AND Attribute Filter Matching Rule

This matching rule evaluates to true to true if all of its contained rules evaluate to true.

Define the Rule

This rule is defined by the element <PolicyRequirementRule xsi:type="basic:AND">, for policy requirements rules, and <PermitValueRule xsi:type="basic:AND">, for permit value rules.

The rule then contains any number of <Rule xsi:type="MATCHING_RULE_TYPE"> elements that are, themselves, filter matching rules.

Example Policy Requirement Rule using the AND Match Function

<PolicyRequirementRule xsi:type="basic:AND">
    <basic:Rule xsi:type="basic:AttributeRequesterInEntityGroup" groupID="urn:example:org" />
    <basic:Rule xsi:type="basic:PrincipalAuthnticationMethod" value="urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"/>
</PolicyRequirementRule>

Note that it is nonsensical to supply an empty of contained rules and in this case false is returned.