The Shibboleth IdP V4 software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only. See the IDP5 wiki space for current documentation on the supported version.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Overview

The IssuerRegex is a PolicyRule which returns true if the entityID of the party issuing the attributes (usually, but not always, the IdP itself) matches the supplied Java regular expression.

The primary use case for this is proxying when filtering inbound attributes, or in "multi-homing" scenarios in which the IdP may be representing multiple sources of attributes itself under different names.

Schema Name

The IssuerRegex type is defined in the urn:mace:shibboleth:2.0:afp namespace, the schema for which can be located at http://shibboleth.net/schema/idp/shibboleth-afp.xsd

Attributes

NameTypeRequired?Description
regex 
PatternYSpecifies the java regular expression to match against.

Child Elements

None

Example

<PolicyRequirementRule xsi:type="IssuerRegex" regex="^https://idp\.example\.org/.*$" />
Apply this rule if the IdP entityID starts with "https://idp.example.org/".


  • No labels