← Back to team overview

mahara-contributors team mailing list archive

  1. mahara-contributors team
  2. Mailing list archive
  3. Message #28542

[Bug 1486699] [NEW] Username character limit preventing login via SAML

  Thread PreviousDate PreviousThread Next 
Public bug reported:

Mahara version15.04.1

This report is in relation to my earlier forum post
https://mahara.org/interaction/forum/topic.php?id=7310 but I have
tracked down the problem.

Issue:

User is logging in via SAML and the user is being auto-created on first login.
Remote  username is a unique id  (example: 51c717bc-425c-4b31-9674-d38ba03b4f1f)
When the user tries subsequent logins they are rejected with a error message that the user already exists and cannot be created.

Reason:

When the user is auto-created only the first 30 characters of the unique id are stored in the username field so the user is not recognised as being on the system when cheaked agains the full username from the login.
The system then tries to auto-create the user, which fails because the full unique id is stored in the 'auth_remote_user' table.

Solution:

Changing  $maxlen  from 30 to 40 in function get_new_username() of
user.php populates the user name with the full unique id.

Maybe this could be a configurable option?

** Affects: mahara
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1486699

Title:
  Username character limit preventing login via SAML

Status in Mahara:
  New

Bug description:
  Mahara version15.04.1

  This report is in relation to my earlier forum post
  https://mahara.org/interaction/forum/topic.php?id=7310 but I have
  tracked down the problem.

  Issue:

  User is logging in via SAML and the user is being auto-created on first login.
  Remote  username is a unique id  (example: 51c717bc-425c-4b31-9674-d38ba03b4f1f)
  When the user tries subsequent logins they are rejected with a error message that the user already exists and cannot be created.

  Reason:

  When the user is auto-created only the first 30 characters of the unique id are stored in the username field so the user is not recognised as being on the system when cheaked agains the full username from the login.
  The system then tries to auto-create the user, which fails because the full unique id is stored in the 'auth_remote_user' table.

  Solution:

  Changing  $maxlen  from 30 to 40 in function get_new_username() of
  user.php populates the user name with the full unique id.

  Maybe this could be a configurable option?

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1486699/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next