[jira] [Commented] (UIMA-5114) DUCC Web Server (WS) needs better user validation for login
[ https://issues.apache.org/jira/browse/UIMA-5114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15596367#comment-15596367 ] Lou DeGenaro commented on UIMA-5114: Code is delivered. > DUCC Web Server (WS) needs better user validation for login > --- > > Key: UIMA-5114 > URL: https://issues.apache.org/jira/browse/UIMA-5114 > Project: UIMA > Issue Type: Bug > Components: DUCC >Reporter: Lou DeGenaro >Assignee: Lou DeGenaro > Fix For: 2.2.0-Ducc > > > A user is able to login to ducc (via ldap) as first.last. But the actual > linux userid is First.Last, and when ducc_ling tries to employ first.last the > switch-to-user fails. > WS could employ the command "/usr/bin/id first.last" to validate the userid > before delegating to ldap. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (UIMA-5114) DUCC Web Server (WS) needs better user validation for login
[ https://issues.apache.org/jira/browse/UIMA-5114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15596348#comment-15596348 ] Lou DeGenaro commented on UIMA-5114: Two bugs. 1. CmdId runnit() does not include userid on the command line 2. DuccHandlerUserAuthentication.handleDuccServletLogin() does not separate userid@domain soon enough > DUCC Web Server (WS) needs better user validation for login > --- > > Key: UIMA-5114 > URL: https://issues.apache.org/jira/browse/UIMA-5114 > Project: UIMA > Issue Type: Bug > Components: DUCC >Reporter: Lou DeGenaro >Assignee: Lou DeGenaro > Fix For: 2.2.0-Ducc > > > A user is able to login to ducc (via ldap) as first.last. But the actual > linux userid is First.Last, and when ducc_ling tries to employ first.last the > switch-to-user fails. > WS could employ the command "/usr/bin/id first.last" to validate the userid > before delegating to ldap. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (UIMA-5114) DUCC Web Server (WS) needs better user validation for login
[ https://issues.apache.org/jira/browse/UIMA-5114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15506624#comment-15506624 ] Lou DeGenaro commented on UIMA-5114: Code is delivered. > DUCC Web Server (WS) needs better user validation for login > --- > > Key: UIMA-5114 > URL: https://issues.apache.org/jira/browse/UIMA-5114 > Project: UIMA > Issue Type: Bug > Components: DUCC >Reporter: Lou DeGenaro >Assignee: Lou DeGenaro > Fix For: 2.2.0-Ducc > > > A user is able to login to ducc (via ldap) as first.last. But the actual > linux userid is First.Last, and when ducc_ling tries to employ first.last the > switch-to-user fails. > WS could employ the command "/usr/bin/id first.last" to validate the userid > before delegating to ldap. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (UIMA-5114) DUCC Web Server (WS) needs better user validation for login
[ https://issues.apache.org/jira/browse/UIMA-5114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15506609#comment-15506609 ] Lou DeGenaro commented on UIMA-5114: Add new Java class CmdId which issues /usr/bin/id and returns the result. Employ same during WS Login by user to determine userid o/s validity before attempting ldap validation. Returned string must contain "("")", e.g. "(degenaro)", in the first blank-delimited token in order to be considered o/s valid. > DUCC Web Server (WS) needs better user validation for login > --- > > Key: UIMA-5114 > URL: https://issues.apache.org/jira/browse/UIMA-5114 > Project: UIMA > Issue Type: Bug > Components: DUCC >Reporter: Lou DeGenaro >Assignee: Lou DeGenaro > Fix For: 2.2.0-Ducc > > > A user is able to login to ducc (via ldap) as first.last. But the actual > linux userid is First.Last, and when ducc_ling tries to employ first.last the > switch-to-user fails. > WS could employ the command "/usr/bin/id first.last" to validate the userid > before delegating to ldap. -- This message was sent by Atlassian JIRA (v6.3.4#6332)