The Shibboleth IdP V4 software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only. See the IDP5 wiki space for current documentation on the supported version.

PrincipalNameRegexConfiguration

Owned by Scott Cantor
Last updated: Nov 15, 2021
1 min read

Namespace: urn:mace:shibboleth:2.0:afp
Schema: http://shibboleth.net/schema/idp/shibboleth-afp.xsd

Overview

The PrincipalNameRegex type describes a PolicyRule which returns true if the canonicalized principal used to identify the user matches matches the supplied Pattern. See AuthenticationConfiguration for a discussion of principal name canonicalization during authentication. When filtering data resolved for SAML AttributeQuery requests, the value is produced via NameIDConsumptionConfiguration.

Reference

Name

Type

Default

Description

Name

Type

Default

Description

regex

Pattern

 

Required, the Java regular expression to match against

caseSensitive

boolean

true

Whether the comparison is case sensitive

Example

Apply this rule if the principal starts with "hn":

<PolicyRequirementRule xsi:type="PrincipalNameRegex" regex="^hn.*$" />

Â