The Shibboleth V2 IdP and SP software have reached End of Life and are no longer supported. This documentation is available for historical purposes only. See the IDP v4 and SP v3 wiki spaces for current documentation on the supported versions.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

NOT Attribute Filter Matching Rule

This matching rule evaluates to true to true if its contained rule evaluate to false.

Define the Rule

This rule is defined by the element <PolicyRequirementRule xsi:type="basic:NOT">, for policy requirements rules, and <PermitValueRule xsi:type="basic:NOT">, for permit value rules.

The rule then contains one <Rule xsi:type="MATCHING_RULE_TYPE"> element that is, itself, a filter matching rule.

Example Policy Requirement Rule using the NOT Match Function
<PolicyRequirementRule xsi:type="basic:NOT">
    <basic:Rule xsi:type="basic:PrincipalAuthnticationMethod" value="urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"/>
</PolicyRequirementRule>
  • No labels