Bug 52965 – self service password reset does not work if different cases in username

Bug 52965 - self service password reset does not work if different cases in username


Summary:	self service password reset does not work if different cases in username

Status:	NEW

Product:	UCS
Classification:	Unclassified
Component:	Self Service
Version:	UCS 4.4
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	---
Assigned To:	UMC maintainers
QA Contact:	UMC maintainers

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2021-03-19 21:42 CET by Florian Best
Modified:	2021-06-08 13:43 CEST (History)
CC List:	1 user (show)

See Also:
What kind of report is it?:	Bug Report
What type of bug is this?:	3: Simply Wrong: The implementation doesn't match the docu
Who will be affected by this bug?:	2: Will only affect a few installed domains
How will those affected feel about the bug?:	2: A Pain – users won’t like this once they notice it
User Pain:	0.069
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Florian Best

2021-03-19 21:42:09 CET

The password reset link/token does not work if one queries a password for a username having different casing than the username in ldap (e.g. "Foo" instead of "foo").

A email is sent properly but the token is not accepted.