...
Enforces the content of NameQualifier and SPNameQualifier attributes in decoded <NameID>-valued attributes. It supports the following XML attributes for configuration:
| Name | Type | Default | Description |
|---|---|---|---|
attributeID | String | If set, indirects the function evaluation through another attribute. | |
NameQualifier | String | Attribute issuer | Overrides the qualifier to require/check for |
SPNameQualifier | String | Attribute requester | Overrides the qualifier to require/check for |
Rule Referencing
One feature maintained in the SP that was not supported by the IdP is rule referencing. The <afp:PolicyRequirementRule>, <afp:PermitValueRule>, and <afp:DenyValueRule> elements can appear alone, with an id attribute. In turn, anywhere these elements would be used within an <afp:AttributeFilterPolicy> or <afp:AttributeRule>, the previously defined rules can be referenced via <afp:PolicyRequirementRuleReference>, <afp:PermitValueRuleReference>, <afp:DenyValueRuleReference>, and <afp:RuleReference> elements.
The default policy distributed with the software includes an example of this approach.
Reference
Attributes
Aside from the type="XML" attribute itself, there is no other attribute content specific to this plugin type.
...