Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-238

When using XWiki + Active directory , treat sAMAccountName (name) case insensitively.



    • Bug
    • Resolution: Duplicate
    • Major
    • None
    • 0.9.840
    • None
    • Xwiki, Microsoft Active Directory, Oracle Database
    • patch


      Our environment of Acive Directory (AD) is, lets say, not perferct. It has some userids/sAMAccount names in all lower case and some in mixed case. For eg, 'JSmith' for John Smith and 'jdoe' for John Doe.

      However, users use all lowercase when they log into machines. We integrated our XWiki with AD they would try log in with all lower case user id.

      But, for some users who had their samAccountName / user id stored in mixed case on AD, XWiki LDAPPlugin seems to do the following, when the log in with all lower case user id (jsmith)

      • Fetch login info, log them in and store the user with mixed case credentials in XWiki database (JSmith).
      • Compare the current user (jsmith) with the one in DB (JSmith)
      • Fail the login

      However, I see that a new user JSmith is created in XWiki.

      After digging through the logs, I have found that when it does fields mapping, it resets the name from AD. If I omit, name=sAMAccountName, it did not work for any users.

      After fetching 'name' field from AD, I am converting to lowercase. Some implementations may not like it, so it could be made configurable . (like IGNORE_UID_CASE_FOR_AD)

      ////// createUserFromLDAP 
       private void CreateUserFromLDAP(String susername, HashMap attributes, XWikiContext context) throws XWikiException {
      		System.out.println("authenticate - CreateUserFromLDAP");
              String ldapFieldMapping = getParam("ldap_fields_mapping",context);
              if (ldapFieldMapping != null && ldapFieldMapping.length() > 0)
                  String[] fields = ldapFieldMapping.split(",");
                  BaseClass bclass = context.getWiki().getUserClass(context);
                  BaseObject bobj = new BaseObject();
                  String name = null;
                  String fullwikiname = null;
                  for(int i = 0; i < fields.length; i++ )
                      String[] field = fields[i].split("=");
                      if (2 == field.length)
                         String fieldName = field[0];
                         if (attributes.containsKey(field[1]))
                             String fieldValue;
                             fieldValue = (String)attributes.get(field[1]);
                             if (fieldName.equals("name"))
      						   // Srini - 03/09 converting all names to lowercase
      						   if(fieldValue != null)
      						   	fieldValue = fieldValue.toLowerCase() ;
                                 name = fieldValue;
                                 fullwikiname = "XWiki." + name;
                                 bobj.setStringValue(fieldName, fieldValue);
      ///// the method continues /////////////////////////////////////////////


        1. current-users.png
          4 kB
          Dennis Carroll
        2. LDAPAuthServiceImpl-r3342.diff
          2 kB
          Dennis Carroll
        3. lenpalek.png
          4 kB
          Dennis Carroll
        4. MyLdapTest.java
          10 kB
          Dennis Carroll
        5. xwikiallgroup.png
          6 kB
          Dennis Carroll

        Issue Links



              tmortagne Thomas Mortagne
              spulugur Srini Pulugurtha
              1 Vote for this issue
              1 Start watching this issue