
> Project: UIMA
> Issue Type: Bug
> Components: DUCC
> Reporter: Lou DeGenaro
> Assignee: Lou DeGenaro
> Fix For: 2.2.0-Ducc
>
>
> A user is able to login to ducc (via ldap) as first.last. But the actual
> linux userid is First.Last, and when ducc_ling tries to employ first.last the
> switch-to-user fails.
> WS could employ the command "/usr/bin/id first.last" to validate the userid
> before delegating to ldap.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
