SOI-CAC Component Does Not Pull Full Username From EDIPI field in Certificate During Authentication

book

Article ID: 103867

calendar_today

Updated On:

Products

CA Service Operations Insight (SOI)

Issue/Introduction

During testing of SOI's CAC/PIV using CRLs, SOI does not pull the entire username to pass over to EEM for authentication. It leaves out the first letter of the username on the CAC/PIV certificate. It should pull "[email protected]" but currently it only pulls "[email protected]" The soiui-debug.log logs the detail of the message with username having problem.

Environment

Release:
Component: SOIMGR

Resolution

- The problem got resolved after changing the regex to .*=.*=(.*.*@ca.com) in SamUI\webapps\sam\WEB-INF\cac\config\cac-system-config.xml and now the user name (showing up as email address) showing up without getting truncated.
Note: You'll have to recycle the CA SOI User Interface service after making the change.