The Shibboleth IdP V4 software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only. See the IDP5 wiki space for current documentation on the supported version.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Version History

Version 1 Next »

Overview

The ProxiedRequester type is a PolicyRule which returns true if the current profile request includes a signal that a downstream system is the actual intended recipient of the information and that recipient's name matches a supplied string. In SAML, this corresponds to an <AuthnRequest> carrying a <Scoping> element that includes a matching <RequesterID>.

Schema Type and Location

The ProxiedRequester type is defined in urn:mace:shibboleth:2.0:afp namespace, the schema for which can be located at http://shibboleth.net/schema/idp/shibboleth-afp.xsd

Reference

Attributes

NameTypeDefaultDescription
valueString
Required, the string to match against
ignoreCaseBooleanfalseOptional, specifies how to perform the comparison

Child Elements

None

Example

The example reads "Apply this rule if a proxied system is named 'https://downstream.example.org'".

<PolicyRequirementRule xsi:type="ProxiedRequester" value="https://downstream.example.org" />
  • No labels