This matching rule evaluates to true to true if all of its contained rules evaluate to true.
This rule is defined by the element <PolicyRequirementRule xsi:type="basic:AND">
, for policy requirements rules, and <PermitValueRule xsi:type="basic:AND">
, for permit value rules.
The rule then contains any number of <Rule xsi:type="MATCHING_RULE_TYPE">
elements that are, themselves, filter matching rules.
<PolicyRequirementRule xsi:type="basic:AND"> <basic:Rule xsi:type="basic:AttributeRequesterInEntityGroup" groupID="urn:example:org" /> <basic:Rule xsi:type="basic:PrincipalAuthnticationMethod" value="urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"/> </PolicyRequirementRule> |
Note that it is nonsensical to supply an empty of contained rules and in this case false is returned.