ScopeRegexConfiguration
Namespace: urn:mace:shibboleth:2.0:afp
Schema: http://shibboleth.net/schema/idp/shibboleth-afp.xsd
Overview
The ScopeRegex type matches attributes values against the supplied Pattern.
The ScopeRegex type can be a Matcher or a PolicyRequirement.
If no
attributeIDattribute is specified then it is a Matcher (returning the matching values present amongst the filtered attribute's values, and the empty set otherwise)If an
attributeIDattribute is specified then it is a PolicyRule (returning true if a matching value is present amongst the values of the specified attribute).
Reference
Examples
Apply this rule if the attribute "EPSA" contains at least one scope value whose scope ends .edu:
Simple Profile Policy
<afp:PolicyRequirementRule xsi:type="AttributeScopeRegex" regex="^.*\.edu$" attributeID="EPSA"/>Add any scoped values of the attribute "uid" with scope ending ".edu" to its permitted values list:
Simple Matcher
<AttributeRule attributeID="uid">
<PermitValueRule xsi:type="ScopeRegex" regex="^.*\.edu$" />
</AttributeRule>Apply this rule if any attribute contains a scope value whose scope ends .edu:
Compound PolicyRule (deprecated)
<afp:PolicyRequirementRule xsi:type="AttributeScopeRegex" regex="^.*\.edu$"/>If the attribute "epsa" contains any scoped which starts ends .edu then release all values of "email":
Compound Matcher (deprecated)
<AttributeRule attributeID="email">
<PermitValueRule xsi:type="ScopeRegex" regex="^.*\.edu$" attributeID="EPSA"/>
</AttributeRule>