Project

General

Profile

Actions

Feature #2047

open

Make SSO filter case-insensitive

Added by Tomáš Doischer almost 5 years ago. Updated almost 5 years ago.

Status:
New
Priority:
Normal
Assignee:
Radek Tomiška
Category:
Authentication / Authorization
Target version:
-
Start date:
02/10/2020
Due date:
% Done:

0%

Estimated time:
Owner:

Description

When using SSO to login to IdM, IdM basically compares login to the value it gets from Kerberos. Since AD is case-insensitive and IdM is case-sensitive, issues can arise because users can use any combination of lower and upper case in AD. IdM will then not find the user since the SSO filter is case-sensitive.

There is also the issue that right now you can have all of these accounts in IdM at the same time: "JNovak", "jnovak", "jNovak", "jnoVak" - this is also probably not ideal and would have to change if we were to make SSO filter case-insensitive.

Actions

Also available in: Atom PDF