Versions Compared

Old Version 13

changes.mady.by.user Scott Cantor

Saved on

compared with

New Version 14

changes.mady.by.user Scott Cantor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Note

This feature requires V3.3 or later.

...

The <MetadataFilter> element and the type NameIDFormat are defined by the urn:mace:shibboleth:2.0:metadata schema, which can be located at http://shibboleth.net/schema/idp/shibboleth-metadata.xsd

Attributes

NameTypeDefaultDescription
removeExistingFormats 3.4BooleanfalseWhether to remove any existing formats from a role if any are added by the filter (unmodified roles will be untouched regardless of this setting)

Child Elements

 Any of the following can be supplied in any order.

NameDescription
<Format>Content is name identifier format which is added to all the applicable roles of the entities which match any of the following <Entity> or <ConditionRef> elements.
<Entity>The textual content is an EntityID. All preceding formats are added to applicable roles of the entity with this ID.
<ConditionRef>      

The textual content is the Bean ID of a Predicate<EntityDescriptor>. All preceding formats are added to the roles of the entities for which this returns true.

<ConditionScript> 3.4

The content of this element is an inline or local script resource that implements Predicate<EntityDescriptor>. All preceding formats are added to the entities for which this returns true.

Examples

 The example will add the "persistent" format to the first entity, and both the "persistent" and "email" formats to the second.

Code Block
languagexml
titleAdd NameIDFormat elements to metadata
collapsetrue
<MetadataFilter xsi:type="NameIDFormat">
	<Format>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</Format>
	<Entity>https://sp1.example.org</Entity>
	<Format>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</Format>
	<Entity>https://sp2.example.org</Entity>
</MetadataFilter>

...