This question about Authentication or Authorisation: Answered

mangled WikiName from LDAP


I am using Foswiki 1.0.9 on Debian Lenny x86_64 as installed from stable main contrib

I also have foswiki-ldapcontrib version 091118-207 installed, again from the Debian stable repository.

My goal is to have a user authenticate to Apache and have REMOTE_USER set and for that value in REMOTE_USER to be used to look up the WikiName in LDAP for the user. At this time REMOTE_USER is equal to the WikiName that I want used, but that may not always be true.

I am using

  • $Foswiki::cfg{LoginManager} = 'Foswiki::LoginManager::LdapApacheLogin';
I have verified that Apache is setting REMOTE_USER to ScottKoranda when I authenticate and gain access to my Foswiki installation.

I also have set the following:

  • $Foswiki::cfg{Ldap}{LoginAttribute} = 'x-LIGO-TWikiName';
  • $Foswiki::cfg{Ldap}{WikiNameAttribute} = 'x-LIGO-TWikiName';
  • $Foswiki::cfg{Ldap}{NormalizeWikiNames} = 0;
  • $Foswiki::cfg{Ldap}{NormalizeLoginNames} = 0;
In LDAP I have this for my record:

dn: employeeNumber=882,ou=people,dc=ligo,dc=org
 givenName: Scott
 sn: Koranda
 x-LIGO-TWikiName: ScottKoranda

So I expect Foswiki to show "Hello ScottKoranda" when I access the wiki. But instead I see "Hello Scottkoranda".

Why is ScottKoranda being mangled to Scottkoranda and how can I stop it?


The code in in a number of places calls lc to send the login name to lowercase, i.e.

$login = lc($login);

There is also a place in the subroutine normalizeWikiName where this code is called:

my $wikiName = '';
  foreach my $part (split(/[^$Foswiki::regex{mixedAlphaNum}]/, $name)) {
    $wikiName .= ucfirst(lc($part));

  return $wikiName;

I do not understand why this is done. I don't believe it to be any type of LDAP best practice.

I commented out the calls to lc and in normalizeWikiName I just set

$wikiName = $name;

and it works the way I need it to work now.

-- ScottKoranda

You above patch seems to makes normalizing wikinames a null operation, doesn't it. The same effect could be achieved by disabling $Foswiki::cfg{Ldap}{NormalizeWikiNames}

-- MichaelDaum - 06 Sep 2010

I did already have $Foswiki::cfg{Ldap}{NormalizeWikiNames}=0.

There are places in where the lowercase is applied even though normalization is switched off. For example in the subroutine cacheUserFromEntry there is this code:

  require Unicode::MapUTF8;
  $loginName = lc($loginName);
  $loginName = Unicode::MapUTF8::from_utf8(-string=>$loginName, -charset=>$Foswiki::cfg{Site}{CharSet})
    unless $Foswiki::cfg{Site}{CharSet} =~ /^utf-?8$/i;

  if ($this->{normalizeLoginName}) {
    $loginName = $this->normalizeLoginName($loginName);

So even though normalizeLoginName is false the lc is called once.

So I found that I did have to edit the code directly to remove the calls to lc.


-- ScottKoranda - 06 Sep 2010

QuestionForm edit

Subject Authentication or Authorisation
Extension LdapContrib
Version Foswiki 1.0.9
Status Answered
Topic revision: r4 - 06 Sep 2010, ScottKoranda
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy