We have Windchill/PDMLink 9.1 M040 installed on solaris 10. We have set up basic auth against the corporate ldap (MS Active Directory) and we have an Info Engine adapter setup to map users and groups in AD. This all works well.
We recently setup single sign on using kerberos and this works well for authentication. However, the adapter grabs the REMOTE_USER value which is now set to <userid>@<userdomain> instead of <userid> for kerberos. This value does not map to any attribute in our AD and, therefore, the adapter reject it and doesn't allow any userId in. It appears that if I could remove the @<userdomain> portion of the REMOTE_USER variable after authentication then the adapter would work as expected.
Is there a way to remove the @<userdomain> portion after Apache authenticates but before the adapter grabs it to use it?
Thanks in advance for any help.