I think you could strip it out using javascript.
Did you write an LDAP factor? Are you using PAM?
Liam
On Mon, Jul 14, 2014 at 1:50 PM, Michael Ghen <mikeg...@brandeis.edu> wrote:
> I do not see @brandeis.edu anywhere. I think it only shows up when
> someone manually types it after their username. Is there a way to configure
> cosign such that if it sees @brandeis.edu it will still just check Active
> Directory? Basically just ignore the @brandeis.edu?
>
>
> On Mon, Jul 14, 2014 at 1:42 PM, Liam Hoekenga <li...@umich.edu> wrote:
>
>> Do you see @brandeis.edu show up in the UI? Something's got to be
>> adding it before the form is POSTed, otherwise the mysql stuff wouldn't be
>> getting invoked.
>>
>> Liam
>>
>>
>> On Mon, Jul 14, 2014 at 12:57 PM, Michael Ghen <mikeg...@brandeis.edu>
>> wrote:
>>
>>> Thanks again, I appreciate the help. We use AD via LDAP. I'm not sure
>>> that we're seeing occurrences of "@brandeis....@brandeis.edu" that was
>>> just a hunch. Do you have any other suggestions for things to try?
>>>
>>>
>>> On Mon, Jul 14, 2014 at 11:49 AM, Liam Hoekenga <li...@umich.edu> wrote:
>>>
>>>> I was mostly thinking that if you wanted to, you could use passwd to
>>>> configure usernames containing @brandeis.edu to point at a kerberos
>>>> realm instead of the guest system.
>>>> Are you using AD via LDAP or kerberos? I believe that "passwd" only
>>>> lets you configure kerberos and guest (mysql), so if you're using LDAP or
>>>> PAM to actually handle the authentication, it probably wouldn't be useful.
>>>>
>>>> The @brandeis.edu and the "cannot connect to guest database" are
>>>> pretty clearly connected.
>>>> The occurrences of "@brandeis....@brandeis.edu" suggest to me that
>>>> maybe you've got something in the UI that's updating the form value. An
>>>> over-zealous javascript? A default value in the username field of the
>>>> login form?
>>>>
>>>> Liam
>>>>
>>>>
>>>> On Mon, Jul 14, 2014 at 11:39 AM, Michael Ghen <mikeg...@brandeis.edu>
>>>> wrote:
>>>>
>>>>> We use Active Directory.
>>>>>
>>>>>
>>>>> On Mon, Jul 14, 2014 at 11:35 AM, Liam Hoekenga <li...@umich.edu>
>>>>> wrote:
>>>>>
>>>>>> Are you using kerberos on the backend?
>>>>>>
>>>>>> Liam
>>>>>>
>>>>>>
>>>>>> On Mon, Jul 14, 2014 at 11:34 AM, Michael Ghen <mikeg...@brandeis.edu
>>>>>> > wrote:
>>>>>>
>>>>>>> Thanks Liam,
>>>>>>>
>>>>>>> I am not using the passwd directive. Will using it resolve this
>>>>>>> issue?
>>>>>>>
>>>>>>> Mike
>>>>>>>
>>>>>>>
>>>>>>> On Mon, Jul 14, 2014 at 11:22 AM, Liam Hoekenga <li...@umich.edu>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> The man page for cosign.conf explains the "Unable to connect to
>>>>>>>> guest account database" error:
>>>>>>>>
>>>>>>>> The keyword passwd is used to control password based
>>>>>>>> authentication of
>>>>>>>> a user using the Kerberos and MySQL internal authenticators.
>>>>>>>> Where this
>>>>>>>> keyword is not specified, usernames containing an ’@’ are
>>>>>>>> authenticated
>>>>>>>> through mysql, all other usernames are authenticated with
>>>>>>>> Kerberos.
>>>>>>>>
>>>>>>>> Are you using the "passwd" directive in your cosign.conf?
>>>>>>>> If so, what do the entries look like?
>>>>>>>>
>>>>>>>> Liam
>>>>>>>>
>>>>>>>>
>>>>>>>> On Mon, Jul 14, 2014 at 10:06 AM, Michael Ghen <
>>>>>>>> mikeg...@brandeis.edu> wrote:
>>>>>>>>
>>>>>>>>> Hello,
>>>>>>>>>
>>>>>>>>> My name is Mike and I work at Brandeis University where we use
>>>>>>>>> Cosign. Recently, we've noticed that when a user enters their
>>>>>>>>> username with
>>>>>>>>> @brandeis.edu at the end, they recieve this error: "Unable to
>>>>>>>>> connect to guest account database."
>>>>>>>>>
>>>>>>>>> We're trying to remove this error so that user can still sign in
>>>>>>>>> but we're unsure about where it is generated. We think that cosign is
>>>>>>>>> appending "@brandeis.edu" before it looks up the account which
>>>>>>>>> would make the username have "...@brandeis....@brandeis.edu." We
>>>>>>>>> could not find anything in the configuration files to suggest that is
>>>>>>>>> the
>>>>>>>>> case. While we explore other options, I figured I would reach out for
>>>>>>>>> help
>>>>>>>>> from the Cosign community. If anyone has any suggestions or can offer
>>>>>>>>> any
>>>>>>>>> guidance, please let me know.
>>>>>>>>>
>>>>>>>>> Thank you,
>>>>>>>>>
>>>>>>>>> Mike
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ------------------------------------------------------------------------------
>>>>>>>>> Want fast and easy access to all the code in your enterprise?
>>>>>>>>> Index and
>>>>>>>>> search up to 200,000 lines of code with a free copy of Black
>>>>>>>>> Duck®
>>>>>>>>> Code Sight™ - the same software that powers the world's
>>>>>>>>> largest code
>>>>>>>>> search on Ohloh, the Black Duck Open Hub! Try it now.
>>>>>>>>> http://p.sf.net/sfu/bds
>>>>>>>>> _______________________________________________
>>>>>>>>> Cosign-discuss mailing list
>>>>>>>>> Cosign-discuss@lists.sourceforge.net
>>>>>>>>> https://lists.sourceforge.net/lists/listinfo/cosign-discuss
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck®
Code Sight™ - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss
