/
ProxiedRequesterRegexConfiguration
ProxiedRequesterRegexConfiguration
- Scott Cantor
Owned by Scott Cantor
May 02, 2023
Namespace: urn:mace:shibboleth:2.0:afp
Schema: http://shibboleth.net/schema/idp/shibboleth-afp.xsd
Overview
The ProxiedRequesterRegex is a PolicyRule which returns true if the current profile request includes a signal that a downstream system is the actual intended recipient of the information and that recipient's name matches the supplied Pattern. In SAML, this corresponds to an <AuthnRequest> carrying a <Scoping> element that includes a matching <RequesterID>.
This rule allows trusted proxies to receive attributes if they are expected to deliver them to a matching relying party.
Reference
Example
Apply this rule if a proxied SP's name begins with "https://downstream.example.org/":
<PolicyRequirementRule xsi:type="ProxiedRequesterRegex" regex="^https://downstream\.example\.org/.*$" />
, multiple selections available,
Related content
PrincipalNameRegexConfiguration
PrincipalNameRegexConfiguration
Read with this
ValueRegexConfiguration
ValueRegexConfiguration
Read with this
SAML2ProxyTransformPostLoginC14NConfiguration
SAML2ProxyTransformPostLoginC14NConfiguration
More like this
ProfileConfiguration-Common
ProfileConfiguration-Common
Read with this
ShibbolethSSOConfiguration
ShibbolethSSOConfiguration
More like this
ProfileConfiguration-ShibbolethSSO
ProfileConfiguration-ShibbolethSSO
More like this