AnsweredAssumed Answered

case sensitive ldap username

Question asked by fogo on Jan 30, 2008
Latest reply on May 8, 2008 by arund
Hi,

Users log into our customized alfresco app with their AD credentials. Some users are imported from AD using the import tool so that we have their email  address and some other info about them. It all works pretty well except for this following scenario.

A user is imported and their username is set in the format of AName with the first 2 letters being capped (directly from AD). When a user logs in as aname it all maps correctly and and aname is recognized as AName. The problem comes when this user is added or removed from a group. If they are added to a group and then log in expecting to have access granted to that group. The
 public Set<String> getContainingAuthorities(AuthorityType type, String name, boolean immediate)
method of
AuthorityDAOImpl
looks for this user in the local
userToAuthorityCache
. This cache holds the new group membership against the user in the format AName only and not in the format aname. So if the user logs in as AName they are recognized as being in that group but if they log in as aname they aren't.

I found this JIRA item but am not sure if its linked. http://issues.alfresco.com/browse/RM-31

Outcomes