Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-9771

LDAP group search is not case sensitive, but ACL determination is case sensitive

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Major
    • Resolution: Duplicate
    • Component/s: ldap-plugin
    • Labels:
      None
    • Environment:
      OS: Solaris 10 10/09 s10s_u8wos_08a SPARC
      JRE 1.6.0_18-b07
      Tomcat 5.5.28
    • Similar Issues:

      Description

      Let's assume that we have a LDAP group named Project_Builders, and Jenkins ACLs are configured for Project_builders.
      Once saved, the configuration shows that the group has been found (group icon).
      But people from the group cannot connect.Once the name is entered with the exact character's case, people can connect.

      As far as the LDAP based ACL control is case sensitive, the LDAP search should also be case sensitive. So, in such a situation, the icon should have been the error icon.

        Attachments

          Issue Links

            Activity

            Hide
            jlpinardon jlpinardon added a comment -

            Moreover, the behaviour is quite different with users.
            Search in LDAP is still case insentive, but ACL setting is also case insensitive. So a "SOMEONE" user declared with admin rights in Jenkins will be accepted in the configuration and this time will also be able to connect with admin rights !

            This is much more critical, because it could offer unwished possibilties to unwished people.

            Show
            jlpinardon jlpinardon added a comment - Moreover, the behaviour is quite different with users. Search in LDAP is still case insentive, but ACL setting is also case insensitive. So a "SOMEONE" user declared with admin rights in Jenkins will be accepted in the configuration and this time will also be able to connect with admin rights ! This is much more critical, because it could offer unwished possibilties to unwished people.

              People

              • Assignee:
                Unassigned
                Reporter:
                jlpinardon jlpinardon
              • Votes:
                1 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: