The mailing list for listmasters using Sympa

[Steve Shipway <address@concealed>]

If your SSO setup uses Shibboleth or similar, it will set some HTTP headers (and possibly environment variables) with the additional metadata associated with the SSO method.  You can then use the http_header_list or http_header_prefix to get these values into the Sympa user table for later use in authentication scenari, allowing you to identify how the user authenticated.

Steve

On 04/08/17 02:51, address@concealed wrote:

Hi

I'm looking to restrict list creation to users authenticated through SSO. My SSO setup works great with Sympa and is configured as follow (auth.conf):

generic_sso
 service_name          SSO
 service_id            sso
 email_http_header     REMOTE_USER

I've written a custom scenari for the "create_list" action but I can't find how to identify SSO users:

match([user_attributes->REMOTE_USER], /.+/)   md5,smtp,smime -> do_it
true()   smtp,md5,smime -> reject(reason='create_list_sso_only')

Any idea how should be defined the condition?

Thanks!

Francis

--

Steve Shipway | Senior Email Systems Administrator
Phone: +64 9 302 0515 Fax: +64 9 302 0518
Freephone: 0800 SMX SMX (769 769)
SMX Limited: Level 15, 19 Victoria Street West, Auckland, New Zealand
Web: http://smxemail.com

This email has been filtered by SMX. For more information visit smxemail.com.