The Shibboleth IdP V4 software will leave support on September 1, 2024.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 9 Current »

Namespace: urn:mace:shibboleth:2.0:afp
Schema: http://shibboleth.net/schema/idp/shibboleth-afp.xsd

Overview

The PrincipalNameRegex type describes a PolicyRule which returns true if the canonicalized principal used to identify the user matches matches the supplied Pattern. See AuthenticationConfiguration for a discussion of principal name canonicalization during authentication. When filtering data resolved for SAML AttributeQuery requests, the value is produced via NameIDConsumptionConfiguration.

Reference

Example

Apply this rule if the principal starts with "hn":

<PolicyRequirementRule xsi:type="PrincipalNameRegex" regex="^hn.*$" />


  • No labels