Providing a custom UnknownUsername message with a ldap directAuthenticator

[Cantor, Scott]

I don't think this is your problem (specifically because using the "whole" string seemed to work), but there is a bug in the released version(s) that causes problems when chains of validators all signal different events.

It generally affects auditing more than anything else but I guess it's possible things are stepping on each other in other areas.

-- Scott