/
ExampleArps

The Shibboleth V1 software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only.

ExampleArps

Feb 04, 2008

The following example is the ARPs used by the OhioLINK staff IdP.  It releases the eduPersonPrincipalName attribute only to the OhioLINK servers and Internet2.

<?xml version="1.0" encoding="UTF-8"?>
<AttributeReleasePolicy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="urn:mace:shibboleth:arp:1.0" xsi:schemaLocation="urn:mace:shibboleth:arp:1.0 shibboleth-arp-1.0.xsd" >
        <Description>OhioLINK Staff ARP</Description>
        <Rule>
                <Target>
                        <Requester matchFunction="urn:mace:shibboleth:arp:matchFunction:regexMatch">

https://.+\.ohiolink\.edu/shibboleth

</Requester>
                </Target>
                <Attribute name="urn:mace:dir:attribute-def:eduPersonPrincipalName">
                        <AnyValue release="permit"/>
                </Attribute>
        </Rule>
        <Rule>
                <Target>
                        <Requester matchFunction="urn:mace:shibboleth:arp:matchFunction:exactShar">

https://spaces.internet2.edu/shibboleth

</Requester>
                </Target>
                <Attribute name="urn:mace:dir:attribute-def:eduPersonPrincipalName">
                        <AnyValue release="permit"/>
                </Attribute>
        </Rule>
</AttributeReleasePolicy>