| Issue 485: | UserPassAuthServiceImpl authenticate() too open on user names | |
| 4 people starred this issue and may be notified of changes. | Back to list |
Affected Version: 2.0.24 (probably 2.1.2-rc2 as well)
Nasser Grainawi <nasser@codeaurora.org> wrote:
> > Gerrit keeps creating new accounts for users when they accidentally
> > include a space at the beginning or end of their user name when logging
> > in (auth is LDAP) or when they type their user name in CAPS. Is there a
> > way to process ${username} a bit before Gerrit creates a new account?
Ugh. I would have expected authentication to fail, at least if
spaces were included. *sigh*
You can't do what you need from the configuration file. You'll
have to hack the LdapRealm class's authenticate() method to do
processing on the username.
Actually, you might need to do that processing inside of the
UserPassAuthServiceImpl authenticate() method, to ensure that
the AccountManager is given a clean username just in case the
user actually is a new account.
IIRC, that class hasn't changed since 2.0.24, so you should
be able to develop the fix and easily back/forward-port it.
Mar 8, 2010
#1
sop@google.com
Status:
Started
Aug 10, 2010
(No comment was entered for this change.)
Owner:
mf...@codeaurora.org
Mar 25, 2011
Issue 888 has been merged into this issue.
Apr 11, 2011
I think we'll get to this later, but taking Martin off since we're not working on it currently.
Owner:
---
May 19, 2011
Issue 940 has been merged into this issue.
May 20, 2011
Looks like this was fixed in https://review.source.android.com/#change,17446
Status:
Released
Labels: FixedIn-2.1.6 |
|
| ► Sign in to add a comment |