This plugin is deprecated and will be removed in V4.0 due to the inability to accurately represent authentication in the IdP as a single string value. It may be replaced with a differently-named plugin with more advanced capabilities, or one may use scripting to interrogate the full authentication state of the subject.

Overview

The AuthenticationMethodRegex (basic:AuthenticationMethodRegex prior to V3.2) is a PolicyRule which returns true if the authentication method used to authenticate the user matches the supplied Java regular expression.

Schema Name

The deprecated AuthenticationMethodRegex type is defined in the urn:mace:shibboleth:2.0:afp namespace, the schema for which can be located at http://shibboleth.net/schema/idp/shibboleth-afp.xsd

The deprecated basic:AuthenticationMethodRegex type is defined in the urn:mace:shibboleth:2.0:afp:mf:basic namespace, the schema for which can be located at http://shibboleth.net/schema/idp/shibboleth-afp-mf-basic.xsd

Attributes

Only one attribute may be specified:

regex : a required attribute which specifies the java regular expression to match against

Child Elements

None

Example

<PolicyRequirementRule xsi:type="AuthenticationMethodRegex" regex="^urn.*$" />

Apply this rule if the user logged in via any mechanism whose name matches the regexp.

Browser not supported