{"type":"doc","content":[{"type":"paragraph","content":[{"text":"Namespace: ","type":"text","marks":[{"type":"strong"}]},{"text":"urn:mace:shibboleth:2.0:afp","type":"text","marks":[{"type":"code"}]},{"type":"hardBreak"},{"text":"Schema:","type":"text","marks":[{"type":"strong"}]},{"text":" ","type":"text"},{"text":"http://shibboleth.net/schema/idp/shibboleth-afp.xsd","type":"text","marks":[{"type":"link","attrs":{"href":"http://shibboleth.net/schema/idp/shibboleth-afp.xsd"}}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Overview","type":"text"}]},{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"AttributeInMetadata","type":"text","marks":[{"type":"code"}]},{"text":" type is a Matcher which filters results based on ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" elements within the request-indicated ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" in the SP's metadata. The parameterization controls:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Whether the ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" naming is applied directly or indirectly via the ","type":"text"},{"text":"AttributeRegistryConfiguration","type":"text","marks":[{"type":"link","attrs":{"href":"/wiki/spaces/IDP4/pages/1272054306"}}]},{"text":" (the former is indicated by use of ","type":"text"},{"text":"attributeName","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"attributeNameFormat","type":"text","marks":[{"type":"code"}]},{"text":")","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"The behavior when the metadata contains no ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" elements (via ","type":"text"},{"text":"matchIfMetadataSilent","type":"text","marks":[{"type":"code"}]},{"text":")","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"The behavior with respect to the ","type":"text"},{"text":"isRequired","type":"text","marks":[{"type":"code"}]},{"text":" XML attribute","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Whether this is a Matcher or a PolicyRule (via ","type":"text"},{"text":"attributeID","type":"text","marks":[{"type":"code"}]},{"text":")","type":"text"},{"type":"hardBreak"}]}]}]},{"type":"paragraph","content":[{"text":"Value matching is supported but is purely string-based. Only string attribute values of the input attribute are inspected and they are compared with a string representation of each of the values in the ","type":"text"},{"text":"RequestedAttribute","type":"text","marks":[{"type":"code"}]},{"text":". Only matching values are added to the Permit or Deny List.","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Reference","type":"text"}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"XML Attributes","type":"text"}]},{"type":"table","attrs":{"layout":"full-width","localId":"f002887b-5b98-4a66-ab7c-1b04e47a3c24"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[219.0]},"content":[{"type":"paragraph","content":[{"text":"Name","type":"text"}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[108.0]},"content":[{"type":"paragraph","content":[{"text":"Type","type":"text"}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[107.0]},"content":[{"type":"paragraph","content":[{"text":"Default","type":"text"}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[1087.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[219.0]},"content":[{"type":"paragraph","content":[{"text":"attributeName","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[108.0]},"content":[{"type":"paragraph","content":[{"text":"String","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[107.0]},"content":[{"type":"paragraph"}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[1087.0]},"content":[{"type":"paragraph","content":[{"text":"If this attribute is present, a ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" element with this ","type":"text"},{"text":"Name","type":"text","marks":[{"type":"code"}]},{"text":" is searched for. If this attribute is not present, then the appropriate decoded IdP Attribute(s) indicated by the ","type":"text"},{"text":"AttributeRegistryConfiguration","type":"text","marks":[{"type":"link","attrs":{"href":"/wiki/spaces/IDP4/pages/1272054306"}}]},{"text":" are consulted instead.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[219.0]},"content":[{"type":"paragraph","content":[{"text":"attributeNameFormat","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[108.0]},"content":[{"type":"paragraph","content":[{"text":"String","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[107.0]},"content":[{"type":"paragraph"}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[1087.0]},"content":[{"type":"paragraph","content":[{"text":"If this attribute is present, provides additional filtering of the ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" information, such that it will only be matched if one of the following conditions is true:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"The value of ","type":"text"},{"text":"attributeNameFormat","type":"text","marks":[{"type":"code"}]},{"text":" attribute matches the value of the ","type":"text"},{"text":"NameFormat","type":"text","marks":[{"type":"code"}]},{"text":" XML attribute ","type":"text"},{"text":"or","type":"text","marks":[{"type":"em"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"NameFormat","type":"text","marks":[{"type":"code"}]},{"text":" XML attribute is not present ","type":"text"},{"text":"or","type":"text","marks":[{"type":"em"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"The value of the ","type":"text"},{"text":"NameFormat","type":"text","marks":[{"type":"code"}]},{"text":" XML attribute is ","type":"text"},{"text":"urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"attributeNameFormat","type":"text","marks":[{"type":"code"}]},{"text":" attribute is ignored if ","type":"text"},{"text":"attributeName","type":"text","marks":[{"type":"code"}]},{"text":" is not present.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[219.0]},"content":[{"type":"paragraph","content":[{"text":"matchIfMetadataSilent","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[108.0]},"content":[{"type":"paragraph","content":[{"text":"Boolean","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[107.0]},"content":[{"type":"paragraph","content":[{"text":"false","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[1087.0]},"content":[{"type":"paragraph","content":[{"text":"If true then all input values are returned if the metadata contains no ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" or decoded attribute information","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[219.0]},"content":[{"type":"paragraph","content":[{"text":"onlyIfRequired","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[108.0]},"content":[{"type":"paragraph","content":[{"text":"Boolean","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[107.0]},"content":[{"type":"paragraph","content":[{"text":"true","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[1087.0]},"content":[{"type":"paragraph","content":[{"text":"If this is true and the corresponding ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" element does not specify ","type":"text"},{"text":"isRequired=\"true\"","type":"text","marks":[{"type":"code"}]},{"text":" , then no values are matched","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[219.0]},"content":[{"type":"paragraph","content":[{"text":"attributeID","type":"text"},{"type":"hardBreak"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[108.0]},"content":[{"type":"paragraph","content":[{"text":"String","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[107.0]},"content":[{"type":"paragraph"}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[1087.0]},"content":[{"type":"paragraph","content":[{"text":"If this attribute is present, then this is a PolicyRule returning true if the Matcher, when applied to the attribute with this ID, matches any values. See ","type":"text"},{"text":"AttributeValueString","type":"text","marks":[{"type":"link","attrs":{"href":"/wiki/spaces/IDP4/pages/1265631547"}}]},{"text":" for an exmaple of how attributeID changes the meaning of a Matcher in a slightly less daunting scenario.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Examples","type":"text"}]},{"type":"paragraph","content":[{"text":"Suppose an SP has the following requested attributes in metadata:","type":"text","marks":[{"type":"textColor","attrs":{"color":"#222222"}}]}]},{"type":"codeBlock","attrs":{"language":"xml"},"content":[{"text":"\n\n\n\n","type":"text"}]},{"type":"paragraph","content":[{"text":"Then an IdP with the following configuration will release the indicated wire attributes to the above SP provided that they are configured with attribute transoding rules that match the SAML naming above.","type":"text","marks":[{"type":"textColor","attrs":{"color":"#222222"}}]}]},{"type":"codeBlock","attrs":{"language":"xml"},"content":[{"text":"\n\n \n\n \n \n \n\n \n \n \n\n \n \n \n\n","type":"text"}]},{"type":"paragraph","content":[{"text":"Now suppose an SP has the following requested attributes in metadata:","type":"text","marks":[{"type":"textColor","attrs":{"color":"#222222"}}]}]},{"type":"codeBlock","attrs":{"language":"xml"},"content":[{"text":"\n\n\n\n","type":"text"}]},{"type":"paragraph","content":[{"text":"Then two IdPs with the following configurations will release the indicated wire attributes to the above SP:","type":"text","marks":[{"type":"textColor","attrs":{"color":"#222222"}}]}]},{"type":"layoutSection","marks":[{"type":"breakout","attrs":{"mode":"full-width"}}],"content":[{"type":"layoutColumn","attrs":{"width":50.0},"content":[{"type":"codeBlock","attrs":{"language":"xml"},"content":[{"text":"\n\n \n\n \n \n \n\n \n \n \n\n \n \n \n\n","type":"text"}]}]},{"type":"layoutColumn","attrs":{"width":50.0},"content":[{"type":"codeBlock","attrs":{"language":"xml"},"content":[{"text":"\n\n \n\n \n \n \n\n \n \n \n\n \n \n \n\n","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"Note that both IdPs have an attribute release policy that relies on the same set of requested attributes, but the requested attributes are mapped to different wire attributes in each case.","type":"text"}]}],"version":1}