Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Namespace:urn:mace:shibboleth:2.0:metadata
Schema:http://shibboleth.net/schema/idp/shibboleth-metadata.xsd

Table of Contents
minLevel1
maxLevel4
outlinefalse
typelist
printablefalse

...

Expand
titleXML Elements

If the conditionRef attribute is specified, then only it is used and any child elements are ignored. Otherwise the condition is constructed as one that returns true if:

  • The entityID of the candidate matches any of the supplied <Entity> elements OR

  • The Name of any ancestor <md:EntitiesDescriptor> element for the candidate matches any of the supplied <Group> child elements OR

  • Any <mdattr:EntityAttributes> extension elements associated with the candidate match the supplied <Tag> child elements OR

  • Any scripts designated by a <ConditionScript> element return true

Name

Cardinality

Description

<Entity>

0 or more

The content of this element is an entity ID. If the content matches a candidate entity's entityID, then the condition is true.

<EntityRegex> 5.1

0 or more

The textual content is a regular expression to match against the entityID. If the expression matches a candidate entity's entityID, then the condition is true.

<Group>

0 or more

The content of this element is the Name of an <md:EntitiesDescriptor> element. If the content matches a candidate's surrounding group names, then the condition is true.

<Tag>

0 or more

The (required) attribute 'name' provides the <saml:Attribute> Name to match,
The (optional) attribute 'nameFormat' specifies the <saml:Attribute> NameFormat to match. If not specified (or set to urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified), then all formats match.

The content of this element is a series of one or more <Value> elements whose contents specify a specific <saml:AttributeValue> to match (which may be trimmed in accordance with the trim attribute mentioned above).

(See example below.)

<ConditionScript>

0 or more

The content of this element is an inline or local script resource that implements Predicate<EntityDescriptor>

...