Convert usernames to lowercase in SAML Authentication
124 views
Skip to first unread message
Nandha Kumar Nagarajan
Sep 6, 2021, 4:51:20 AM9/6/21
to Repo and Gerrit Discussion
Hello Team,
I am working on to migrate our Gerrit instance from LDAP to SSO (SAML) authentication. Current version of our Gerrit is v2.14.20 and followed this doc for the migration - https://gerrit.googlesource.com/plugins/saml/+/refs/heads/stable-2.14
I can successfully migrate to SSO and it works fine. But noticing one issue. Which is, when we are using LDAP, we had following setting in gerrit.config file
[auth]
userNameToLowerCase = true ------->>>> This will just convert the incoming username to lowercase and check in DB for authenticating
[ldap]
userNameToLowerCase = true ------->>>> This will just convert the incoming username to lowercase and check in DB for authenticating
[ldap]
localUsernameToLowerCase=true ------>>>> This will convert username to lowercase and write/store it to DB
As per this setting, usernames will be converted to lowercase and then stored in Gerrit DB and during authentication also, same thing happens
But when we move to SSO, usernames are getting stored to Gerrit as it is (i.e) with capital letters. This is leading to creation of new accounts in Gerrit even though an account is already present with same the name but with lowercases.
I checked but unable to find an option for SAML similar to LDAP to convert usernames to lowercase
[auth]
userNameToLowerCase = true ------->>>> This will just convert the incoming username to lowercase and check in DB for authenticating
[saml]
userNameToLowerCase = true ------->>>> This will just convert the incoming username to lowercase and check in DB for authenticating
[saml]
<unknown> <<<<------- Option to convert username to lowercase like we have in ldap section
Any suggestions will be very helpful
Reply all
Reply to author
Forward
0 new messages