IBM Support

PK85104: Unable to login under LDAP with username of opposite case

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Unable to login under LDAP with username of opposite case

Under Build Forge 7.1 environment with Oracle database backend,
LDAP users can only login under case of initial login to UI.

Expected behavior is that LDAP username can login with any varia
tion of case.

Steps to reproduce:

1. Connect to 7.1 console with LDAP configuration.
2. Log into console as LDAP user.

ie: E007

3. Logout as user.
4. Login again as user with different case

ie: e007

5. Error is received on UI.


Build Forge Error
Access is denied to the BuildForge console.

'Error authenticating: com.buildforge.services.common.api.APIExc
eption - API: Authentication Error.'

Please click here to try the same type of login again, or click
here to force a form login (user ID/password).


User can still log into console under username case used initial
, ie E007.
Catalina logs indicate that the console is attempting to create
a new user, which fails are the user's name is already is use.


Catalina log:

Apr 20, 2009 10:59:46 AM com.buildforge.services.server.sso.SSOM
anager authenticate
INFO: Authenticating user 'Domain/e007' for UI access.
Apr 20, 2009 10:59:46 AM com.buildforge.services.server.api.Auth
Context loginLdap
INFO: Creating new LDAP user: e007
Apr 20, 2009 10:59:46 AM com.buildforge.services.server.api.Auth
Context loginLdap
WARNING: Login failed - exception creating LDAP user
com.buildforge.services.common.api.APIException: Failed to creat
e or update the User because the Name 'Bond, Jim' is already in
use.

User can be removed from console, ( E007 ), and re-login under d
ifferent case ( e007 ).
This will create new user entry, which will cause issue to displ
ay on opposite case, ie E007.

Local fix

  • 



Problem summary


    

  • If you logged into BF for the first time with your ldap id
as USER@DOMAIN, then attempted to login as user@domain, the
login would fail as the ldap user check was case sensitive.

    



Problem conclusion


    

  • Changed the authentication code to check the ldap id in a
case insensitive manner.

    



Temporary fix


    

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    PK85104
    • 

  • Reported component name
    BUILD FORGE EE
    • 

  • Reported component ID
    5724Q6101
    • 

  • Reported release
    700
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt
    • 

  • Submitted date
    2009-04-21
    • 

  • Closed date
    2009-08-25
    • 

  • Last modified date
    2009-08-25
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    BUILD FORGE EE
    • 

  • Fixed component ID
    5724Q6101
    • 



Applicable component levels


    

  • R700  PSN
       UP
    • 








      
              
                            

              

              [{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSB2MV","label":"Rational Build Forge"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.0","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
              

                                                                    

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            25 August 2009
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback