locked
Claim rule to remove apostrophe from email RRS feed

  • Question

  • Sorry for the broken links, it wouldn't let me post them until my account is verified.

    I'm not very knowledgeable in custom rules so I'm looking for some help on this one.

    I have a relying party trust set up in ADFS 3.0 that uses email address as the claim. The problem I'm facing is that we have several users with apostrophes in their email address and the relying party doesn't allow apostrophes in usernames. I've been asked to find a way to strip the apostrophe from the claim.

    I found this page, h t t p s://social.technet.microsoft.com/wiki/contents/articles/16161.ad-fs-2-0-using-regex-in-the-claims-rule-language.aspx which seems to point me in the right direction, but when I try to add the rules described in Problem 3, I get a POLICY0029 error for Phase 2.

    Here's what I have:

    Custom Rule 1
    c:[Type == "h t t p://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", Issuer == "AD AUTHORITY"]
     => add(store = "Active Directory", types = ("h t t p://adatum.com/data1holder"), query = ";attribute1;{0}", param = c.Value);

    Custom Rule 2
    c:[Type == "h t t p://adatum.com/data1holder", Issuer == "AD AUTHORITY"]
     => issue(type = "h t t p://adatum.com/data1", Value = RegExReplace(c.Value,”'”,””);

    Custom Rule 2 gives me this error when I try to save it.

    The custom claim rule syntax is not valid.
    POLICY0002: Could not parse policy data.
    Line number: 2, Column number: 73, Error token: ". Line: ' => issue(type = "h t t p://adatum.com/data1", Value = RegExReplace(c.Value,”'”,””);'.
    Parse error: 'POLICY0029: Unexpected input.'

    Any help or suggestions would be greatly appreciated.


    • Edited by LeeMaxwell Tuesday, May 23, 2017 9:17 PM
    Tuesday, May 23, 2017 9:16 PM

Answers

  • You are missing a closing parenthesis at the end before the ;.

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    • Marked as answer by LeeMaxwell Wednesday, May 31, 2017 2:59 PM
    Wednesday, May 24, 2017 5:04 PM
  • c:[Type == "http://adatum.com/data1holder"]
     => issue(Type = "http://adatum.com/data1", Value = RegExReplace(c.Value, "'", ""));

    • Marked as answer by LeeMaxwell Wednesday, May 31, 2017 2:59 PM
    Wednesday, May 24, 2017 7:07 PM

All replies

  • You are missing a closing parenthesis at the end before the ;.

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    • Marked as answer by LeeMaxwell Wednesday, May 31, 2017 2:59 PM
    Wednesday, May 24, 2017 5:04 PM
  • c:[Type == "http://adatum.com/data1holder"]
     => issue(Type = "http://adatum.com/data1", Value = RegExReplace(c.Value, "'", ""));

    • Marked as answer by LeeMaxwell Wednesday, May 31, 2017 2:59 PM
    Wednesday, May 24, 2017 7:07 PM
  • Thanks guys, the extra parentheses did the trick.

    I'm still trying to get the final piece, sending data1 as the outgoing claim, but I'll see if I can work it out on my own first.

     
    Wednesday, May 31, 2017 2:59 PM
  • Hi, I try to remove apostrophe character from a Custom rules that I have create to add _e at the end of the email and transform the email to nameID

    Here is the 2 last Rules I have create but the ' don't be remove from the name ID, if you can help me with this

    Rules 1

    
    c1:[Type == "http://Domain.com/PPTUsers", Value == "PPT"]
     && c2:[Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"]
     => issue(Type = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", Issuer = c2.Issuer, OriginalIssuer = c2.OriginalIssuer, Value = c2.Value, ValueType = c2.ValueType, Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/format"] = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress");

    Rules 2

    c:[Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", Issuer == "AD AUTHORITY"]
     => issue(Type = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", Value = RegExReplace(c.Value, "'", ""));

    The rules 2 do not remove the apostrophe from the email address

    Thanks for your help


    Thursday, April 11, 2019 2:04 PM