A filter of type EntityAttributes
adds or removes SAML entity attributes to the <mdattr:EntityAttributes>
extension element in metadata in order to drive software behavior based on entity attributes.
...
The <MetadataFilter>
element and the type EntityAttributes
are defined by the urn:mace:shibboleth:2.0:metadata
schema, which can be located at http://shibboleth.net/schema/idp/shibboleth-metadata.xsd.
The <mdattr:EntityAttributes>
extension element is defined by the OASIS SAML V2.0 Metadata Extension for Entity Attributes specification.
The embedded entity attribute is defined by the urn:oasis:names:tc:SAML:2.0:assertion
namespace, the schema for which can be located at http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd. The latter namespace is usually associated with the saml:
prefix.
Attributes
None.
Child Elements
The first two are optional, mutually exclusive, and must appear first:
Name | Description |
---|---|
<AttributeFilterRef> 3.4 | Optional Bean ID of type Predicate |
| The content of this element is an inline or local script resource that implements Predicate< Attribute> , which is applied to all pre-existing extension attributes. Any entity attribute for which it evaluates false are removed prior to subsequent additions. |
Then, any of the following can be supplied in any order:
...
Add entity attributes to metadata
The following example adds the entity attribute "https://sp.example.org/tagname1" to entity "https://sp1.example.org", and both "https://sp.example.org/tagname1" and "https://sp.example.org/tagname2" to entity "https://sp2.example.org"
...