How to override username when using cert+auth?

Unanswered Question
Jan 3rd, 2014
User Badges:

Greetings!


When we have our ASA set to do certificate-only authentication, the session's username is set to the certificate's CN upon login. This works fine.


When we have our ASA set to do certificate + username and password authentication, the session's username is set to the username supplied by the user. I'd like to override this so that the session's username is set to the certificate's CN.


Here's an example of a log message:

production.log:2014-01-03 12:21:08.647 [DEBUG] Message from Host: vpn - Message - %ASA-4-722051: Group <GroupPolicy_RAVPN> User <billybob> IP <a.b.c.d> Address <w.x.y.z> assigned to session (pid:25691)


This is because I logged in as "billybob" at the login prompt. I'd really love it if the User were set to "billybobCert" instead, or whatever the CN of the certificate he was using is.


Any thoughts?


Thanks!

J

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion