Namespace: urn:mace:shibboleth:2.0:afp
Schema: http://shibboleth.net/schema/idp/shibboleth-afp.xsd
Table of Contents |
---|
Overview
The OR
type is one of a very few filter plugin types which can function as a PolicyRule or a Matcher. It takes its behavior from its location. If it is defined within a <
PolicyRequirementRule
>
(either directly or as a child of other logical operations), then it acts as a PolicyRule, otherwise it acts as a Matcher.
Reference
Localtabgroup | ||||||
---|---|---|---|---|---|---|
At least one |
PolicyRule Semantics
When used as a PolicyRule, the result is the logical OR of the evaluation of the child rules.
...
The example means that the rule is applied if:
The principal is jsmith or
The SP is named https://sp.example.org or
The SP is named https://sp2.example.org
Code Block | ||
---|---|---|
| ||
<PolicyRequirementRule xsi:type="OR"> <Rule xsi:type="Requester" value="https://sp.example.org" /> <Rule xsi:type="Requester" value="https://sp2.example.org" /> <Rule xsi:type="PrincipalName" value="jsmith" /> </PolicyRequirementRule> |
...