|
||||||||
|
This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira |
||||||||
|
||||||||
|
This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira |
||||||||
mposolda@redhat.com made a comment on bug 793425
Technical note added. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
New Contents:
CAUSE: When you are creating new user/group, UI layer is trying to look if user/group with same name already exists. If it exists, it shows message in UI and it won't try to create such user/group.
OpenDS is not case-sensitive by default, but Picketlink IDM is doing case-sensitive comparison of user/group names. So when you try to search user "viLiam" and you already have "viliam", Picketlink IDM will return that user doesn't exist as it compares with respect to case-sensitivity by default. But when it tries to create user "viLiam", then it is failing because OpenDS is not case-sensitive and user "viliam" is already here.
FIX: It's possible to fix it by configure Picketlink IDM to compare user/group names in case-insensitive way. This can be done by switch option "allowNotCaseSensitiveSearch" of LDAPIdentityStore in picketlink-idm-config.xml file to true.
RESULT: So it's still case-sensitive by default. But customers have possibility to use the option and switch it to true to avoid exception. For now, it's documented here https://community.jboss.org/wiki/GateInIdentityAndSecurityFAQ in Q6/A6.