AAA, NAC, Guest Access & BYOD

Email validator to allow/disallow certain domains

Aruba Employee

Starting in Amigopod v3.3, the isValidEmail validator allows you to specify a list of valid email addresses and a list of invalid ones, ie whitelist/blacklist. The person registering an account must use a valid email in the list or they will be denied access. To enable this feature, edit the "email" field of a form that creates a user. Most likely the form you will want to edit is the Register page of the self-registration page. Under the validator, choose IsValidEmail. The Validator Argument should pre-populate with the following:

array (
'allow' =>
array (
),
'deny' =>
array (
),
)

If the allow array is empty, then it will accept any email not in the deny array. To only allow certain domains, edit the "allow" array and insert each valid domain.

array (
'allow' =>
array (
'goodemail.com',
'alsovalid.edu',
),
'deny' =>
array (
),
)

Similarly, edit the "deny" array to block only certain domains.

array (
'allow' =>
array (
),
'deny' =>
array (
'invalid.org',
),
)

Save the page and test. It is also suggested to give a better error message to the end user if the email they entered is one of the blacklisted domains. This can be done in the same email field under Validation Error. Edit the error message text.

=== How it works ===

When using the IsValidEmail validator, the validator argument may be specified with a whitelist/blacklist of domain names. Use the syntax:

array(
'allow' => array(),
'deny' => array(
'gmail.com',
'yahoo.com',
)
)

The keys 'whitelist' and 'blacklist' may also be used for 'allow' and 'deny', respectively.

An 'allow' or 'deny' value that is a string is converted to a single element array.

Wildcard matching may be used on domain names: the prefix '*.' means match any domain that ends with the given suffix. A '*' component can also be used inside the hostname, and will match zero or more domain name components.

If the 'allow' list is empty or unset, the default behavior is to accept ALL domains other than those listed in the 'deny' list.

If the 'deny' list is empty or unset, the default behavior is to deny ALL domains other than those listed in the 'allow' list.

If both 'allow' and 'deny' lists are provided, the default behavior is to accept a domain name that does not match any of the patterns provided. The 'allow' list is checked first, followed by 'deny'. To obtain the opposite behavior, specify the wildcard '*' as the last entry in the 'deny' list.

Version history
Revision #:
1 of 1
Last update:
‎06-25-2014 04:18 PM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.