MetadataFilterConfiguration

Metadata can be filtered, after loading it but before its use. Filters are specified as a series of <MetadataFilter> elements, which are processed in the order in which they occur as children of the containing <MetadataProvider> element.

Like metadata providers, metadata filters are defined by their xsi:type attribute. All other attributes and child elements are specific to each filter. The filter types provided are:

RequiredValidUntil Filter
- Important for secure processing of metadata containing keys, this filter forces the metadata to carry an expiration date and limits the size of the corresponding validity interval
SchemaValidation Filter
- Performs XML schema validation on the metadata
SignatureValidation Filter
- A common filter that checks the signature on signed metadata
EntityRoleWhiteList Filter (DEPRECATED)
- A memory-saving filter that deletes unneeded role information from the metadata
EntityRole Filter ^4.1
- A memory-saving filter that deletes unneeded role information from the metadata (replaces the deprecated name)
EntityAttributes Filter
- A policy aid, this filter adds information, allowing "tags" to be attached to metadata for use in other parts of the system
Algorithm Filter
- Another additive filter, adds extension elements that signal use of alternative cryptographic algorithms
Predicate Metadata Filter
- An extensible allow/deny filter that removes matching (or keeps only matching) entities based on a set of built-in rules, or with an arbitrary condition
NameIDFormat Filter
- A policy aid, this filter adds information, allowing <NameIDFormat> elements to be attached to metadata for use in driving identifier format selection.
ByReference Filter
- A syntax aid, this filter attaches separately defined filters to metadata providers from "outside" the declaration of the providers.