Setting up IdP3 to release set of attributes only to CAS users

Marvin Addison marvin.addison at
Fri Aug 14 10:45:31 EDT 2015

> One thing to note for posterity: expect collisions if you use a regex for
> the policy requirement rules on CAS services. It’s very likely that
> something like `^https://.*\.somegreatuniversity\.edu/.*`, for
> instance, is going to match some SAML SPs as well.

Good point. I think that in many cases the overlap would be intentional and
desirable, but if not it ought to be possible to construct more restrictive
regular expressions to scope it properly.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list