Skip to content
Snippets Groups Projects

WIP: Use case-insensitive lookup for Kerberos Spnego identity.

Open Drew Blessing requested to merge dblessing/gitlab-ee:spnego_case_insensitive into master

What does this MR do?

Clients can send the Kerberos username/principal in any case - the Kerberos server itself does not care. However, GitLab stores the Kerberos username/principal as extern_uid in a case-sensitive format. This change uses an iwhere statement rather than find_by so it doesn't matter how the client send the username/principal.

Are there points in the code the reviewer needs to double check?

Should we have specs for this? Where? There isn't a clear place to put specs for this helper class.

Why was this MR needed?

It was causing inability to authenticate for a customer in https://gitlab.zendesk.com/agent/tickets/82669

Screenshots (if relevant)

Does this MR meet the acceptance criteria?

Edited by Drew Blessing

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
Please register or sign in to reply
Loading