You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2017/11/02 18:49:01 UTC

[jira] [Commented] (KNOX-1078) Add option to preserve original string when lookup fails in regex based identity assertion provider

    [ https://issues.apache.org/jira/browse/KNOX-1078?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16236379#comment-16236379 ] 

ASF subversion and git services commented on KNOX-1078:
-------------------------------------------------------

Commit 11ec78adc7fced033b84eb7a7f29f816d8472714 in knox's branch refs/heads/KNOX-998-Package_Restructuring from [~moresandeep]
[ https://git-wip-us.apache.org/repos/asf?p=knox.git;h=11ec78a ]

KNOX-1078 - Add option to preserve original string when lookup fails in regex based identity assertion provider (Wei Han via Sandeep More)


> Add option to preserve original string when lookup fails in regex based identity assertion provider
> ---------------------------------------------------------------------------------------------------
>
>                 Key: KNOX-1078
>                 URL: https://issues.apache.org/jira/browse/KNOX-1078
>             Project: Apache Knox
>          Issue Type: Improvement
>          Components: Server
>    Affects Versions: 0.11.0
>            Reporter: Wei Han
>            Assignee: Wei Han
>            Priority: Minor
>             Fix For: 0.14.0
>
>         Attachments: 0001-RegexIdentityAssertionFilter-add-an-option-to-preser.patch
>
>
> Currently the Regex identify-assertion supports 'lookup' feature. When the output matches any of the strings in the 'lookup' dictionary, it'll replace the string with the new value. If there's no match, it'll replace the original string with empty string.
> {code:java}
>             <provider>
>             <role>identity-assertion</role>
>             <name>Regex</name>
>             <enabled>true</enabled>
>             <param>
>                 <name>input</name>
>                 <value>(.*)@(.*?)\..*</value>
>             </param>
>             <param>
>                 <name>output</name>
>                 <value>{1}_{[2]}</value>
>             </param>
>             <param>
>                 <name>lookup</name>
>                 <value>us=USA;ca=CANADA</value>
>             </param>
>         </provider>
> {code}
> member@us.apache.org will be translated to /user/member_USA
> member@ca.apache.org will be translated to /user/member_CANADA
> member@uk.apache.org will be translated to /user/member_
> This patch adds an optional field use.original.on.lookup.failure. If sets to true(defaults to false), it'll preserve the original string if there's no match. So after this patch, 
> member@uk.apache.org will be translated to /user/member_uk



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)