Attribute with Array

  • dave
    Participant
    # 3 weeks, 4 days ago

    I’m using the WP SAML SSO Plugin. I’ve not used it before. Hoping someone can help me solve this:

    I have an array of memberships passed in one of the SSO SAML attributes. Here are a few examples of what that can look like:

    memberships = ['TR','PA']
    or
    memberships = ['PHYS']
    or
    memberships = ['CORP']

    They are passed to wordpress with brackets with the array of values. Mostly going to be single values but there are occasions where it may be multiple like the first example above.

    I have various membership types that can gain access to parts of my site:
    'INTL','NMI','NRS','OTHCP','PHA','PSR','PHYS','PA','RET','RNNRS','TR'

    I also have membership types that are denied access to parts of my site:
    'CORP','INTLHFSA','PTCG'

    I’m trying to figure out how to map allowed access to user role: Subscriber
    and map anyone not allowed to a user role of “Not Subscriber” (custom role I created).

    Would I enable regex on the role mapping fields? What would that look like? I can’t find any examples.

    Or if that is not possible, would I need the enterprise version of the plugin to be able to run a hook to manually determine the user role and set it?

    Thank you!

    • This topic was modified 3 weeks, 4 days ago by  dave.
    dave
    Participant
    # 3 weeks, 4 days ago

    I tried to drop in this regex into the role mapping for “subscriber” but it did not work. How should regex be added to those fields? Any one know?

    ^\[(?:'(INTL|NMI|NRS|OTHCP|PHA|PSR|PHYS|PA|RET|RNNRS|TR)',?\s?)*\]$

    Nutan Lagad
    Participant
    # 3 weeks, 2 days ago

    Hi there,

    I hope you are doing well.

    As I understand it, you have an array of memberships that you pass in one of the SAML attributes, and you have a few memberships to which you want to assign subscriber roles, while some memberships you want to deny access to your site and assign a Non-Subscriber role. Please correct me if I am wrong.

    Would I enable regex on the role mapping fields? What would that look like?
    >> Yes, you can enable regex for role mapping in the premium version of our plugin. Please follow the steps below to enable regex for role mapping-
    – Navigate to the Advanced Settings section of the Attribute/Role Mapping tab within the plugin and enable the “Enable Regex for Role Mapping” toggle.
    – Now, navigate to the Role mapping section of the Attribute/Role Mapping tab and here you can use the following pattern to assign the role from the SAML attribute (INTL|NMI|NRS|OTHCP|PHA|PSR|PHYS|PA|RET|RNNRS|TR).

    Further, I would like to inform you that for users whom you want to deny access to your WP site and assign the Non-Subscriber role, you need to define capabilities for the Non-Subscriber role in WordPress such that users with the Non-Subscriber role are not able to access your site. Then, map semicolon-separated memberships in front of your Non-Subscriber custom role. Moreover, if you don’t have capabilities defined for your custom role, you can use the ‘Create/Update the user but assign a ‘None’ role’ option in our plugin. This way, users whose memberships are not mapped with the subscriber role get the none role and cannot access your site.

    Drop us an email at samlsupport@xecurify.com if you would like to see a demo.

    I hope this helps.

    Thanks,
    Nutan

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.