/
IssuerNameIDFormatExactMatchConfiguration
The Shibboleth IdP V4 software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only. See the IDP5 wiki space for current documentation on the supported version.
IssuerNameIDFormatExactMatchConfiguration
- Scott Cantor
- Rod Widdowson
Owned by Scott Cantor
Last updated: Sept 29, 2021 by Rod Widdowson
Namespace: urn:mace:shibboleth:2.0:afp
Schema: http://shibboleth.net/schema/idp/shibboleth-afp.xsd
Overview
The IssuerNameIDFormatExactMatch type is a PolicyRule which returns true if the SAML metadata for an issuer indicates support for the configured <NameID> format.
Reference
XML Attributes
Name | Type | Required? | Description |
|---|---|---|---|
nameIdFormat | URI | Y | The format to check for. Only exact matches against the |
Example
<PolicyRequirementRule xsi:type="IssuerNameIDFormatExactMatch"
nameIdFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" />This would match the following metadata excerpt:
<IDPSSODescriptor protocolSupportEnumeration="...">
[...]
<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
[...]
<IDPSSODescriptor>
, multiple selections available,
Related content
AttributeFilterConfiguration
AttributeFilterConfiguration
Read with this
IssuerNameIDFormatExactMatchConfiguration
IssuerNameIDFormatExactMatchConfiguration
More like this
NameIdentifiers
NameIdentifiers
Read with this
NameIDFormatExactMatchConfiguration
NameIDFormatExactMatchConfiguration
More like this
AttributeFilterPolicyConfiguration
AttributeFilterPolicyConfiguration
Read with this
NameIDFormatExactMatchConfiguration
NameIDFormatExactMatchConfiguration
More like this