The PrincipalNameRegex (basic:PrincipalNameRegex prior to V3.2) type describes a PolicyRule which returns true if the canonicalized principal used to identify the user matches matches the supplied Java regular expression. See AuthenticationConfiguration for a discussion of principal name canonicalization during authentication.
The PrincipalNameRegex type is defined in the urn:mace:shibboleth:2.0:afp namespace, the schema for which can be located at http://shibboleth.net/schema/idp/shibboleth-afp.xsd
The deprecated basic:PrincipalNameRegex type is defined in the urn:mace:shibboleth:2.0:afp:mf:basic namespace, the schema for which can be located at http://shibboleth.net/schema/idp/shibboleth-afp-mf-basic.xsd
Only one attributes may be specified
regex : a required attribute which specifies the java regular expression to match againstNone
<PolicyRequirementRule xsi:type="PrincipalNameRegex" regex="^hn.*$" /> |