/
PrincipalNameConfiguration
The Shibboleth IdP V4 software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only. See the IDP5 wiki space for current documentation on the supported version.
PrincipalNameConfiguration
- Scott Cantor
- Rod Widdowson
Owned by Scott Cantor
Last updated: Nov 15, 2021
Namespace: urn:mace:shibboleth:2.0:afp
Schema: http://shibboleth.net/schema/idp/shibboleth-afp.xsd
Overview
The PrincipalName type describes a PolicyRule which returns true if the canonicalized principal used to identify the subject matches the supplied string. See AuthenticationConfiguration for a discussion of principal name canonicalization during authentication. When filtering data resolved for SAML AttributeQuery requests, the value is produced via NameIDConsumptionConfiguration.
Reference
Example
Apply this rule if the principal is "hnelson":
<PolicyRequirementRule xsi:type="PrincipalName" value="hnelson" />
, multiple selections available,
Related content
PrincipalNameConfiguration
PrincipalNameConfiguration
More like this
PrincipalNameConfiguration
PrincipalNameConfiguration
More like this
PrincipalNameRegexConfiguration
PrincipalNameRegexConfiguration
More like this
PrincipalNameRegexConfiguration
PrincipalNameRegexConfiguration
More like this
PrincipalNameRegexConfiguration
PrincipalNameRegexConfiguration
More like this
NameIDConsumptionConfiguration
NameIDConsumptionConfiguration
Read with this