[ https://issues.apache.org/jira/browse/KYLIN-5600?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
huangsheng updated KYLIN-5600: ------------------------------ Attachment: image-2023-07-03-14-33-56-559.png > LDAP DN is not case sensitive, resulting in user login failure > -------------------------------------------------------------- > > Key: KYLIN-5600 > URL: https://issues.apache.org/jira/browse/KYLIN-5600 > Project: Kylin > Issue Type: Bug > Components: REST Service, Security > Affects Versions: 5.0-alpha > Reporter: huangsheng > Priority: Major > Fix For: 5.0-alpha > > Attachments: image-1.png, image-2023-07-03-14-33-19-505.png, > image-2023-07-03-14-33-56-559.png, image.png > > > In some user scenarios, uppercase and lowercase logins to LDAP fail. > Root Cause: > When all users are obtained from ldapUserService in the code, the attribute > names in the recorded dn contain uppercase letters, but the DN attribute > names passed in by customers when they log in to ldap are lowercase, > resulting in inconsistent capitalization and login failure. Customers here CN > =xxx,DU=xxx,DC=xxx, but ldap here is cn=xxx,du=xxx,dc=xxx > A point where later maintenance can be optimized: > When troubleshooting LDAP problems, there are often strange problems that the > user names cannot be matched. It is very laborious to troubleshoot. You need > to add this information to the log instead of printing it all the time. You > can consider printing it after polling for a number of times, and printing it > when it is loaded for the first time. and so on > -- This message was sent by Atlassian Jira (v8.20.10#820010)