FOG Login with spaces in username



  • I activated the LDAP Plugin and connected it to an Microsoft AD but i can only login when there are no spaces in the usernames. I found out that the LDAP Plugin does its work perfectly but FOG itself can’t process the login after validation. I tried to create an user locally and it says ‘Invalid Input’ when there is a space.

    Thanks for the help in advance.



  • I’m sorry I haven’t answered for so long, but I’ve been busy a lot and haven’t been able to address this issue until now.

    First i only got the login of the FOG local users to work with the solution provided by @Tom-Elliott.
    I could login with usernames the contain spaces with the following changes:

    user.class.php:
    Line 214:
    Change the relevant regex from:

    (?=^.{3,40}$)^[\w][\w0-9]*[._-]?[\w0-9]*[._-]?[\w0-9]+$
    

    to:

    (?=^.{3,40}$)^[\w][\w0-9]*[ ._-]?[\w0-9]*[ ._-]?[\w0-9]+$
    

    fog.user.js
    Comment out:

    //regex: /^[\w][\w0-9]*[._-]?[\w0-9]*[.]?[\w0-9]+$/
    

    When i tried to login with a domain user that contains spaces (users without spaces worked already) i got the same problem, no error but no login.

    Then i figured out that the LDAP plugin uses the same check and regex so i had to edit this too:

    ldap.class.php
    Comment out:

            /**
             * Test the username for funky characters and return
             * immediately if found.
             */
    //        $test = preg_match(
    //            '/(?=^.{3,40}$)^[\w][\w0-9]*[._-]?[\w0-9]*[.]?[\w0-9]+$/i',
    //            $user
    //        );
    //        if (!$test) {
    //            return false;
    //        }
    

    Now it works like a charm. 😃

    Thanks to all people that were involved in this.

    This can be marked as solved.



  • @Tom-Elliott Thank you for providing a solution for this. I will test it tomorrow. I think if i found the right file before, i could have fixed it myself :). Thanks to all for the great support. I will reply tomorrow containing the results.


  • Senior Developer

    @Quazz The usernames, themselves, cannot have spaces. But from the overview of this, he’s using a field of the AD/LDAP that doesn’t care about spaces. For example, displayName over sAMAccountName


  • Moderator

    @Tom-Elliott I agree that it’s not a bug (everything is working as designed).

    I don’t have a lot of experience with AD; I was unsure what is and isn’t allowed. It seems that spaces in AD names are bad practice and cause more problems than they’re worth. (though it doesn’t seem impossible, just breaks half your stuff)


  • Senior Developer

    @Tom-Elliott When reading the topic at first I though this ought to be a bug. But learning more about it I don’t see it as a bug anymore. Moved it back to problems. I think you instructions will help the OP to make this work for his situation. Thanks!


  • Senior Developer

    @Quazz @Sebastian-Roth @Wayne-Workman @kek

    This isn’t a normal situation in my eyes. That’s not to say you can’t get spaces in your usernames.

    Change the relevant regex from: (?=^.{3,40}$)^[\w][\w0-9]*[._-]?[\w0-9]*[._-]?[\w0-9]+$ to:
    (?=^.{3,40}$)^[\w][\w0-9]*[ ._-]?[\w0-9]*[ ._-]?[\w0-9]+$

    And you should be able to create and use usernames with spaces. But again, this isn’t very common, especially when paired with AD logins. The userPrincipalName will still be without spaces.

    Probably a better method would be:
    (?=^.{3,40}$)^(?!.*[_\s-\.]{2,})[a-zA-Z0-9][a-zA-Z0-9_\s\-\.]*[a-zA-Z0-9]$ as it allows multiple spaces

    If you need the username to be longer or shorter than 40, 3 respectively just remove the first part of the line, or make the relevant numerical changes.

    the (?=^.{3,40}$) means Must be at least 3 characters and cannot exceed 40 characters (this includes spaces, dots, dashes, and underscores.

    Seeing as our schema for Usernames is set to 50 characters, you can’t have anything more than 50. So you could adjust the first part to simply be:
    (?=^.{1,50}$).

    It won’t show as invalid if you remove the line, but the database won’t be able to store the field.


  • Senior Developer

    I just want to understand the use case for a requirement to have spaces in the Username?

    The regex doesn’t allow for spaces, and creating usernames with spaces isn’t allowed as well.

    How is this a bug if this is intended? Too my knowledge, you cannot create an active directory | ldap user name (userprincipalname) with spaces.



  • Didn’t read enough - carry on.


  • Moderator

    https://github.com/FOGProject/fogproject/blob/master/packages/web/lib/fog/user.class.php#L214

    This function is where it validates the username.

    It uses the same regex as the javascript that checks when you try and manually create an account.

    @kek can you share some examples that failed so we could potentially modify it?

    It doesn’t seem difficult, but we need to know if it’s valid for your case.


  • Senior Developer

    @kek said in FOG Login with spaces in username:

    I error_log ged the search thats is executed when you try to Login.

    Can you share this?



  • @Sebastian-Roth said in FOG Login with spaces in username:

    @kek said in FOG Login with spaces in username:

    but it is also is not working because the LDAP Plugin looks if this username exists in the AD but this name does only exists in the web page field in some users.

    Can you be more specific on how you know this? You seem to have a lot of detail knowledge about how this works but you don’t post any of the details. Please share more of the information here.

    I made a lot of error_logs to see what the Plugin is searching for, but then i saw the Plugin is not the problem.
    I know that because the user got put in the Database after i tried to login a user, but it is not logging in.

    Reading between the lines I guess you have looked through the FOG (LDAP plugin) code already.

    Yes i looked in the LAP Plugin code to see what is the problem, but as already said the Plugin does it’s Job right.
    I error_log ged the search thats is executed when you try to Login.

    Please let us know where you see it’s doing the wrong thing.

    The problem lies by the FOG Login, and because i dont see in the Code why spaces aren’t allowed i made that post.

    I think this PHP Class is for the login: processlogin.class.php


  • Senior Developer

    @kek said in FOG Login with spaces in username:

    but it is also is not working because the LDAP Plugin looks if this username exists in the AD but this name does only exists in the web page field in some users.

    Can you be more specific on how you know this? You seem to have a lot of detail knowledge about how this works but you don’t post any of the details. Please share more of the information here. Reading between the lines I guess you have looked through the FOG (LDAP plugin) code already. Please let us know where you see it’s doing the wrong thing.



  • @Sebastian-Roth said in FOG Login with spaces in username:

    @kek said in FOG Login with spaces in username:

    Yes i put the username in that field with a dot instead of a space but it is also not working.

    What do you mean by that?

    I thought i could put the username separated with a dot in the Web Page field in the AD user properties page because only some persons need access to the FOG Server, but it is also is not working because the LDAP Plugin looks if this username exists in the AD but this name does only exists in the web page field in some users.


  • Senior Developer

    @Wayne-Workman Which database? If I get this right the OP want to use LDAP auth.



  • Set the username manually in the database? That’s what I’d think about doing for this very rare one-off. I can help you try that.


  • Senior Developer

    @kek said in FOG Login with spaces in username:

    Yes i put the username in that field with a dot instead of a space but it is also not working.

    What do you mean by that?



  • @Sebastian-Roth said in FOG Login with spaces in username:

    @kek said in FOG Login with spaces in username:

    I tried already another User Name Attribute like wWWHomePage but it does also not work.

    Also because of spaces??

    Yes i put the username in that field with a dot instead of a space but it is also not working.


  • Senior Developer

    @kek said in FOG Login with spaces in username:

    I tried already another User Name Attribute like wWWHomePage but it does also not work.

    Also because of spaces??


  • Moderator

    @Sebastian-Roth Yeah, I meant in FOG; spaces can be quite difficult to control correctly I think.


Log in to reply
 

315
Online

7.5k
Users

14.6k
Topics

137.4k
Posts