ProxiedRequesterRegexConfiguration
Namespace: urn:mace:shibboleth:2.0:afp
Schema: http://shibboleth.net/schema/idp/shibboleth-afp.xsd
Overview
The ProxiedRequesterRegex is a PolicyRule which returns true if the current profile request includes a signal that a downstream system is the actual intended recipient of the information and that recipient's name matches the supplied Pattern. In SAML, this corresponds to an <AuthnRequest> carrying a <Scoping> element that includes a matching <RequesterID>.
This rule allows trusted proxies to receive attributes if they are expected to deliver them to a matching relying party.
Reference
Example
Apply this rule if a proxied SP's name begins with "https://downstream.example.org/":
<PolicyRequirementRule xsi:type="ProxiedRequesterRegex" regex="^https://downstream\.example\.org/.*$" />
, multiple selections available,