[
https://issues.apache.org/jira/browse/KNOX-1078?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Wei Han updated KNOX-1078:
--------------------------
Description:
Currently the Regex identify-assertion supports 'lookup' feature. When the
output matches any of the strings in the 'lookup' dictionary, it'll replace the
string with the new value. If there's no match, it'll replace the original
string with empty string.
<provider>
<role>identity-assertion</role>
<name>Regex</name>
<enabled>true</enabled>
<param>
<name>input</name>
<value>(.*)@(.*?)\..*</value>
</param>
<param>
<name>output</name>
<value>{1}_{[2]}</value>
</param>
<param>
<name>lookup</name>
<value>us=USA;ca=CANADA</value>
</param>
</provider>
[email protected] will be translated to /user/member_USA
[email protected] will be translated to /user/member_CANADA
[email protected] will be translated to /user/member_
This patch adds an optional field use.original.on.lookup.failure. If sets to
true(defaults to false), it'll preserve the original string if there's no
match. So after this patch,
[email protected] will be translated to /user/member_uk
was:
Currently the Regex identify-assertion supports 'lookup' feature. When the
output matches any of the strings in the 'lookup' dictionary, it'll replace the
string with the new value. If there's no match, it'll replace the original
string with empty string.
?? <provider>
<role>identity-assertion</role>
<name>Regex</name>
<enabled>true</enabled>
<param>
<name>input</name>
<value>(.*)@(.*?)\..*</value>
</param>
<param>
<name>output</name>
<value>{1}_{[2]}</value>
</param>
<param>
<name>lookup</name>
<value>us=USA;ca=CANADA</value>
</param>
</provider>??
[email protected] will be translated to /user/member_USA
[email protected] will be translated to /user/member_CANADA
[email protected] will be translated to /user/member_
This patch adds an optional field use.original.on.lookup.failure. If sets to
true(defaults to false), it'll preserve the original string if there's no
match. So after this patch,
[email protected] will be translated to /user/member_uk
> Add option to preserve original string when lookup fails in regex based
> identity assertion provider
> ---------------------------------------------------------------------------------------------------
>
> Key: KNOX-1078
> URL: https://issues.apache.org/jira/browse/KNOX-1078
> Project: Apache Knox
> Issue Type: Improvement
> Components: Server
> Affects Versions: 0.11.0
> Reporter: Wei Han
> Priority: Minor
> Fix For: 0.12.0
>
> Attachments:
> 0001-RegexIdentityAssertionFilter-add-an-option-to-preser.patch
>
>
> Currently the Regex identify-assertion supports 'lookup' feature. When the
> output matches any of the strings in the 'lookup' dictionary, it'll replace
> the string with the new value. If there's no match, it'll replace the
> original string with empty string.
> <provider>
> <role>identity-assertion</role>
> <name>Regex</name>
> <enabled>true</enabled>
> <param>
> <name>input</name>
> <value>(.*)@(.*?)\..*</value>
> </param>
> <param>
> <name>output</name>
> <value>{1}_{[2]}</value>
> </param>
> <param>
> <name>lookup</name>
> <value>us=USA;ca=CANADA</value>
> </param>
> </provider>
> [email protected] will be translated to /user/member_USA
> [email protected] will be translated to /user/member_CANADA
> [email protected] will be translated to /user/member_
> This patch adds an optional field use.original.on.lookup.failure. If sets to
> true(defaults to false), it'll preserve the original string if there's no
> match. So after this patch,
> [email protected] will be translated to /user/member_uk
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
