We've made it a bit further along, thanks for the help thus far.
Time for the next question: What is the REGEX dialect of
*cas.person-directory.principal-transformation.pattern* ?
I'm trying various flavors of
^([a-zA-Z0-9.]+)@maine\.edu
both with and without escaping, and they all are blowing up, causing
immediate crash without even writing out an error message. We're using the
YAML config format, so the REGEX is enclosed in double-quotes. We need to
remove the scope from the principal's username after (Delegated)
authentication, if and only if it matches our domain (all other attempts
should fail to lookup attributes).
Does it require leading and trailing forward slashes ("/")?
Does it use some really odd REGEX dialect?
(And no, telling me it supports the Spring Expression Language is not
useful information, unless of course this isn't actually something
expecting a REGEX.)
Is there some better mechanism for this?
(No, filtering in the upstream delegated authenticator, and potentially
introducing a security hole large enough to drive a bus through, is not a
realistic "better" mechanism.)
--
- Website: https://apereo.github.io/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/4868036a-30b2-492a-8e71-6812eb29df10n%40apereo.org.
