Hi Andy, Thanks for the help! We went with a custom filter that sanitizes the username value. We might refactor it to a custom Authentication handler in the future, but a filter is seems like a pretty stable and simple solution for now.
kind regards, Rafiek Op donderdag 21 januari 2021 om 03:08:17 UTC+1 schreef Andy Ng: > Hi Rafiek, > > I can think of 3 methods of implementing your requirement: > > 1. *Using Principal Transformation:* > 1. e.g. > > https://apereo.github.io/cas/6.2.x/configuration/Configuration-Properties-Common.html#authentication-principal-transformation > > for Principal transformation for database > 2. However, this kind of principal transformation only do > transformation, it will not output error if the transformation not work > 3. Also, you are bounded by the default set of princiapl > transformation option allowed (to upper, to lower), which is doubt is > your > goal > 2. *Using pre-processor by Groovy script :* > 1. While I didn't used this before, by the description it seems > match your use case: > 2. > > https://apereo.github.io/cas/6.2.x/configuration/Configuration-Properties.html#authentication-pre-processing > 3. See if this will be useful, if not use the other options > 3. *Using custom Authentication Handler:* > 1. Another ways is to implement custom authentication handler > 2. see this for how to do it in older version of CAS: > https://apereo.github.io/2018/06/12/cas53-authn-handlers/ > 3. It is a lot more custom code, but those code usually is backward > compatible (I use custom authen starting from 5.1 all the way to 6.2, > seems > like still working without much edit) > 4. The best thing about this option, is that you will have full > control on how you sanitize the username, including using maybe other > component (e.g. JDBC) for your santization if you so choose > > See if this is useful. Or maybe other option available as well, if so > other can add in. > > Cheers! > - Andy > > On Monday, 18 January 2021 at 20:22:51 UTC+8 [email protected] > wrote: > >> Hi all, >> >> Does anybody know how to sanitize the username? We are able to send any >> sequence of characters for the username, but we would like to limit the >> allowed set of characters. >> >> regards, >> Rafiek >> > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/e488fc0e-04a9-4be1-8595-1c81af57294fn%40apereo.org.
