Wei Han created KNOX-1078:
-----------------------------
Summary: Add option to preserve original string when lookup fails
in regex based identity assertion provider
Key: KNOX-1078
URL: https://issues.apache.org/jira/browse/KNOX-1078
Project: Apache Knox
Issue Type: Improvement
Components: Server
Affects Versions: 0.11.0
Reporter: Wei Han
Priority: Minor
Fix For: 0.12.0
Attachments:
0001-RegexIdentityAssertionFilter-add-an-option-to-preser.patch
Currently the Regex identify-assertion supports 'lookup' feature. When the
output matches any of the strings in the 'lookup' dictionary, it'll replace the
string with the new value. If there's no match, it'll replace the original
string with empty string.
?? <provider>
<role>identity-assertion</role>
<name>Regex</name>
<enabled>true</enabled>
<param>
<name>input</name>
<value>(.*)@(.*?)\..*</value>
</param>
<param>
<name>output</name>
<value>{1}_{[2]}</value>
</param>
<param>
<name>lookup</name>
<value>us=USA;ca=CANADA</value>
</param>
</provider>??
[email protected] will be translated to /user/member_USA
[email protected] will be translated to /user/member_CANADA
[email protected] will be translated to /user/member_
This patch adds an optional field use.original.on.lookup.failure. If sets to
true(defaults to false), it'll preserve the original string if there's no
match. So after this patch,
[email protected] will be translated to /user/member_uk
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
