Versions Compared

Old Version 7

changes.mady.by.user Rod Widdowson

Saved on

compared with

New Version 8

changes.mady.by.user Rod Widdowson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Namespace:urn:mace:shibboleth:2.0:metadata
Schema:http://shibboleth.net/schema/idp/shibboleth-metadata.xsd

Table of Contents

Overview

...

Sequences of string-valued <Format> elements are supplied as filter content. When a child element such as <Entity> or <ConditionRef> or <ConditionScript> evaluates to true, the formats are applied to all the recognized format-supporting roles of the corresponding entities. The filter does not have the capability to limit the roles to which formats will be attached.

Note

Filter order is important!

This filter changes the content of the metadata and so a filter of type NameIDFormat should appear after any SignatureValidationFilter in the overall MetadataProvider.

Tip

Position the NameIDFormat filter for efficiency

...

Deliberately position a NameIDFormat filter in the overall sequence of filters for optimal efficiency. In particular, a filter of type NameIDFormat should appear after the EntityRoleFilter since the latter effectively removes entities from the input.

Reference

Localtabgroup
Localtab live
activetrue
titleXML Attributes

Name

Type

Default

Description

removeExistingFormats

Boolean

false

Whether to remove any existing formats from a role if any are added by the filter (unmodified roles will be untouched regardless of this setting)

Localtab live
titleXML Elements

Name

Description

<Format>

Content is name identifier format which is added to all the applicable roles of the entities which match any of the following <Entity> or <ConditionRef> elements.

<Entity>

The textual content is an EntityID. All preceding formats are added to applicable roles of the matching entity.

<ConditionRef>      

The textual content is the Bean ID of a Predicate<EntityDescriptor>. All preceding formats are added to the roles of the entities for which this returns true.

<ConditionScript>

The content of this element is an inline or local script resource that implements Predicate<EntityDescriptor>. All preceding formats are added to the entities for which this returns true.

Examples

 The example will add the "persistent" format to the first entity, and both the "persistent" and "email" formats to the second.

Add NameIDFormat elements to metadata

...