Details
-
Bug Report
-
Resolution: Fixed
-
L3 - Default
-
7.10.0-alpha3
-
None
Description
Context:
- When using LDAP (at least in some setups), the user name is not treated as case-sensitive when making a user query, i.e. user names demo and DEMO both identify the same user
- When making an LDAP user query, the result contains the actual case-correct user id, i.e. either demo or DEMO (or deMO or whatever)
Problem description
- The actual user id is demo
- I log into Cockpit with user name DEMO
- I create user operation logs as that user => persisted user id is DEMO
- I switch to the user operation log view
- Cockpit cannot display the user operation log and creates a Javascript exception
Problem explanation:
- Cockpit raises an exception in the user operation log view, because for each operation log entry it fetches the user and (correctly) assumes that the user ids of that response and the id in the log entry match (case-sensitive)
Expected behavior:
- User operation logs should not be created with the user name that was used for log in (here DEMO), but with the actual user name provided by the user datasource (here demo)
- This id should be stored in the session and used for IdentityService#setAuthenticatedUser etc.
Side notes:
- There is a related problem with authorizations: If I create authorizations for user demo in the above scenario, then these authorizations have no effect if the user decides to log using DEMO
mgm-controller-panel
This is the controller panel for Smart Panels app
Attachments
Issue Links
- is related to
-
-
- Closed
-