hannahwhy
commented
11 years ago An update: we saw an instance of this occurring in one of our CAS-using applications today. The CAS server recognized a username of the form [SPACE]name, but the application didn't.
Leading or trailing whitespace in a username is never significant. Aker should remove any present before validating credentials.
This could be done generically at the composite authority level so that individual authorities and modes don't have to duplicate the logic.