Forcing case-sensitive pattern matching in IDM policy not working as expected

  • 3500656
  • 20-Jul-2007
  • 26-Apr-2012

Environment


Novell Identity Manager 3.0
Novell Identity Manager 3.5
Novell Identity Manager
Novell Identity Manager Designer

Situation

By default regular expression pattern matching in Identity Manager (IDM) policy is case insensitive. To override this it is possible to include a special flag in the pattern itself to force the match to be case-sensitive. That flag should be '(?-i)' (without the single-quotes) and when placed at the beginning of the pattern it makes the rest of the pattern case sensitive. This functionality is mentioned in the Sun Java documentation.

Resolution

Versions of Java < 1.6.0_02 are affected by this bug. A defect was entered against Java to fix this and that fix has been released. Currently (2007-07-20) Identity Manager and its various components ship, by default, with the 1.4.x or 1.5.x Java environments and, as such, will not have this feature working as it should. A work-around is to disable not only the case-insensitive flag but also the unicode-case flag (see the Java Pattern class for details). To do this use the following:

(?-iu)
instead of
(?-i)

With this done the pattern matching will be case insensitive. Novell Identity Manager Designer's simulator is also affected as it uses the same Java environment as the engine and, without the fixed Java version, requires the same work-around.

Additional Information

Sun bugs related to this issue:
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6487160
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6486934