milux
commented
1 year ago I think that this could be solved by implementing a filter that handles :caseIgnoreMatch.
Lacking time right now, unfortunately. PRs welcome. :wink:
Closed ThreeDPara closed 1 year ago
milux
commented
1 year ago I think that this could be solved by implementing a filter that handles :caseIgnoreMatch.
Lacking time right now, unfortunately. PRs welcome. :wink:
milux
commented
1 year ago Case insensitive comparison on attributes is now the default for ctldap 3.1.0, released today.
This should fix your issue.
First of all: thanks for this wrapper! Really great to have the integration with ChurchTools and (in our case) Nextcloud :)
We have the issue that the username is case sensitive. If the ChurchTools user has the cn TestUser, he cannot login with testuser, just with TestUser.
We have the following login filter defined: (&(&(|(objectclass=CTPerson)))(|(uid=%uid)(|(mailPrimaryAddress=%uid)(mail=%uid))(|(cn=%uid))))
There seems to exist an LDAP syntax like cn:caseIgnoreMatch:%uid but the LDAP server crashes when using this kind of syntax.
The issue is also not on the ChurchTools side, as the casing of the username doesn't matter there. There is simply no LDAP search result if the casing does not match.
Is there any chance to define the LDAP attribute values in filters as case insensitive? A substring filter with * (which is case insensitive) doesn't help here, as the username must match exactly (aside from the casing).