sp authorization with wildcard

Flannery, Sean sean.flannery at jwt.com
Thu Aug 29 10:08:28 EDT 2013


I'm trying to protect an app based on a custom LDAP attribute that requires a wild card search, ie

  <Location /chicagoprintstudio>
    AuthType shibboleth
    ShibRequireSession On
    require company-admin *Chicago*

IE, all people who administrate a Chicago company can access this URL.

It works if I do an exact value like

require company-admin ChicagoWestLoopPrintStudio

But if I do a wild card search, it doesn't let anyone in- maybe it interprets the "*" char literally?  Not sure.

Anyway wondering: am I just using bad regex, or is this not supported?

Any feedback is appreciated.


PS, I realize a group or a require statement that defines all the possible values (rather than a wild card) is the preferred solution and that will be our long term solution, but I'm wondering if I can do a short term solution while that's being worked on.

This transmission is intended solely for the person or organization to whom it is addressed and it may contain privileged and confidential information. If you are not the intended recipient you should not copy, distribute or take any action in reliance on it. If you believe you received this transmission in error please notify the sender.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20130829/ccca2e88/attachment.html 

More information about the users mailing list