Hi,
I have ProjeQtor connected to an Active Directory for user provisionning and authentication. When a user connects, it happens that sometimes he enters his username in lowercase/uppercase ending with two different users in the postgresql projeQtor database.
How can i prevent this, forcing all usernames to be upper/lowercase ?
TIA
Try this patch :
In /tool/loginCheck.php, replace line 80 from
$user=new User();
to
$user=new User();
$paramLdap_allow_login=Parameter::getGlobalParameter('paramLdap_allow_login'); // If ldap is enabled, look for username without case sensitive, as it will be stored this way.
if (isset($paramLdap_allow_login) and strtolower($paramLdap_allow_login)=='true') {
$crit=array('name'=>strtolower($login));
$users=$user->getSqlElementsFromCriteria($crit,true);
if ( count($users)==1 ) {
$user=$users[0];
}
}
Hello and thank you for submitting a patch promptly,
I have tried with my username which is uppercase. I removed the second user (myself in lowercase), applied the patch and logged in both with upper and lowercase username. I still have a new user created with the username lowercase. I think the patch will work for new users (not yet created before the patch or whom usernames are already lowercase). For those already in the users table, maybe we should add a check to see if the user already exists and then retain the case of the user present in database, like this:
compare strtolower(username provided) to strtolower(all users in database); if there is a match, retain the username_already_existing_in_the_database as the login_provided, for subsequent ldap queries, changing its case.
As ProjeQtor aims to be multilangual, I don't know how strtolower will behave when username is in some languages like cyrilic, chinease, hebrew or arabic in which there is no uppercase .
Yes, this quick patch controls that name in lowercase does not exist as it it will create new user with lowaercase.
So existing dupplicates with uppercase will not be detected.
Here is the patch that will fit your need :
$user=new User();
$paramLdap_allow_login=Parameter::getGlobalParameter('paramLdap_allow_login'); // If ldap is enabled, look for username without case sensitive, as it will be stored this way.
if (isset($paramLdap_allow_login) and strtolower($paramLdap_allow_login)=='true') {
$critWhere="lower(name)='".strtolower($login)."'");
$users=$user->getSqlElementsFromCriteria(null,true,$critWhere);
if ( count($users)==1 ) {
$user=$users[0];
}
}
En poursuivant votre navigation, vous acceptez le dépôt de cookies tiers destinés au bon fonctionnement et à la sécurisation du site (gestion de session, reCaptcha) et à une analyse statistique anonymisée des accès sur notre site (Google Analytics). Si vous vous inscrivez, les informations que vous fournirez ne seront jamais divulguées à un tiers sous quelque forme que ce soit. En savoir plus
Cookies settings
×
Functional Cookies
Ce site utilise des cookies pour assurer son bon fonctionnement et ne peuvent pas être désactivés de nos systèmes. Nous ne les utilisons pas à des fins publicitaires. Si ces cookies sont bloqués, certaines parties du site ne pourront pas fonctionner.
Session
Please login to see yours activities!
Other cookies
Ce site web utilise un certain nombre de cookies pour gérer, par exemple, les sessions utilisateurs.