sp authorization with wildcard
Flannery, Sean
sean.flannery at jwt.com
Thu Aug 29 10:08:28 EDT 2013
Hello,
I'm trying to protect an app based on a custom LDAP attribute that requires a wild card search, ie
<Location /chicagoprintstudio>
AuthType shibboleth
ShibRequireSession On
require company-admin *Chicago*
</Location>
IE, all people who administrate a Chicago company can access this URL.
It works if I do an exact value like
require company-admin ChicagoWestLoopPrintStudio
But if I do a wild card search, it doesn't let anyone in- maybe it interprets the "*" char literally? Not sure.
Anyway wondering: am I just using bad regex, or is this not supported?
Any feedback is appreciated.
Sean
PS, I realize a group or a require statement that defines all the possible values (rather than a wild card) is the preferred solution and that will be our long term solution, but I'm wondering if I can do a short term solution while that's being worked on.
________________________________
This transmission is intended solely for the person or organization to whom it is addressed and it may contain privileged and confidential information. If you are not the intended recipient you should not copy, distribute or take any action in reliance on it. If you believe you received this transmission in error please notify the sender.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20130829/ccca2e88/attachment.html
More information about the users
mailing list