SOI-CAC Component Does Not Pull Full Username From EDIPI field in Certificate During Authentication

Document ID : KB000103867
Last Modified Date : 29/06/2018
Show Technical Document Details
Introduction:
During testing of SOI's CAC/PIV using CRLs, SOI does not pull the entire username to pass over to EEM for authentication. It leaves out the first letter of the username on the CAC/PIV certificate. It should pull "John.Doe@ca.com" but currently it only pulls "ohn.Doe@ca.com." The soiui-debug.log logs the detail of the message with username having problem.
Instructions:
- The problem got resolved after changing the regex to .*=.*=(.*.*@ca.com) in SamUI\webapps\sam\WEB-INF\cac\config\cac-system-config.xml and now the user name (showing up as email address) showing up without getting truncated.
Note: You'll have to recycle the CA SOI User Interface service after making the change.