[go: up one dir, main page]
Page MenuHomePhabricator
Create Task
Maniphest T279974

Investigate making cas capable of handling case insensitive usernames
Closed, DuplicatePublic
Actions

Description

I was recently referred to a link on people.wikimedia.org which required logging in using SSO. As described in T279832#6992542, I was originally given access using the username "huji" but when I logged in successfully as "Huji" I got a permission denied error. @Urbanecm had to add me also as "Huji" with upper case H so that I could log in. Presumably, I could have accessed that resource if I had entered my username as "huji" when I logged in.

The point is, if the login box allows me to enter either of those and log in successfully, any underlying permission check should also gracefully handle it. In this case, it did not.

This may be related to T256656 and T275920

Related Objects

Event Timeline

Huji created this task.Apr 13 2021, 12:15 AM
Urbanecm added a comment.Apr 13 2021, 9:59 AM

Noting my .htaccess config for the resource I intended to share:

AuthType CAS
Require cas-attribute memberOf:cn=nda,ou=groups,dc=wikimedia,dc=org
Require cas-attribute memberOf:cn=wmf,ou=groups,dc=wikimedia,dc=org
Require user urbanecmtest
Require user huji
Require user Huji
Pppery updated the task description. (Show Details)May 24 2021, 1:37 AM
Aklapper added a project: Infrastructure-Foundations.Jun 21 2021, 8:59 PM
RhinosF1 subscribed.Apr 11 2022, 4:56 PM
TheresNoTime removed a subscriber: RhinosF1.Dec 15 2022, 11:36 PM
jbond closed this task as a duplicate of T256656: Investigate making cas usernames case sensitive.Jun 26 2023, 2:35 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits