ROR Upgrade – Duplicate Usernames Issue

Enterprise Support
1

**ROR Version1.63:

**Kibana Version8.14.3:

**Elasticsearch Version8.14.3:

Hello @coutoPL,

We would like to update our Elastic images to the latest ROR version (from 1.61 to 1.63). However, due to the introduction of this :face_with_monocle: Enhancement: Introduced validation to prevent multiple username entries in the users section, we’re currently facing a blocking issue.

Specifically, we need to duplicate usernames to handle both lowercase and uppercase variants (because of different authentication methods), and also to use the same usernames across different tenants.

Is there any alternative solution available? At the moment, this limitation is preventing us from upgrading to the latest ROR version, or even to 1.62.

Thank you in advance for your help.

Best regards,

2

Hi @rafikkcmed

There is the username case sensitivity setting setting in ROR. When you set it to “case-sensitive”, you should be able to have e.g. “user1” and “User1” names in the “users” section (at least I think it should behave like this). Would it solve your problem?

3

Hello @coutoPL ,
In fact, i have two authentication method, first one is ldap and second one is using oidc.
My ror configuratuion looks like:

  • username: [“user1234”, “user5678”]
    groups: [project1"]
    oidc_auth:
    name: “authentication1”
  • username: [“USER1234”, “USER5678”]
    groups: [“project1”]
    ldap_authentication:
    name: “authentication2”
  • username: [“user1234”, “user5678”]
    groups: [“project2”]
    oidc_auth:
    name: “authentication1”
  • username: [“USER1234”, “USER5678”]
    groups: [“project2”]
    ldap_authentication:
    name: “authentication2”

I added the case sensitivity option, but still have the same issue.
Best regards.

4

Oh, I see. Ok, if you need it, we will go back to the previous implementation (no duplicate username detection), but this time, it will be enabled using a feature flag. The current behaviour will be the default.

I will send you a pre-build to test soon.

5

@rafikkcmed it’s implemented. You can test it if you want to.

ROR 1.64.0-pre6 for ES 8.14.3
Here, you can find documentation on how to configure it.

6

ROR 1.64.0 with this functionality was released