The PrincipalName
(basic:PrincipalNameString
prior to V3.2) type describes a PolicyRule which returns true if the canonicalized principal used to identify the user matches the supplied string. See AuthenticationConfiguration for a discussion of principal name canonicalization during authentication.
The PrincipalName
type is defined in the urn:mace:shibboleth:2.0:afp
namespace, the schema for which can be located at http://shibboleth.net/schema/idp/shibboleth-afp.xsd
The deprecated basic:
type is defined in the PrincipalName
urn:mace:shibboleth:2.0:afp:mf:basic
namespace, the schema for which can be located at http://shibboleth.net/schema/idp/shibboleth-afp-mf-basic.xsd
Name | Type | Default | Description |
---|---|---|---|
value | String | Required, the string to match against | |
ignoreCase | Boolean | false | Optional, specifies how to perform the comparison |
None
<PolicyRequirementRule xsi:type="PrincipalName" value="hnelson" /> |