Security

Reply
Contributor I

Multiple Strip Username Rules Not Working

I'm trying to strip both the host/ prefix as well as @FQDN from an EAP-TLS authentication and I cannot extract just the username from the request. I have tried multiple variation of the strip username rules:

/:user,user:@

user:@,/:user

 

The engine doesn't appear to be honoring both rules. If I apply the first variation, the resulting username is host/user. If I apply the second variation, the resulting username is user@FQDN. I cannot get just the user no matter how I alter the syntax. What am I missing?

Guru Elite

Re: Multiple Strip Username Rules Not Working

You should not be stripping host. It’s only designed to strip realms. You should use a different service for machine vs user authentications.

Tim Cappalli | Aruba Security
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor I

Re: Multiple Strip Username Rules Not Working

We are using a different service, but we need the username for authorization. We're getting a 201 error: authentication failure, user not found.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: