Time AccessControl

operator 

"AND", "OR"

"AND"

This controls the evaluation of the child plugins in the expected fashion. If set to "AND", the first plugin to return a non-true result ends the evaluation. If set to "OR", the first plugin to return a true result ends the evaluation.

<TimeSinceAuthn> 

0 or more

An ISO 8601 duration, e.g., "PT1H" = 1 hour
The content of this element is an duration value, and the rule evaluates to "true" iff the time between now and the time of authentication for a session does not exceed the duration.

For the remainder of the rules supported, one of a set of relational operators must be supplied, followed by a value to test, separated by whitespace. The operators supported are LT, LE, EQ, GE, and GT, representing "less than", "less than or equal", etc

<Time> 

0 or more

Operator followed by ISO 8601 duration
Performs an absolute comparison between the present time and the time specified in the rule using the supplied operator. For example, "LE 2012-05-24T10:00:00Z" means "less than or equal to May 24, 2012 at 10:00AM UTC time". Time values can be specified in local or UTC time in standard ISO 8601 fashion.

<Year>, <Month>, <Day> <Hour><Minute>, <Second> <DayOfWeek> 

0 or More

Performs a comparison between a particular portion of the current time and the value specified in the rule using the supplied operator. Months are numbered from 1-12, hours from 0-23, and days of the week from 0-6 (Sunday being 0).