The ProxiedRequester type is a PolicyRule which returns true if the current profile request includes a signal that a downstream system is the actual intended recipient of the information and that recipient's name matches a supplied string. In SAML, this corresponds to an <AuthnRequest> carrying a <Scoping> element that includes a matching <RequesterID>.
The ProxiedRequester type is defined in urn:mace:shibboleth:2.0:afp namespace, the schema for which can be located at http://shibboleth.net/schema/idp/shibboleth-afp.xsd
| Name | Type | Default | Description |
|---|---|---|---|
value | String | Required, the string to match against | |
ignoreCase | Boolean | false | Optional, specifies how to perform the comparison |
None
The example reads "Apply this rule if a proxied system is named 'https://downstream.example.org'".
<PolicyRequirementRule xsi:type="ProxiedRequester" value="https://downstream.example.org" /> |