0 Replies Latest reply on Mar 7, 2013 3:58 PM by ndrw_cheung

    How to make NameID in SAML message CASE-INSENSITIVE?

    ndrw_cheung
    ndrw_cheung Mar 7, 2013 3:58 PM

      Hi.  I'm using the following configuration for a security domain used by Picketlink (version 2.1.4) on JBoss EPP 5.2.1, but would like to make it so that the user's cn is case-INSENSITIVE.

       

      That is, I'd like to make it so that whe the user logs in, he can enter his username in any case (e.g. JOESMITH is the same as JoeSmith). Not sure if this can be configured here in the security domain or would it be configured in the PicketLink configuration files.

       

      Here are my current settings for the security domain:

       

      <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">

                <module-option name="java.naming.provider.url">ldap://127.0.0.1:389</module-option>

                <module-option name="bindDN">cn=mygenericuser,ou=Canada,o=com</module-option>

                <module-option name="bindCredential">hello123</module-option>

                <module-option name="baseCtxDN">ou=Canada,o=com</module-option>

                <module-option name="baseFilter">(cn={0})</module-option>

                <module-option name="rolesCtxDN">ou=Canada,o=com</module-option>

                <module-option name="roleFilter">(cn={0})</module-option>

                <module-option name="roleAttributeID">employeetype</module-option>

      </login-module>

       

      Any help is appreciated.

       

        -Andrew