The Shibboleth IdP V4 software will leave support on September 1, 2024.

ValueMatchesShibMDScope

Owned by Rod Widdowson
Last updated: Jul 28, 2021

Namespace: urn:mace:shibboleth:2.0:afp
Schema: http://shibboleth.net/schema/idp/shibboleth-afp.xsd

Overview

The ValueMatchesShibMDScope type is a Matcher which filters results based on <shibmd:Scope> elements contained in the <md:Extensions> element of the issuer's <md:EntityDescriptor> or <md:RoleDescriptor>.

The resulting set of attribute values will only contain:

  • String Attribute values

  • Values that match one of the values specified in a <shibmd:Scope> element within the issuer's <md:EntityDescriptor> or appropriate <md:RoleDescriptor>.

See ShibMetaExt V1.0 or https://wiki.oasis-open.org/security/SAMLSubjectIDAttr for more details on the metadata extension itself.

Example

<PermitValueRule xsi:type="ValueMatchesShibMDScope" />