Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-945

User names in Elytron FileSystemRealm are not case sensitive on Windows

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Blocker Blocker
    • 1.1.0.Beta43
    • None
    • None
    • None
    • Hide

      See BasicAuthnTestCase in https://github.com/wildfly/wildfly/pull/9619.

      Add user1 to a filesystem realm (lowercase 'u'):

      /subsystem=elytron/filesystem-realm=ApplicationFsRealm/identity=user1:add()
      /subsystem=elytron/filesystem-realm=ApplicationFsRealm/identity=user1:set-password(clear={password="password1"})
      /subsystem=elytron/filesystem-realm=ApplicationFsRealm/identity=user1:add-attribute(name=groups, value=["Users","Role1"])
      

      Try to log into application (mapped to the filesystem realm) as User1 (uppercase 'U') - it fails on Linux, but it passes on Windows.

      Show
      See BasicAuthnTestCase in https://github.com/wildfly/wildfly/pull/9619 . Add user1 to a filesystem realm (lowercase 'u'): /subsystem=elytron/filesystem-realm=ApplicationFsRealm/identity=user1:add() /subsystem=elytron/filesystem-realm=ApplicationFsRealm/identity=user1:set-password(clear={password= "password1" }) /subsystem=elytron/filesystem-realm=ApplicationFsRealm/identity=user1:add-attribute(name=groups, value=[ "Users" , "Role1" ]) Try to log into application (mapped to the filesystem realm) as User1 (uppercase 'U') - it fails on Linux, but it passes on Windows.

      User names are case sensitive on Linux but not on Windows when using the Elytron FileSystemSecurityRealm

      This is IMO a security issue. And it also affects platform certifications.

      If this is by any chance an expected behavior, then it has to be emphasized in documentation and in the domain model too (description of file-system-realm)

              jkalina@redhat.com Jan Kalina (Inactive)
              josef.cacek@gmail.com Josef Cacek (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: