Documentation On shib-attr allowed regex?

Tom Scavo trscavo at gmail.com
Wed Aug 1 18:08:28 EDT 2018


On Wed, Aug 1, 2018 at 5:51 PM, Brian Biggs <brian.biggs at sonoma.edu> wrote:
>
> On 08/01/2018 11:22 AM, Bryan K. Walton wrote:
>>
>> We setup our shib-attr strings like this:
>>
>> Require shib-attr carleton-ca-role ~ ^.*FNQM_ADMIN_CASUAL.*$
>> Require shib-attr carleton-ca-role ~ ^.*FNQM_ADMIN_CONTINUING.*$
>> Require shib-attr carleton-ca-role ~ ^.*FNQM_ACAD_CONTINUING.*$
>> Require shib-attr carleton-ca-role ~ ^.*FNQM_CEJT.*$
>
> Just build 1 regex that handles all 4 cases?
>
> Require shib-attr carleton-ca-role ~
> ^.*(FNQM_(ADMIN|ACAD|CEJT)(_(CASUAL|CONTINUING))?).*$

That's an improvement but it matches more than you want (e.g., "FNQM_
ACAD_ CASUAL" or "FNQM_CEJT_CONTINUING").

Try this instead:

Require shib-attr carleton-ca-role ~
^.*(FNQM_(ADMIN_CASUAL|ADMIN_CONTINUING|ACAD_CONTINUING|CEJT).*$

Cheers,

Tom


More information about the users mailing list