I believe there's also a PrincipalTransformer: https://github.com/Jasig/cas/blob/3.5.x/cas-server-core/src/main/java/org/jasig/cas/authentication/handler/PrincipalNameTransformer.java
On Fri, Jul 12, 2013 at 5:09 PM, Marvin Addison <[email protected]>wrote: > > However, when using username+password authentication, the literal > > username entered by the client is returned to the CAS client (cf. > > serviceValidate). I enter 'FrEd' and the application sees 'FrEd' instead > > of 'fred' or whatever it might be expecting. > > We recommend doing name canonicalization as part of principal > resolution. Many resolvers, including the LDAP components, provide a > means to specify an attribute to use for the principal ID. If you're > fetching attributes from the directory anyway (as most folks are) as > part of principal resolution, then it's pretty natural to do > normalization here. Many deployments will use the same attribute that > is the basis of the search that is part of the authentication process > (search+bind), but there's no measurable overhead if you're already > fetching attributes for other purposes. > > M > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
