Details
-
Bug
-
Resolution: Unresolved
-
Low
-
None
-
6.0.4, 6.2.4, 7.12.0
-
6
-
10
-
Severity 3 - Minor
-
0
-
Description
Steps to reproduce:
- configure JIRA connected to Crowd and connect it to LDAP
- create username in LDAP with trailing space . Eg: "johndoe " (please note the white space)
- synchronize Crowd with LDAP
- synchronize JIRA with Crowd
- (not a bug) user will be able to login with the trailing space.
in the database, run the queries below:SELECT concat('-',lower_user_name,'-'),hex(concat('-',lower_user_name,'-')) FROM cwd_user where lower_user_name like '%johndoe%'; +---------------------------------+--------------------------------------+ | concat('-',lower_user_name,'-') | hex(concat('-',lower_user_name,'-')) | +---------------------------------+--------------------------------------+ | -johndoe - | 2D7468796D65202D | +---------------------------------+--------------------------------------+ 1 row in set (0.00 sec) mysql> SELECT concat('-',lower_user_name,'-'),hex(concat('-',lower_user_name,'-')) , concat('-',user_key,'-'), hex(concat('-',user_key,'-')) FROM app_user where lower_user_name like '%johndoe%'; +---------------------------------+--------------------------------------+--------------------------+-------------------------------+ | concat('-',lower_user_name,'-') | hex(concat('-',lower_user_name,'-')) | concat('-',user_key,'-') | hex(concat('-',user_key,'-')) | +---------------------------------+--------------------------------------+--------------------------+-------------------------------+ | -johndoe - | 2D7468796D65202D | -johndoe - | 2D7468796D65202D | +---------------------------------+--------------------------------------+--------------------------+-------------------------------+ 1 row in set (0.00 sec)
- rename the user in LDAP, remove the trailing space. i.e : username become "johndoe" (minus the whitespace at the end)
- synchronize Crowd with LDAP
- synchronize JIRA with Crowd
- (BUG) in JIRA UI, navigate to _Administrations > Users > select on the username > JIRA throws error:
Cause Referer URL: https://jira.example.com/jira/secure/admin/user/UserBrowser.jspa java.lang.IllegalStateException: User 'johndoe' exists but has no unique key mapping. Hide stack trace java.lang.IllegalStateException: User 'johndoe' exists but has no unique key mapping. at com.atlassian.jira.user.util.DefaultUserManager.getUserByName(DefaultUserManager.java:262) at com.atlassian.jira.web.action.admin.user.ViewUser.getApplicationUser(ViewUser.java:82) at com.atlassian.jira.web.action.admin.user.ViewUser.getUser(ViewUser.java:75)
in the database, run the SQL queries below:
SELECT concat('-',lower_user_name,'-'),hex(concat('-',lower_user_name,'-')) FROM cwd_user where lower_user_name like '%johndoe%'; +---------------------------------+--------------------------------------+ | concat('-',lower_user_name,'-') | hex(concat('-',lower_user_name,'-')) | +---------------------------------+--------------------------------------+ | -johndoe- | 2D7468796D65202D | +---------------------------------+--------------------------------------+ 1 row in set (0.00 sec) mysql> SELECT concat('-',lower_user_name,'-'),hex(concat('-',lower_user_name,'-')) , concat('-',user_key,'-'), hex(concat('-',user_key,'-')) FROM app_user where lower_user_name like '%thyme%'; +---------------------------------+--------------------------------------+--------------------------+-------------------------------+ | concat('-',lower_user_name,'-') | hex(concat('-',lower_user_name,'-')) | concat('-',user_key,'-') | hex(concat('-',user_key,'-')) | +---------------------------------+--------------------------------------+--------------------------+-------------------------------+ | -johndoe - | 2D7468796D65202D | -johndoe - | 2D7468796D65202D | +---------------------------------+--------------------------------------+--------------------------+-------------------------------+ 1 row in set (0.00 sec)
we can see here that the app_user table is not updated even though the cwd_user table was updated after the synchronization. This mismatch cause the error to be thrown.
Workaround
- the workaround at JIRA Login Fails With the Message - User exists but has no unique key mapping can be used.
Attachments
Issue Links
- is related to
-
JRASERVER-69492 Strip trailing whitespaces from the Single sign-on issuer field
- Gathering Interest