The Shibboleth IdP V4 software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only. See the IDP5 wiki space for current documentation on the supported version.
ConditionScript
Namespace: urn:mace:shibboleth:2.0:metadata
Schema: http://shibboleth.net/schema/idp/shibboleth-metadata.xsd
Overview
The <ConditionScript>
 element contains a script (or a reference to a script) that ultimately applies an implementation of Predicate<EntityDescriptor> to a given entity descriptor.
The <ConditionScript>
 element implicitly iterates over all entity descriptors in the filtering pipeline. For each entity descriptor, the parent <MetadataFilter>
 element acts on the input entity descriptor if (and only if) the predicate evaluates to true. The action taken depends on the type of metadata filter.
The <ConditionScript>
 may be a child element within the following metadata filter types:
Reference
The <ConditionScript>
 element is a configuration element of type ScriptType
.
Script Context
Name | Type | Description |
---|---|---|
input | The EntityDescriptor to evaluate for exclusion | |
customObjectRef | any | A custom object to inject into the script |
Examples
The following trivial implementation of Predicate<EntityDescriptor> always returns false regardless of the input
argument:
A trivial implementation of Predicate<EntityDescriptor>
<ConditionScript>
<Script>
<![CDATA[
"use strict";
false;
]]>
</Script>
</ConditionScript>
A more complex example might use the custom
object to help the operation.
Use of custom object
<ConditionScript customObjectRef="BeanID">
<Script>
<![CDATA[
"use strict";
var someCondition = function(entityID) {
// Good stuff
}
var result;
// CustomObjectRef points to a <util:map> where the key is a string and the value is an 'interesting bean'
if (someCondition(input.getEntityID())) {
result = custom["myFirstBean"].someFunction(input);
} else {
result = custom["mySecondBean"].someOtherFunction(input);
}
result;
]]>
</Script>
</ConditionScript>