I have a Shibboleth implementation where, in my shibboleth2.xml file, my Host section has an AccessControl Rule that requires a isMemberOf for a group and this works great.
If I add another rule for a different group, it seems to require that the user be a member of both groups.
In my use case, I want people from Group A as well as people from Group B to have access but I don't want anyone else to have access. Is there a way that I can configure AccessControl rules so that it doesn't require both groups but requires either Group A or Group B?
It took me forever to find this but it is well-documented in the Shibboleth wiki. The issue I ran into was that I was only looking at the AccessControl documentation but needed to look at the linked XML Access Control documentation which provides more details on usage: https://wiki.shibboleth.net/confluence/display/SP3/XMLAccessControl
There are OR and AND tags that I can utilize to accomplish what I need.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.