Issue 485: UserPassAuthServiceImpl authenticate() too open on user names
Status:  Released
Owner: ----
Closed:  May 2011
Reported by nas...@chromium.org, Mar 3, 2010
Affected Version: 2.0.24 (probably 2.1.2-rc2 as well)

Nasser Grainawi <nasser@codeaurora.org> wrote:
> > Gerrit keeps creating new accounts for users when they accidentally  
> > include a space at the beginning or end of their user name when logging  
> > in (auth is LDAP) or when they type their user name in CAPS. Is there a  
> > way to process ${username} a bit before Gerrit creates a new account?

Ugh.  I would have expected authentication to fail, at least if
spaces were included.  *sigh*

You can't do what you need from the configuration file.  You'll
have to hack the LdapRealm class's authenticate() method to do
processing on the username.

Actually, you might need to do that processing inside of the
UserPassAuthServiceImpl authenticate() method, to ensure that
the AccountManager is given a clean username just in case the
user actually is a new account.

IIRC, that class hasn't changed since 2.0.24, so you should
be able to develop the fix and easily back/forward-port it.
Mar 8, 2010
#1 sop@google.com
Change I7c5f8241c49c308800486f887afd66298be8c318 at least
trims the whitespace around the name.  But it doesn't do
case normalization.
Status: Started
Aug 10, 2010
#2 nas...@chromium.org
(No comment was entered for this change.)
Owner: mf...@codeaurora.org
Mar 25, 2011
#3 nas...@chromium.org
 Issue 888  has been merged into this issue.
Apr 11, 2011
#4 nas...@chromium.org
I think we'll get to this later, but taking Martin off since we're not working on it currently.
Owner: ---
May 19, 2011
Project Member #5 nas...@grainawi.org
Issue 940 has been merged into this issue.
May 20, 2011
Project Member #6 nas...@grainawi.org
Looks like this was fixed in https://review.source.android.com/#change,17446
Status: Released
Labels: FixedIn-2.1.6