LDAP and uppercase usernames not working?

Ivar_Nygard · September 1, 2006, 12:20pm

Hi

Running wildfire 301 authenticating users via LDAP.

I have problems with some users that have uppercase letters in their usernames.

Wildfire cannot lookup these users in LDAP and thus they are not authenticated.

Something about XMPP not supporting Uppercase in usernames ?

Any workarounds possible ?

when debugging I get

2006.09.01 13:37:04 Created hashtable with context values, attempting to create context…

2006.09.01 13:37:04 … context created successfully, returning.

2006.09.01 13:37:04 Starting LDAP search…

2006.09.01 13:37:05 … search finished

2006.09.01 13:37:05 User DN based on username ‘‘TESTUSER’’ not found.

2006.09.01 13:37:05 Exception thrown when searching for userDN based on username ‘‘TESTUSER’’

org.jivesoftware.wildfire.user.UserNotFoundException: Username TESTUSERnot found

at org.jivesoftware.wildfire.ldap.LdapManager.findUserDN(LdapManager.java:511)

at org.jivesoftware.wildfire.ldap.LdapManager.findUserDN(LdapManager.java:439)

at org.jivesoftware.wildfire.ldap.LdapAuthProvider.authenticate(LdapAuthProvider.j ava:90)

at org.jivesoftware.wildfire.auth.AuthFactory.authenticate(AuthFactory.java:127)

at org.jivesoftware.wildfire.net.SASLAuthentication.doPlainAuthentication(SASLAuth entication.java:336)

at org.jivesoftware.wildfire.net.SASLAuthentication.handle(SASLAuthentication.java :172)

at org.jivesoftware.wildfire.net.SocketReadingMode.authenticateClient(SocketReadin gMode.java:117)

at org.jivesoftware.wildfire.net.BlockingReadingMode.readStream(BlockingReadingMod e.java:136)

at org.jivesoftware.wildfire.net.BlockingReadingMode.run(BlockingReadingMode.java: 62)

at org.jivesoftware.wildfire.net.SocketReader.run(SocketReader.java:123)

at java.lang.Thread.run(Unknown Source)

2006.09.01 13:37:05 Logging off myhost.mydomain.no/6a48b438 on org.jivesoftware.wildfire.net.SocketConnection@cd2192 socket: d1a1ab[SSL_RSA_WITH_RC4_128_MD5: Socket[addr=/123.4.56.789,port=2561,localport=5223]] session: org.jivesoftware.wildfire.ClientSession@1402eeb status: 1 address: myhost.mydomain.no/6a48b438 id: 6a48b438 presence:

LG1 · September 1, 2006, 12:25pm

Hi,

JM-394 is about uppercase usernames in LDAP, this could solve your problem and should be solved within a week for Wildfire 3.1.

LG

matt · September 6, 2006, 8:23am

Hey guys,

I can’'t reproduce this error. I created an account in AD named “Sally” and was able to authenticate without problems. Any additional clues about how to duplicate the issue?

Regards,

Matt

Ivar_Nygard · September 6, 2006, 11:32am

Your’'re right.

I just found out that the problem was that this user was missing a field in the directory

that I had in my search filter, but was set to =*

Some other users with CAPS in their username was also by coincidence missing this field, so I drew the wrong conclusion. Sorry !

John_Jarpe · November 6, 2006, 1:46pm

Hi Matt,

Sorry for entering this discussion (too?) late but it seems that I have this problem too. The (not so) funny thing is that it only happens for some users, and therefore is not reproducible. However when it happens it is always for the same users!

I use AD to authenticate users integration and some users have capital letters in their sAMAccountName (for example: Romeo.Montague). I first discovered that two users seemed to be missing from my roster, while having online sessions in the Wildfire Admin Console. I was using Wildfire 3.1.0beta3 then. I then upgraded to Wildfire 3.1.0 and these two users appeared on my roster. I thought the problem was solved but later I discovered that another user with uppercase letters in the username got the same problem. It doesn’'t help to restart the server or empty caches or nothing, this same user does not see other users, and does not appear on any roster. The online session is visible in Wildfire Admin Console though. Note that there are other users with uppercase letters in threir usernames that do not have this problem.

I will update the server to 3.1.1 and see what happens then.

I saw that the issue JM-394 had been closed as “Cannot reproduce” which is a pity since it seems to be exactly what happened to me. If I stumble upon some pattern in how to reproduce this I will let you know.

Regards,

/John

John_Jarpe · November 7, 2006, 8:59am

Hello again,

To make sure that uppercase usernames in LDAP really is the problem I changed sAMAccountName for the user that did not appear on other users (shared) roster to lowercase letters. I restarted Wildfire and when that user logged on he appeared on other users (shared) rosters again, and he also saw others on his roster!

I think this is proof that JM-394 really IS a bug, but I have unfortunately no way to reproduce except for giving a lot of users uppercase letters in their LDAP usernames and hope for the “best”.

Regards,

/John

John_Jarpe · November 7, 2006, 11:11am

I found this in my error.log and it might or might not have something to do with this error:

2006.11.07 04:52:30 org.jivesoftware.wildfire.ldap.LdapGroupProvider.populateGroups(LdapGroupProvide r.java:679)

java.lang.NullPointerException

This error message appears in the my error.log a couple of times each day. I’'m still using Wildfire version 3.1.0.

More regards,

/John