Created [1] to track this [1] https://github.com/wso2/product-is/issues/1352
Farasath Ahamed Software Engineer, WSO2 Inc.; http://wso2.com Mobile: +94777603866 Blog: blog.farazath.com Twitter: @farazath619 <https://twitter.com/farazath619> <http://wso2.com/signature> On Sun, Sep 3, 2017 at 3:54 PM, Johann Nallathamby <[email protected]> wrote: > +1 > > It should be consistent and I also don't think we should be trimming. > > On Sun, Sep 3, 2017 at 12:40 PM, Farasath Ahamed <[email protected]> > wrote: > >> Hi Devs, >> >> Noticed that we trim the username when performing authentication in LDAP >> and AD Userstore Managers[1]. But we do not do trim the username in >> JDBCUserStoreManager[2]? >> >> IMO we should have the similar behaviour for all the user stores, ie. >> either we trim the username in each of them or we don't trim in any of them? >> >> On the other hand, I think we shouldn't trim the username at all since it >> leads to issue like[3], where the authentication was successful because of >> trimming the spaces silently but claims retrieval etc. fails due to the >> incorrect username with extra spaces. >> >> Appreciate your thoughts! >> >> >> [1] https://github.com/wso2/carbon-kernel/blob/4.4.x/core/or >> g.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/ >> core/ldap/ReadOnlyLDAPUserStoreManager.java#L357 >> >> [2] https://github.com/wso2/carbon-kernel/blob/f551d3530300a >> 43ca1afc2a56d62be34f2d72320/core/org.wso2.carbon.user. >> core/src/main/java/org/wso2/carbon/user/core/jdbc/JDBCUser >> StoreManager.java#L1152-L1235 >> >> [3] https://wso2.org/jira/browse/IDENTITY-5864 >> >> >> Thanks, >> Farasath Ahamed >> Software Engineer, WSO2 Inc.; http://wso2.com >> Mobile: +94777603866 >> Blog: blog.farazath.com >> Twitter: @farazath619 <https://twitter.com/farazath619> >> <http://wso2.com/signature> >> >> >> > > > -- > Thanks & Regards, > > *Johann Dilantha Nallathamby* > Senior Lead Solutions Engineer > WSO2, Inc. > lean.enterprise.middleware > > Mobile - *+94777776950* > Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
