[
https://issues.apache.org/jira/browse/KYLIN-5600?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
huangsheng updated KYLIN-5600:
------------------------------
Attachment: image-2023-07-03-14-33-56-559.png
> LDAP DN is not case sensitive, resulting in user login failure
> --------------------------------------------------------------
>
> Key: KYLIN-5600
> URL: https://issues.apache.org/jira/browse/KYLIN-5600
> Project: Kylin
> Issue Type: Bug
> Components: REST Service, Security
> Affects Versions: 5.0-alpha
> Reporter: huangsheng
> Priority: Major
> Fix For: 5.0-alpha
>
> Attachments: image-1.png, image-2023-07-03-14-33-19-505.png,
> image-2023-07-03-14-33-56-559.png, image.png
>
>
> In some user scenarios, uppercase and lowercase logins to LDAP fail.
> Root Cause:
> When all users are obtained from ldapUserService in the code, the attribute
> names in the recorded dn contain uppercase letters, but the DN attribute
> names passed in by customers when they log in to ldap are lowercase,
> resulting in inconsistent capitalization and login failure. Customers here CN
> =xxx,DU=xxx,DC=xxx, but ldap here is cn=xxx,du=xxx,dc=xxx
> A point where later maintenance can be optimized:
> When troubleshooting LDAP problems, there are often strange problems that the
> user names cannot be matched. It is very laborious to troubleshoot. You need
> to add this information to the log instead of printing it all the time. You
> can consider printing it after polling for a number of times, and printing it
> when it is loaded for the first time. and so on
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
