Jump to content

regular expression for XML


Recommended Posts

Hi,

 

I'm currently testing a software based AAA(authentication, authorization, accounting) server from http://www.tacacs.net/ and this requires me to use regular expression to authorize specific Cisco commands when users are logged in to our switches.

 

I'm very new to regular expression and I need help to make the "authorization" part of this AAA server works. I've been searching the Internet and trying different syntax of regular expression for XML but I was unsuccessful.

 

What I'm trying do is, match the exact command "show running-config interface fasthethernet 1/0/1".(the "1/0/1" entry is up to "1/0/52"). Also, I would like to match the same command when the user type the shortcut method like "sh run int fa1/0/1". If I could make this work, I could apply the same syntax to other commands that I would like to either permit or deny.

 

If someone could give me an idea how I can make it work, I would appreciate. I attached the authorization.xml file and if you need additional information, just let me know. Based on the attached file, the <Shell> </Shell> section is what I'm working on:

 

<Shell>
<!--note that the login and exit commands are always permitted-->
<Permit>configure terminal</Permit> <Permit/>
</Shell>

 

Thanks!

authorization.xml

Edited by ca_374
Link to post
Share on other sites

Regular expressions are for pattern matching, not really meant for finding specific strings. If you want to find a specific string then your regular expression pattern is the exact string you're looking for. You may need to escape certain characters that have a meaning in regular expressions, like . + * ? etc, but other than that if you're looking for a specific string then your pattern is that string.

 

Matching a range of numbers like 1 through 52 is more complicated, you need to do it in parts. It could be a single-digit number, 1-9, so you would need this:

 

[1-9]

 

or, there could be 2 digits, where the first goes through 1 to 4 and the second goes through 0 to 9, to match 10-49, which is this:

 

[1-4][0-9]

 

then to match 50-52:

 

5[0-2]

 

so you put all of those together to get 1 through 52:

 

([1-9])|([1-4][0-9])|(5[0-2])

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...