The Shibboleth V1 software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only.

ExampleArps

Owned by Former user (Deleted)
Last updated: Feb 04, 2008Version comment
1 min read

The following example is the ARPs used by the OhioLINK staff IdP.  It releases the eduPersonPrincipalName attribute only to the OhioLINK servers and Internet2.

<?xml version="1.0" encoding="UTF-8"?>
<AttributeReleasePolicy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="urn:mace:shibboleth:arp:1.0" xsi:schemaLocation="urn:mace:shibboleth:arp:1.0 shibboleth-arp-1.0.xsd" >
        <Description>OhioLINK Staff ARP</Description>
        <Rule>
                <Target>
                        <Requester matchFunction="urn:mace:shibboleth:arp:matchFunction:regexMatch">

https://.+\.ohiolink\.edu/shibboleth

</Requester>
                </Target>
                <Attribute name="urn:mace:dir:attribute-def:eduPersonPrincipalName">
                        <AnyValue release="permit"/>
                </Attribute>
        </Rule>
        <Rule>
                <Target>
                        <Requester matchFunction="urn:mace:shibboleth:arp:matchFunction:exactShar">

https://spaces.internet2.edu/shibboleth

</Requester>
                </Target>
                <Attribute name="urn:mace:dir:attribute-def:eduPersonPrincipalName">
                        <AnyValue release="permit"/>
                </Attribute>
        </Rule>
</AttributeReleasePolicy>