Authentication is OK and new account are created when using a wildcard caracter “*” and/or “?” in login
|Assignee:||Jaime Melis||% Done:|
|Target version:||Release 5.0|
|Affected Versions:||OpenNebula 4.14|
A user made a typo when login on Sunstone and add a
* to her login:
- the authentication was successful, which shouldn't
- a new account named
I made some test and the
* characters can be used anywhere in the login, but the
? character works only at the end of the login
#5 Updated by Rolandas Naujikas over 3 years ago
There also we have problem with space (blank) characters before or after username.
We found some users in our opennebula db as %20user or user%20.
After investigation we found this bug report and incomplete fix.
I'm not sure, but FILTER_ESCAPES could contain this to fix space/blank character:
'\ ' => '20',
I'm not sure if it is correct fix, but at least in our LDAP there are no users with space/blank characters in username (as uid).
There could be problems with LDAP authentification if for e.g. cn is used, which usually have spaces inside (for e.g. Last name + First name).