Re: [cas-user] Leading White space in username/netid

[Bryan Wooten]

Thanks, I’ll test that tomorrow.

-Bryan

From: Dmitriy Kopylenko <dkopyle...@unicon.net<mailto:dkopyle...@unicon.net>>
Reply-To: "cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org>" 
<cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org>>
Date: Tuesday, August 4, 2015 at 5:23 PM
To: "cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org>" 
<cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org>>
Subject: Re: [cas-user] Leading White space in username/netid

https://groups.google.com/forum/m/#!topic/jasig-cas-user/pz-NZH9H7yI

Sent from my iPhone

On Aug 4, 2015, at 18:54, Bryan Wooten 
<bryan.woo...@utah.edu<mailto:bryan.woo...@utah.edu>> wrote:

Hi all,

Here is the scenario:


  1.  Login into our CASified Peoplesoft with a leading whitespace on the user 
name.
  2.  CAS authenticates against OpenDJ just fine
  3.  Peoplesoft gets the netid/username with the leading white space in 
REMOTE_USER (We are using the Wrapper Filter)
  4.  Peoplesoft can’t resolve the principle.

Second scenario with DUO


  1.  Login into the Peoplesoft portal as a user requiring Duo MFA, again with 
leading whitespace.
  2.  Get past initial CAS login page
  3.  Duo thinks this is a new Duo user and prompts for enrollment.

What is the deal with leading whitespace? Shouldn't the LDAP bind catch this 
and not authenticate?
Should the CAS login page use javascript to trim white space?
Should the CAS server auth module trim the whitespace on the backend?

Anyway this first appeared on the duo-users mail list today and I verified the 
behavior.

Unicon CAS-MFA 3.5.2 / OpenDJ LDAP.

Thoughts?

--
You are currently subscribed to 
cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: 
dkopyle...@unicon.net<mailto:dkopyle...@unicon.net>
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

--
You are currently subscribed to 
cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: 
bryan.woo...@utah.edu<mailto:bryan.woo...@utah.edu>
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

-- 
You are currently subscribed to cas-user@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user