Certainly ...
2017-01-24 14:06:30,503 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - <org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler successfully authenticated [username: ccheltenham]> 2017-01-24 14:06:30,550 INFO [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <Initial principal "ccheltenham" was not found in LDAP, returning null> 2017-01-24 14:06:30,550 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - <Resolved principal null> 2017-01-24 14:06:30,551 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - <Resolved principal ccheltenham> 2017-01-24 14:06:30,551 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - <org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler@1b89da7e authenticated ccheltenham with credential [username: ccheltenham].> 2017-01-24 14:06:30,551 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: [username: ccheltenham] WHAT: supplied credentials: [username: ccheltenham] ACTION: AUTHENTICATION_SUCCESS APPLICATION: CAS WHEN: Tue Jan 24 14:06:30 EST 2017 CLIENT IP ADDRESS: 10.153.111.228 SERVER IP ADDRESS: 10.153.111.217 ============================================================= > 2017-01-24 14:06:30,551 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: [username: ccheltenham] WHAT: TGT-88-cc1EzA3nuAx2XlfxmcQ5WHoPJvPpUHfPW3ArlV7sat67X7SgN6-test-ba.dcis.hhs.gov ACTION: TICKET_GRANTING_TICKET_CREATED APPLICATION: CAS WHEN: Tue Jan 24 14:06:30 EST 2017 CLIENT IP ADDRESS: 10.153.111.228 SERVER IP ADDRESS: 10.153.111.217 ============================================================= -----Original Message----- From: David Lawson Sent: Tuesday, January 24, 2017 2:41 PM To: Chris Cheltenham Cc: [email protected]; Pathe Sow Subject: Re: [cas-user] Converting REMOTE_USER variable to all lower/upper case in mod_auth_cas v. 1.1? Can I get a few lines in each side of those lines? Thx. Good stuff > On Jan 24, 2017, at 2:17 PM, Chris Cheltenham <[email protected]> > wrote: > > Hello All, > > I did not find anything in the cas nor tomcat6 logs. > > All I can see is this from the tcp dump below. > > Does this mean anything to anyone? > > I am not well versed in network protocol not dump analysis. > > I am wondering if mod_auth_cas 1.1 is passing the variable correctly in the > first place. > > > > root@test-ba:/home/chrisc > tcpdump -qns 0 -A -r app-remote_user.pcap > | grep USER reading from file app-remote_user.pcap, link-type EN10MB > (Ethernet) > <name > xsi:type="xsd:string">HTTP_USER_AGENT</name> > <name > xsi:type="xsd:string">REMOTE_USER</name> > .......N...............select o.CMID,p0.USERCAPABILITY from CMOBJECTS o left > outer join CMOBJPROPS17 p0 on o.CMID=p0.CMID where o.CMID in (:1 ,:2 ,:3 ,:4 > ,:5 ,:6 ,:7 ,:8 ,:9 ,:10 ,:11 ,:12 ,:13 ,:14 ,:15 ,:16 ,:17 ,:18 ,:19 ,:20 > ,:21 ,:22 ,:23 ,:24 ,:25 ,:26 ,:27 ,:28 ,:29 ,:30 ,:31 ,:32 ,:33 ,:34 ,:35 > ,:36 ,:37 ,:38 ,:39 ,:40 ,:41 ,:42 ,:43 ,:44 ,:45 ,:46 ,:47 ,:48 ,:49 ,:50 > ,:51 ,:52 ,:53 ,:54 ,:55 ,:56 ,:57 ,:58 ,:59 ,:60 ,:61 ,:62 ,:63 ,:64 ,:65 > ,:66 ,:67 ,:68 ,:69 ,:70 ,:71 ,:72 ,:73 ,:74 ,:75 ,:76 ,:77 ,:78 > )...........................i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i..............i.. > ...............CMID......................USERCAPABILITY........xu...."..... > var g_PS_USER_productLocale = "en"; > root@test-ba:/home/chrisc > > > > -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Bryan K. Walton > Sent: Tuesday, January 24, 2017 9:36 AM > To: [email protected] > Subject: Re: [cas-user] Converting REMOTE_USER variable to all lower/upper > case in mod_auth_cas v. 1.1? > > Hi Chris, > > When we look at the request logs in our application, we see the REMOTE_USER > variable. For some users, they come across in all upper case, for others, > they come across in all lower case. And it doesn't matter whether the person > authenticates to the CAS server in upper case or lowercase. The variable > seems to be set by the CAS server. > > -Bryan > >> On Tue, Jan 24, 2017 at 02:20:36PM +0000, Chris Cheltenham wrote: >> Brian, >> >> That is interesting. We have a similar situation where when using Red Hat 5, >> mod_auth_cas 1.0.9 would successful pass the REMOTE_USER variable. >> However, when we switched to Red Hat 7 using mod_auth_cas 1.1 the >> application is NOT picking up the REMOTE_USER variable. >> >> My question is , How do you know the variable is being passed in lower case? >> Do you see it in tcpdump or something similar? >> >> >> >> >> -----Original Message----- >> From: [email protected] [mailto:[email protected]] On Behalf Of >> Bryan K. Walton >> Sent: Tuesday, January 24, 2017 8:46 AM >> To: [email protected] >> Subject: [cas-user] Converting REMOTE_USER variable to all lower/upper case >> in mod_auth_cas v. 1.1? >> >> I hope I'm not double posting here. If so, I apologize, I first sent this to >> the google groups address for cas-community, rather than to the cas-user >> email address. >> >> We have a mod_auth_cas implementation running on Red Hat 7 server. We have >> an application authenticating against a CAS server where the majority of >> users are passed to the application in uppercase. >> >> However, that same CAS server passes some users in lowercase. Is there a >> way in mod_auth_cas to convert all usernames to either uppercase or >> lowercase, overriding what the CAS authentication server sends? >> >> The application is making use of the REMOTE_USER variable. >> >> Thanks! >> Bryan >> >> -- >> - CAS gitter chatroom: https://gitter.im/apereo/cas >> - CAS mailing list guidelines: >> https://apereo.github.io/cas/Mailing-Lists.html >> - CAS documentation website: https://apereo.github.io/cas >> - CAS project website: https://github.com/apereo/cas >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/20170124134546.GC15928%40iridonia.inside.leepfrog.com. >> >> -- >> - CAS gitter chatroom: https://gitter.im/apereo/cas >> - CAS mailing list guidelines: >> https://apereo.github.io/cas/Mailing-Lists.html >> - CAS documentation website: https://apereo.github.io/cas >> - CAS project website: https://github.com/apereo/cas >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/MWHPR17MB1213405D80462366CAE0F9CCC4750%40MWHPR17MB1213.namprd17.prod.outlook.com. > > -- > Bryan K. Walton 319-337-3877 > Linux Systems Administrator Leepfrog Technologies, Inc > > -- > - CAS gitter chatroom: https://gitter.im/apereo/cas > - CAS mailing list guidelines: > https://apereo.github.io/cas/Mailing-Lists.html > - CAS documentation website: https://apereo.github.io/cas > - CAS project website: https://github.com/apereo/cas > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/20170124143613.GE15928%40iridonia.inside.leepfrog.com. -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/MWHPR17MB1213AB7852D21DA27AB266F5C4750%40MWHPR17MB1213.namprd17.prod.outlook.com.
