The Shibboleth V2 IdP and SP software have reached End of Life and are no longer supported. This documentation is available for historical purposes only. See the IDP v4 and SP v3 wiki spaces for current documentation on the supported versions.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

The EntityMatcher plugin interface is used in various places inside other SP components that have to decide whether operate on an IdP based on its metadata.

For example, the <RelyingParty> element allows configuration options to be selectively applied to "matching" IdPs. This interface makes the evaluation process extensible instead of limiting it to specific criteria.

Unlike many of the plugin types supported by the SP, there is no specific XML element that is normally used to load an EntityMatcher. Rather, other plugin types rely on this mechanism and include the configuration content identified below based on the type of EntityMatcher plugin used. There is typically, but not always, a matcher attribute used to specify the type of plugin.

Name EntityMatcher

Matches an IdP based on its entityID or the name of an enclosing <md:EntitiesDescriptor> element in its metadata, informally referred to as a "group" name.

Be advised that relying on group names is often unreliable when including metadata from multiple, independent sources unless you have confidence that group names won't overlap. They are mostly designed for use with locally-prepared metadata.

Example use of Name EntityMatcher
<RelyingParty Name="https://idp.example.org/idp/shibboleth">

Attributes

  • Name (string)
    • Specifies the entityID or <md:EntitiesDescriptor>/@Name to match against. Matching is exact and case sensitive.

EntityAttribute EntityMatcher

  • No labels