cancel
Showing results for 
Search instead for 
Did you mean: 

Capitalization Issues

criedlberger
Champ on-the-rise
Champ on-the-rise

Hi Folks,Alfresco version: 5.2
Alfresco product: Content services (repo only)
REST API used: Alfresco login REST API via a ReactJS front-end.We have some users in our system who cannot login using their correct user and pass. This is happening with old and new users.
Looking at the database and Alfresco metadata, we have users in the system that are lowercase - however, the user cannot log in unless we send it an uppercase version.We have also tried logging into Share to see if that works. Same issue.For example,Database and metadata says “someuser”
Can only login as “someUser”Using the correct username will just respond with 403 bad user / password.Has anyone run into this before?
No changes or forcing of sensitivity has been set up. 

2 REPLIES 2

afaust
Legendary Innovator
Legendary Innovator

Unless the setting for case sensitive user names has been changed via alfresco-global.properties, Alfresco itself will always ignore the case of the user name, and I have not observed any issue with this on any Alfresco version so far. What may be a problem though is if authentication is integrated with LDAP or some other, external authentication system that might potentially care about the case of the user name. That would also explain why Alfresco stores the lower-cased user name in metadata (which is the default behaviour if setting for case sensitiveness in user names is on the default value of "false"), despite only seeming to accept the ones with some upper-cased letters.

Hi Axel, 

Come to think of it, we are using external auth with Shibboleth and header/cookie-based. 

There aren't any requirements that I can see in the setup which requires case sensitivity.

The thing that has me in a loop is that some usernames (without any capitals at all) will ONLY work if ANY capital letter is used. That does not seem logical at all - those usernames are being logged in using the Alfresco user/pass login API and are not going through external auth. 

I seem to be at a loss on this one.