Documentation On shib-attr allowed regex?
Bryan K. Walton
bwalton+1533146256 at leepfrog.com
Thu Aug 2 15:30:14 EDT 2018
Thanks Brian and Tom,
Your suggestion of combing the regex into 1 regex seems to have resolved
the issue.
thanks,
Bryan
On Wed, Aug 01, 2018 at 06:08:28PM -0400, Tom Scavo wrote:
> On Wed, Aug 1, 2018 at 5:51 PM, Brian Biggs <brian.biggs at sonoma.edu> wrote:
> >
> > On 08/01/2018 11:22 AM, Bryan K. Walton wrote:
> >>
> >> We setup our shib-attr strings like this:
> >>
> >> Require shib-attr carleton-ca-role ~ ^.*FNQM_ADMIN_CASUAL.*$
> >> Require shib-attr carleton-ca-role ~ ^.*FNQM_ADMIN_CONTINUING.*$
> >> Require shib-attr carleton-ca-role ~ ^.*FNQM_ACAD_CONTINUING.*$
> >> Require shib-attr carleton-ca-role ~ ^.*FNQM_CEJT.*$
> >
> > Just build 1 regex that handles all 4 cases?
> >
> > Require shib-attr carleton-ca-role ~
> > ^.*(FNQM_(ADMIN|ACAD|CEJT)(_(CASUAL|CONTINUING))?).*$
>
> That's an improvement but it matches more than you want (e.g., "FNQM_
> ACAD_ CASUAL" or "FNQM_CEJT_CONTINUING").
>
> Try this instead:
>
> Require shib-attr carleton-ca-role ~
> ^.*(FNQM_(ADMIN_CASUAL|ADMIN_CONTINUING|ACAD_CONTINUING|CEJT).*$
>
> Cheers,
>
> Tom
> --
> For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
--
Bryan K. Walton 319-337-3877
Linux Systems Administrator Leepfrog Technologies, Inc
More information about the users
mailing list