Versions Compared

Old Version 7

changes.mady.by.user Rod Widdowson

Saved on

compared with

New Version Current

changes.mady.by.user Rod Widdowson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Namespace: urn:mace:shibboleth:2.0:afp
Schema: http://shibboleth.net/schema/idp/shibboleth-afp.xsd

Overview

The IssuerNameIDFormatExactMatch type is a PolicyRule which returns true if the SAML metadata for an issuer indicates support for the configuredĀ <NameID> format.

Reference

XML Attributes

Name

Type

Required?

Description

nameIdFormat

URI

Y

The format to check for. Only exact matches against the <md:NameIDFormat> elements are made.

Example

Code Block
languagexml
<PolicyRequirementRule xsi:type="IssuerNameIDFormatExactMatch"
	nameIdFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" />

This would match the following metadata excerpt:

Code Block
languagexml
<IDPSSODescriptor protocolSupportEnumeration="...">
[...]
    <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
	<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
	<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
[...]
<IDPSSODescriptor>