So close. What I needed was a (normalizing) CredentialsToPrincipalResolver. Found a post by Marvin from 2012 (I hadn't noticed before) which pointed me in the right direction.
Tom. On Jul 12, 2013, at 4:05 PM, Tom Poage <[email protected]> wrote: >>> ...core/src/main/java/org/jasig/cas/authentication/handler/PrincipalNameTransformer.java > > Hmm, being discarded, this sounds like it may not accomplish what I was > hoping to do: ... >> * [email protected] or MAD\AENewman. After validation, this form >> of the >> * Principal name is discarded in favor of the choice made by the >> Resolver. ... > > In fact, I went ahead and implemented the above and it normalized the > username being sent to the LDAP directory for bind (again, I'm using > direct bind), but (1) log entries (cas.log) and (2) service ticket > response and (3) the TGT entry contained the non-normalized name. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
