Hi, If an attribute is case insensitive or not is up to the schema definition. In RFC 4517 where uid is defined it clearly states that uid is case insenstive so CAS should handle this out of the box. The easiest way is to return the uid instead of the user supplied user id. This way it doesn't matter what the user supplies, it returnes the correct value to the application.
2.39. 'uid' (RFC 4517)
The 'uid' ('userid' in RFC 1274) attribute type contains computer
system login names associated with the object. Each name is one
value of this multi-valued attribute.
(Source: RFC 2798 [RFC2798] and RFC 1274 [RFC1274])
( 0.9.2342.19200300.100.1.1 NAME 'uid'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
1.3.6.1.4.1.1466.115.121.1.15 refers to the Directory String syntax
[RFC4517].
Pål Axelsson
> -----Ursprungligt meddelande-----
> Från: [email protected] [mailto:[email protected]]
> För Shi Yusen
> Skickat: den 29 januari 2009 20:38
> Till: Yale CAS mailing list
> Ämne: Re: Userid toLowerCase
>
> Not sure what LDAP you are using. LDAP is case-sensitive. I think it's
> wrong to lowercase userid.
>
> If it's OpenLDAP, you can simply add :caseExactmatch:, e.g.
> <param name="Attribute">uid:caseExactmatch:=%u</param>
>
> If your LDAP is backed up by a Kerberos which caused the case
> insensitive, you can search LDAP to get the case-sensitive userid from
> SearchResult after logged in successfully.
>
> Regards,
>
> Shi Yusen/Beijing Langhua Ltd.
>
> 在 2009-01-28三的 11:58 +0100,Pablo Millet写道:
> > As LDAP binding is not case-sensitive users can login with uppercase
> as
> > userid and run in to problems later on when navigating to other
> > case-sensitive CAS-clients.
> >
> > I use org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler
> as
> > authenticationhandler.
> > With CAS2 I solved it simply by doing toLowerCase on
> > TicketGrantingTicket creation.
> >
> > Question;
> > I need to convert userid's toLowerCase in CAS3.
> > Before I go ahead I'd like to ask you if you done this already and if
> > you have any recommendations or 'best practice' on where and how to
> do
> > the lower-case convertion?
> > Can I do this the "Spring" way somehow... any examples?
> >
> > Thanx
> > - Pablo
> > Running CAS 3.3
> >
> >
> >
>
> _______________________________________________
> Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
