The Shibboleth IdP V3 software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only. See the IDP4 wiki space for current documentation on the supported version.

AuthenticationMethodRegexConfiguration

Owned by Rod Widdowson
Last updated: Nov 03, 2017 by Scott Cantor

This plugin is deprecated and will be removed in V4.0 due to the inability to accurately represent authentication in the IdP as a single string value. It may be replaced with a differently-named plugin with more advanced capabilities, or one may use scripting to interrogate the full authentication state of the subject.

Overview

The AuthenticationMethodRegex (basic:AuthenticationMethodRegex prior to V3.2) is a PolicyRule which returns true if the authentication method used to authenticate the user matches the supplied Java regular expression.

Schema Name

The deprecated AuthenticationMethodRegex type is defined in the urn:mace:shibboleth:2.0:afp namespace, the schema for which can be located at http://shibboleth.net/schema/idp/shibboleth-afp.xsd

The deprecated basic:AuthenticationMethodRegex type is defined in the urn:mace:shibboleth:2.0:afp:mf:basic namespace, the schema for which can be located at http://shibboleth.net/schema/idp/shibboleth-afp-mf-basic.xsd

Attributes

Only one attribute may be specified:

  • regex : a required attribute which specifies the java regular expression to match against

Child Elements

None

Example

<PolicyRequirementRule xsi:type="AuthenticationMethodRegex" regex="^urn.*$" />
Apply this rule if the user logged in via any mechanism whose name matches the regexp.