Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Current »

The <Rule> element defines a specific access control requirement.

Attributes

Names

Type

Value

Description

requirestring


One of a set of predefined "aliases" shown here to the left, or the ID/alias of an attribute to examine.

valid-userA rule that requires an authenticated session, but nothing else.
userA rule based on the REMOTE_USER identity for the request.
authnContextClassRefA rule based on the SAML authentication context class or method asserted by the IdP.
authnContextDeclRefA rule based on the SAML authentication context declaration asserted by the IdP.
list booleandefault true

Enables "list" processing on the element's content. If false, the element content is treated as a single value; otherwise, it's a space-delimited list of values.

Element Content

The element's content consists of the data to use as input to the rule. Multiple values can be supplied in a space-separated list, making the rule an implicit <OR>.

  • No labels