The NameIDFormatExactMatch
type is a PolicyRule which returns true if the SAML metadata for a requester indicates support for the configured <NameID>
format.
The NameIDFormatExactMatch
type is defined in the urn:mace:shibboleth:2.0:afp
namespace, the schema for which can be located at http://shibboleth.net/schema/idp/shibboleth-afp.xsd
The deprecated basic:AttributeRequesterRegex
type is defined in the urn:mace:shibboleth:2.0:afp:mf:basic
namespace, the schema for which can be located at http://shibboleth.net/schema/idp/shibboleth-afp-mf-basic.xsd
Name | Type | Required? | Description |
---|---|---|---|
nameIdFormat | URI | Y | The format to check for. Only exact matches against the <md:NameIDFormat> elements are made. |
None
<PolicyRequirementRule xsi:type="NameIDFormatExactMatch" nameIdFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" /> |
<SPSSODescriptor protocolSupportEnumeration="..."> [...] <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat> <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat> <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> [...] <SPSSODescriptor> |