Hi all, Here is the scenario:
1. Login into our CASified Peoplesoft with a leading whitespace on the user name. 2. CAS authenticates against OpenDJ just fine 3. Peoplesoft gets the netid/username with the leading white space in REMOTE_USER (We are using the Wrapper Filter) 4. Peoplesoft can’t resolve the principle. Second scenario with DUO 1. Login into the Peoplesoft portal as a user requiring Duo MFA, again with leading whitespace. 2. Get past initial CAS login page 3. Duo thinks this is a new Duo user and prompts for enrollment. What is the deal with leading whitespace? Shouldn't the LDAP bind catch this and not authenticate? Should the CAS login page use javascript to trim white space? Should the CAS server auth module trim the whitespace on the backend? Anyway this first appeared on the duo-users mail list today and I verified the behavior. Unicon CAS-MFA 3.5.2 / OpenDJ LDAP. Thoughts? -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
