Overview

The Issuer type (basic:AttributeIssuerString prior to V3.4) is a PolicyRule which returns true if the name (generally the SAML entityID) of the system issuing the attributes (usually the IdP itself) matches a supplied string. It's not commonly needed but is of use in "multi-homing" scenarios in which the IdP may be representing multiple sources of attributes.

Schema Type and Location

The Issuer type is defined in the urn:mace:shibboleth:2.0:afp namespace, the schema for which can be located at http://shibboleth.net/schema/idp/shibboleth-afp.xsd

The deprecated basic:AttributeIssuerString type is defined in the urn:mace:shibboleth:2.0:afp:mf:basic namespace, the schema for which can be located at http://shibboleth.net/schema/idp/shibboleth-afp-mf-basic.xsd

Reference

Attributes

Name	Type	Default	Description
`value`	String		Required, the string to match against
`ignoreCase`	Boolean	false	Optional, specifies how to perform the comparison

Child Elements

None

Example

The example reads "Apply this rule if the attribute issuer is named 'https://idp.example.org'".

<PolicyRequirementRule xsi:type="Issuer" value="https://idp.example.org" />

Browser not supported