Details
-
Bug
-
Resolution: Fixed
-
Medium
-
2.6
-
None
-
Standalone on Windows server with MSSQL database as storage for internal directory
Description
I tried the latest version of Crowd (2.6) because of CWD-2999 that is very similar to a bug that is affecting our application. But unfortunately it is not the same...
See the following HTTP session:
Request to /user:
GET /crowd/rest/usermanagement/1/user?username=CZE_LSobova&expand=attributes
Response:
<user name=\"CZE_LSobova\" expand=\"attributes\">
...
Create a token (without password validation), and check what is the real username:
Request to /session:
GET /crowd/rest/usermanagement/1/session/v1zpj5hseawU9PiG0qxbYw00?expand=user
Response:
<session expand=\"user\">
<token>
v1zpj5hseawU9PiG0qxbYw00
</token>
<user name=\"CZE_Lsobova\">
...
As you can see, these are not the same casing. And creating a dummy token just to know the real username is a performance hit that I would like to avoid as much as possible.
Attachments
Issue Links
- mentioned in
-
Wiki Page Loading...