search

ma1uta / ma1sd

Federated Matrix Identity Server (formerly fork of kamax/mxisd)
GNU Affero General Public License v3.0
167 stars 56 forks source link

ldap: sanitation for attributes #63

Closed mk-hs closed 3 years ago

mk-hs commented 4 years ago

When SSO is configured for matrix, usernames are properly converted to lowercase upon login. uid: usER --> @user:domain.com This is necessary since matrix only allows lowercase in usernames.

When trying to map an ldap directory to user with ma1sd, no such sanitation happens. If the uid for a specific users includes uppercase letters, the resulting matrix id is unusable. uids: usER --> @usER@domain.com Matrix treats @usER:domain.com and @user:domain.com as different users.

I was unable to find any documentation on it, is it possible to sanitize ldap attributes like this?

q-wertz commented 4 years ago

having the same problem... would be a very important feature, as one can not always control the LDAP content

q-wertz commented 4 years ago

I tried to find the relevant code and tried to write a solution. As I am not very experienced with java and especially the ma1sd code I don't really know if this if correct. Should I just open a pull request and then you tell me how to do better?