The Shibboleth IdP V3 software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only. See the IDP4 wiki space for current documentation on the supported version.
NameIDFormatExactMatchConfiguration
Overview
The NameIDFormatExactMatch type is a PolicyRule which returns true if the SAML metadata for a requester indicates support for the configured <NameID> format.
Schema Name
The NameIDFormatExactMatch type is defined in the urn:mace:shibboleth:2.0:afp namespace, the schema for which can be located at http://shibboleth.net/schema/idp/shibboleth-afp.xsd
The deprecated basic:AttributeRequesterRegex type is defined in the urn:mace:shibboleth:2.0:afp:mf:basic namespace, the schema for which can be located at http://shibboleth.net/schema/idp/shibboleth-afp-mf-basic.xsd
Attributes
Name | Type | Required? | Description |
|---|---|---|---|
| URI | Y | The format to check for. Only exact matches against the |
Child Elements
None
Example
<PolicyRequirementRule xsi:type="NameIDFormatExactMatch"
nameIdFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" />This would match the following metadata extract:
<SPSSODescriptor protocolSupportEnumeration="...">
[...]
<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
[...]
<SPSSODescriptor>