Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Internal hostnames not case-insensitive matched #730

Closed
strehle opened this issue Nov 8, 2017 · 6 comments
Closed

Internal hostnames not case-insensitive matched #730

strehle opened this issue Nov 8, 2017 · 6 comments
Labels
accepted Accepted the issue

Comments

@strehle
Copy link
Member

strehle commented Nov 8, 2017
edited
Loading

What version of UAA are you running?

4.7.1 or develope

How are you deploying the UAA?

cf push into own space

What did you do?

created an own domain and defined in own YAML.
zones:
internal:
hostnames:
- uaa.domain.com

What did you expect to see? What goal are you trying to achieve with the UAA?

curl -k https://uaa.domain.com/info -> OK
curl -k https://UAA.DOMAIN.COM/info -> OK

What did you see instead?

curl -k https://uaa.domain.com/info -> OK
curl -k https://UAA.DOMAIN.COM/info -> cannot resolve zones exception

Workaround

  zones:
    internal:
      hostnames:
        - uaa.domain.com
        - UAA.DOMAIN.COM

However the names should be matched case insensitive, https://tools.ietf.org/html/rfc4343
The zone resolution does a lower convert always, but the internal hostnames are matched as string.
Browser also convert names to lower case therefore there you cannot see it, but with curl
@cf-gitbot
Copy link

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/152666953

The labels on this github issue will be updated when the story is started.

@tnwang
Copy link
Contributor

tnwang commented Nov 17, 2017

Hi @strehle we see there's an extra O at the end of COM in https://UAA.DOMAIN.COMO/info

When we try upper casing, we see the response come back correctly. Could that be the cause?

@strehle
Copy link
Member Author

strehle commented Nov 18, 2017
edited
Loading

Hi @tnwang no I can see this issue with curl commands from a Linux console, sorry COMO was a typo.

exec:
curl -k https://UAA.DOMAIN.COM/info . I can see this also with a local running UAA with curl because of

https://github.com/cloudfoundry/uaa/blob/master/server/src/main/java/org/cloudfoundry/identity/uaa/zone/IdentityZoneResolvingFilter.java#L74
instead of case ignore match

I see the response from UAA because of sad_cloud.png (error page) otherwise a router in front of UAA would answer

@sreetummidi
Copy link
Contributor

@strehle PRs welcome :)
We won't be able to get to it anytime soon

@strehle
Copy link
Member Author

strehle commented Jan 30, 2018

@sreetummidi ok, I will do that, but please reopen it, I will assign this ticket to a PR and then it goes the standard way of a usual correction

@strehle strehle mentioned this issue Feb 8, 2018
Merged
@strehle
Copy link
Member Author

strehle commented Feb 8, 2018

hi @sreetummidi , you mentioned PR is welcome, see #769

@strehle strehle mentioned this issue Apr 4, 2018
Closed
strehle pushed a commit that referenced this issue Dec 6, 2024
fix(deps): update dependency org.junit:junit-bom to v5.11.2 (#730)
f77eb64 
Co-authored-by: ospo-renovate[bot] <84706+ospo-renovate[bot]@users.noreply.github.wdf.sap.corp>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
accepted Accepted the issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@cf-gitbot @sreetummidi @strehle @tnwang