<afp:AttributeFilterPolicy id="REFEDSResearchAndScholarship">
<afp:PolicyRequirementRule xsi:type="saml:AttributeRequesterEntityAttributeExactMatch"
attributeName="http://macedir.org/entity-category"
attributeValue="http://refeds.org/category/research-and-scholarship"/>
<!-- minimalMinimal subset of the "R& and S" attribute bundle. -->
<!-- assuming non-reassignedIf ePPN values, otherwise could be reassigned you MUST also includerelease persistentId/eduPersonTargetedID here -->
<afp:AttributeRule attributeID="eduPersonPrincipalName">
<afp:PermitValueRule xsi:type="basic:ANY" />
</afp:AttributeRule>
<afp:AttributeRule attributeID="emaileduPersonTargetedID">
<afp:PermitValueRule xsi:type="basicsaml:ANYAttributeInMetadata" onlyIfRequired="false"/>
</afp:AttributeRule>
<afp:AttributeRule attributeID="displayNameemail">
<afp:PermitValueRule xsi:type="basic:ANY" />
</afp:AttributeRule>
<!-- other attributes only if requested -->
<afp:AttributeRule attributeID="givenNamedisplayName">
<afp:PermitValueRule xsi:type="samlbasic:AttributeInMetadataANY" onlyIfRequired="false"/>
</afp:AttributeRule>
<!-- Other attributes only if requested (could also be released unconditionally) -->
<afp:AttributeRule attributeID="surnamegivenName">
<afp:PermitValueRule xsi:type="saml:AttributeInMetadata" onlyIfRequired="false"/>
</afp:AttributeRule>
<afp:AttributeRule attributeID="eduPersonScopedAffiliationsurname">
<afp:PermitValueRule xsi:type="saml:AttributeInMetadata" onlyIfRequired="false"/>
</afp:AttributeRule>
<afp:AttributeRule attributeID="eduPersonTargetedIDeduPersonScopedAffiliation">
<afp:PermitValueRule xsi:type="saml:AttributeInMetadata" onlyIfRequired="false"/>
</afp:AttributeRule>
</afp:AttributeFilterPolicy> | 