The EntityMatcher plugin interface is used in various places inside other SP components that have to decide whether operate on an IdP based on its metadata.
For example, the <RelyingParty>
element allows configuration options to be selectively applied to "matching" IdPs. This interface makes the evaluation process extensible instead of limiting it to specific criteria.
Unlike many of the plugin types supported by the SP, there is no specific XML element that is normally used to load an EntityMatcher. Rather, other plugin types rely on this mechanism and include the configuration content identified below based on the type of EntityMatcher plugin used. There is typically, but not always, a matcher
attribute used to specify the type of plugin.
Name EntityMatcher
Matches an IdP based on its entityID or the name of an enclosing <md:EntitiesDescriptor>
element in its metadata, informally referred to as a "group" name.
Be advised that relying on group names is often unreliable when including metadata from multiple, independent sources unless you have confidence that group names won't overlap. They are mostly designed for use with locally-prepared metadata.
<RelyingParty Name="https://idp.example.org/idp/shibboleth">
Attributes
Name
(string)- Specifies the
entityID
or<md:EntitiesDescriptor>/@Name
to match against. Matching is exact and case sensitive.
- Specifies the