The Shibboleth IdP V4 software will leave support on September 1, 2024.

PrincipalNameRegexConfiguration

Namespace: urn:mace:shibboleth:2.0:afp
Schema: http://shibboleth.net/schema/idp/shibboleth-afp.xsd

Overview

The PrincipalNameRegex type describes a PolicyRule which returns true if the canonicalized principal used to identify the user matches matches the supplied Pattern. See AuthenticationConfiguration for a discussion of principal name canonicalization during authentication. When filtering data resolved for SAML AttributeQuery requests, the value is produced via NameIDConsumptionConfiguration.

Reference

Name

Type

Default

Description

Name

Type

Default

Description

regex

Pattern

 

Required, the Java regular expression to match against

caseSensitive

boolean

true

Whether the comparison is case sensitive

Example

Apply this rule if the principal starts with "hn":

<PolicyRequirementRule xsi:type="PrincipalNameRegex" regex="^hn.*$" />