IdPv3 attribute filter behaviour

Cantor, Scott cantor.2 at
Mon May 16 14:45:13 EDT 2016

On 5/16/16, 11:55 AM, "users on behalf of Yavor Yanakiev" <users-bounces at on behalf of yavor at> wrote:

>A syntax error, RequesterRegex used with "value=" instead of "regex=",  in the IdPv3 attribute-filter.xml causes the entire filter configuration to collapse and prevents any attribute release. 

If it can't load the filter policy, then it has to do *something* by default. I don't think there's any other reasonable default, is there?

>I can't recall what was exact IdPv2 behavior, but my impression
> is, error like this wasn't affecting the entire filter configuration, just the mistaken filter.

That's not possible to support, if the error involves the file being schema-invalid. It either parses or it doesn't.

I don't think we ever exposed an option to turn off that validation, at least not for the filter or resolver. If we did/do, that would impact what errors were fatal or not.

-- Scott

More information about the users mailing list