By way of followup (thanks for the responses) in case anyone is looking for
ways to trim spaces from username during CAS login/authentication we opted to
use the Javascript option because it is simple and addresses the problem as
early as possible - on the login form.
Suggestions were to do this on the server to avoid browser issues, but we let
the browser handle it since it is not a part of core functionality but is
simply an aid to the user (ie. This fixes the fact that they shouldn't have put
spaces in or before their user name, if Javascript is not enabled then they
will have to just type it correctly).
We use onblur (works in most browsers) in the form to trim the username when
they leave the input:
In view/jsp/default/ui/casLoginView.jsp -
add "onblur="this.value=trimVal(this.value)" to the attributes
of form:input id="username"
In view/jsp/default/ui/includes/top.jsp -
Inside <head> Add the trimVal function:
<script>
function trimVal(string)
{
return string.replace(/\s/g,"")
}
</script>
I also like the fact that you can see the effect of this as soon as you move to
the password input (may even catch the users attention to the fact that they
are getting stray spaces in there).
Ted F. Fisher
Information Technology Services
-----Original Message-----
From: Marvin Addison [mailto:[email protected]]
Sent: Wednesday, November 13, 2013 12:50 PM
To: [email protected]
Subject: Re: [cas-user] trimming user name
> One problem is that if a user has a space preceding their user name
> our LDAP accepts that
Interesting. I was going to claim that's pretty weird, but I just tested it
against OpenLDAP using a Java-based client library and got the same results for
'username' and ' username'.
> This doesn't affect our Liferay portal, but when users hit anything in our
> Peoplesoft arena the CAS auth for that fails because of the space before the
> name (a space after the name is no problem).
The best way to address this is to normalize the principal ID in the
CredentialToPrincipalResolver component. For example, using
CredentialsToLDAPAttributePrincipalResolver you would set the
principalAttributeName property to the directory attribute that contains the
principal.
M
--
You are currently subscribed to [email protected] as: [email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
