You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, the match engine will allow any value for SOR, assuming the client is authorized for it. So if a client is authorized for '*', it might send 'sis', 'SIS', or 'student' all meaning the same thing. Perhaps require SORs to be defined in the [sors] section of config.in. This could then allow 'sis' while rejecting the other 2 as undefined.
The text was updated successfully, but these errors were encountered:
Currently, the match engine will allow any value for SOR, assuming the client is authorized for it. So if a client is authorized for '*', it might send 'sis', 'SIS', or 'student' all meaning the same thing. Perhaps require SORs to be defined in the [sors] section of config.in. This could then allow 'sis' while rejecting the other 2 as undefined.
The text was updated successfully, but these errors were encountered: