ProxiedRequesterConfiguration

Owned by Scott Cantor
May 02, 2023
1 min read

Namespace: urn:mace:shibboleth:2.0:afp
Schema: http://shibboleth.net/schema/idp/shibboleth-afp.xsd

Overview

The ProxiedRequester type is a PolicyRule which returns true if the current profile request includes a signal that a downstream system is the actual intended recipient of the information and that recipient's name matches a supplied string. In SAML, this corresponds to an <AuthnRequest> carrying a <Scoping> element that includes a matching <RequesterID>.

This rule allows trusted proxies to receive attributes if they are expected to deliver them to a specific relying party.

Reference

Name

Type

Default

Description

Name

Type

Default

Description

value

String

 

Required, the string to match against

caseSensitive

Boolean

true

Optional, specifies how to perform the comparison

Example

The example reads "Apply this rule if a proxied system is named 'https://downstream.example.org'".

<PolicyRequirementRule xsi:type="ProxiedRequester" value="https://downstream.example.org" />

Â