Maybe you could just check the username directly? <Handler Username=/@(netcologne.de|netaachen.de)$/i>
Or maybe you just want to reject any username with 2 @ symbols first, and therefore should result in the realm check working how you want it to? <Handler Username=/@.*@/> <AuthBy INTERNAL> Identifier AuthBy_REJECT DefaultResult REJECT RejectReason pre-defined REJECT. </AuthBy> </Handler> On 16/09/14 07:50 AM, Roland Rosenfeld wrote: > Hi! > > I noticed the following problem: > > I have a > > <Handler Realm=/^net(cologne|aachen)\.de$/i> > ... > </Handler> > > or alternatively > > <Realm /^net(cologne|aachen)\.de$/i> > ... > </Realm> > > defined. I expected those to match on u...@netcologne.de and > u...@netaachen.de, but my logs show, that also u...@netcologne.de@foo > (with two @ signs in the User-Name) gets access here. > > I'd like to keep out users with multiple "@" signs in their > User-Name. Any idea how to enforce this? > > In the manual I found the difference between %R (everything following > the _first_ @ sign in the User-Name) and %K (everything following the > _last_ @ sign in the User-Name), so there seems to be some logic about > multiple @ signs, but how can I use this for my Realm matching? > > Tschoeeee > > Roland > _______________________________________________ > radiator mailing list > radiator@open.com.au > http://www.open.com.au/mailman/listinfo/radiator > _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator