Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

User EIDs containing upper case characters inserted into Course Management tables causes authZ issues

Description

See the testing section for a description of the issue

If you query the sakai_realm_rl_gr, you can see the user popping in and out of the site, likely once every time refreshAuthzGroup is invoked.

Note that user EIDs in sakai_user_id_map are always inserted in lower case.

My best guess to the cause is that

  1. RefreshAuthzGroup adds the users from the providers.

  2. The next RefreshAuthzGroup invocation checks the providers to see if the student is still there

    1. It looks them up in lower case (using the value from sakai_user_id_map)

    2. It doesn't match the cm_ tables which maintain the same case

    3. The user is therefore removed from the realm

  3. RefreshAuthzGroup adds the users from the providers again, and the process repeats

 

Proposed solution: convert any user EIDs to lower case before they are inserted into the Course Management tables

 

Activity

Show:

Brian Baillargeon January 18, 2019 at 2:36 PM

Issued a PR for conversion scripts against sakai-reference: https://github.com/sakaiproject/sakai-reference/pull/47

Brian Baillargeon January 18, 2019 at 1:25 PM

Issued a PR. I would like to create a couple data conversion scripts to convert the cm_ tables' user_id columns to lower case; I'm not sure where to put them though; if anyone has any suggestions, please advise! The scripts will be very simple, mysql and oracle have the same format:

update (membership table) set user_id = lower(user_id);

The affected tables will be cm_membership_t, and cm_enrollment_t. The instructor_id column in cm_official_instructors_t may need the treatment as well

Fixed

Details

Priority

Affects versions

Fix versions

Components

Assignee

Reporter

Created January 18, 2019 at 11:04 AM
Updated March 8, 2019 at 10:05 AM
Resolved March 8, 2019 at 10:05 AM