Roles at user store level and roles which we display in in role claim seems bit different from the way we interpret them. The content we display in role claim are processed. ex - we can have "/" character. So there seems to be a difference in the content of two cases. Also the regex which we use in claim should be a more generic one which will match all regexes in all user stores configs. ie different user stores can have different regex values.
On Tue, Jan 23, 2018 at 10:47 AM, Johann Nallathamby <[email protected]> wrote: > > > On Tue, Jan 23, 2018 at 10:16 AM, Isura Karunaratne <[email protected]> > wrote: > >> Hi Johann, >> >> >> >> On Tue, Jan 23, 2018 at 8:07 AM, Johann Nallathamby <[email protected]> >> wrote: >> >>> Hi IAM Team, >>> >>> We have two regex patterns for user names and role names. >>> >>> 1. In the userstore configuration as "UsernameJavaRegex" and >>> "RolenameJavaRegex". >>> >>> 2. Similarly we have Regex property defined for claims and username - >>> http://wso2.org/claim/username and role name - >>> http://wso2.org/claims/role are claims as well. >>> >> >>> Can we not have two places to define regex for these two claims? How >>> come we don't need to define regex for other user attributes in the user >>> store configuration? Why is username (and role name) special? >>> >>> >> Also we have separate Javascript Regex properties for username and role >>> name. Why don't we have the same for other attributes? If so can't we >>> introduce that as another claim property to be consistent and easy to >>> understand for users? >>> >> >> RolenameJavaRegex is different from the regrex defined in >> http://wso2.org/claims/role claim, bacause that claim is used to store >> all the roles the perticular user is assigned. RolenameJavaRegex will be >> applied to a single role. >> >> Ex. role calim value. --> Internal/everyone,admin,Application/ >> travelocity.com >> > > Hmm.. I don't think that could be a reason. Regex is defined for a single > value of a singular or multi-valued attribute. I don't think there is a > purpose to define a regex for the multi-valued string irrespective of how > you store it. > > >> >> Thanks >> Isura. >> >> >>> >>> Regards, >>> Johann. >>> >>> -- >>> >>> *Johann Dilantha Nallathamby* >>> Senior Lead Solutions Engineer >>> WSO2, Inc. >>> lean.enterprise.middleware >>> >>> Mobile: *+94 77 7776950* >>> LinkedIn: *http://www.linkedin.com/in/johann-nallathamby >>> <http://www.linkedin.com/in/johann-nallathamby>* >>> Medium: *https://medium.com/@johann_nallathamby >>> <https://medium.com/@johann_nallathamby>* >>> Twitter: *@dj_nallaa* >>> >> >> >> >> -- >> >> *Isura Dilhara Karunaratne* >> Associate Technical Lead | WSO2 >> Email: [email protected] >> Mob : +94 772 254 810 <+94%2077%20225%204810> >> Blog : http://isurad.blogspot.com/ >> >> >> >> > > > -- > > *Johann Dilantha Nallathamby* > Senior Lead Solutions Engineer > WSO2, Inc. > lean.enterprise.middleware > > Mobile: *+94 77 7776950* > LinkedIn: *http://www.linkedin.com/in/johann-nallathamby > <http://www.linkedin.com/in/johann-nallathamby>* > Medium: *https://medium.com/@johann_nallathamby > <https://medium.com/@johann_nallathamby>* > Twitter: *@dj_nallaa* > -- Hasintha Indrajee WSO2, Inc. Mobile:+94 771892453
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
