/
ProxiedRequesterRegexConfiguration
ProxiedRequesterRegexConfiguration
Namespace: urn:mace:shibboleth:2.0:afp
Schema: http://shibboleth.net/schema/idp/shibboleth-afp.xsd
Overview
The ProxiedRequesterRegex
is a PolicyRule which returns true if the current profile request includes a signal that a downstream system is the actual intended recipient of the information and that recipient's name matches the supplied Pattern. In SAML, this corresponds to an <AuthnRequest>
carrying a <Scoping>
element that includes a matching <RequesterID>
.
This rule allows trusted proxies to receive attributes if they are expected to deliver them to a matching relying party.
Reference
Example
Apply this rule if a proxied SP's name begins with "https://downstream.example.org/":
<PolicyRequirementRule xsi:type="ProxiedRequesterRegex" regex="^https://downstream\.example\.org/.*$" />
, multiple selections available,
Related content
MetadataProviderDynamicAttributes
MetadataProviderDynamicAttributes
Read with this
ProxiedRequesterRegexConfiguration
ProxiedRequesterRegexConfiguration
More like this
PrincipalNameRegexConfiguration
PrincipalNameRegexConfiguration
Read with this
ProxiedRequesterConfiguration
ProxiedRequesterConfiguration
More like this
DecryptedAttributeDefinition
DecryptedAttributeDefinition
Read with this
ProxiedRequesterConfiguration
ProxiedRequesterConfiguration
More like this