Documentation On shib-attr allowed regex?
cantor.2 at osu.edu
Wed Aug 1 14:31:25 EDT 2018
On 8/1/18, 2:22 PM, "users on behalf of Bryan K. Walton" <users-bounces at shibboleth.net on behalf of bwalton+1533146256 at leepfrog.com> wrote:
> Can anybody point me to some documentation on what are the allowed
> regular expressions when setting up shib-attr to control authorization
> in Apache?
I just answered this the other day, there is none. I have no idea what Xerces supports so there is no answer. Avoiding exotic expressions is strongly advisable but yours aren't so my guess is you're not looking at the data you think. Hidden characters perhaps, who knows.
> We are working with an IdP that send multiple attributes, in a comma separated string.
That's a definite misuse of SAML.
More information about the users