The Shibboleth IdP V4 software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only. See the IDP5 wiki space for current documentation on the supported version.
ValueMatchesShibMDScope
- Rod Widdowson
- Scott Cantor
Namespace: urn:mace:shibboleth:2.0:afp
Schema: http://shibboleth.net/schema/idp/shibboleth-afp.xsd
Overview
The ValueMatchesShibMDScope type is a Matcher which filters results based on <shibmd:Scope> elements contained in the <md:Extensions> element of the issuer's <md:EntityDescriptor> or <md:RoleDescriptor>.
The resulting set of attribute values will only contain:
String Attribute values
Values that match one of the values specified in a
<shibmd:Scope>element within the issuer's<md:EntityDescriptor>or appropriate<md:RoleDescriptor>.
See ShibMetaExt V1.0 or https://wiki.oasis-open.org/security/SAMLSubjectIDAttr for more details on the metadata extension itself.
Example
<PermitValueRule xsi:type="ValueMatchesShibMDScope" />