Page tree

Previous Stable Release

Please note that the V3 release branch is now the previous stable release, with the current stable releases from the V4 branch.
Support for V3 will end on Dec 31, 2020.

Skip to end of metadata
Go to start of metadata

Metadata can be filtered, after loading it but before its use. Filters are specified as a series of <MetadataFilter> elements, which are processed in the order in which they occur as children of the containing <MetadataProvider> element.

Like metadata providers, metadata filters are defined by their xsi:type attribute.  All other attributes and child elements are specific to each filter. The filter types provided are:

  • Chaining Filter (DEPRECATED)
    • Normally automatically applied whenever multiple filters appear, this wraps multiple filters into a chain, running each one in turn
  • RequiredValidUntil Filter
    • Important for secure processing of metadata containing keys, this filter forces the metadata to carry an expiration date and limits the size of the corresponding validity interval
  • SchemaValidation Filter
    • Performs XML schema validation on the metadata
  • SignatureValidation Filter
    • A common filter that checks the signature on signed metadata
  • EntityRoleWhiteList Filter
    • A memory-saving filter that deletes unneeded role information from the metadata
  • EntityAttributes Filter
    • A policy aid, this filter actually adds information, allowing "tags" to be attached to metadata for use in other parts of the system
  • Predicate Metadata Filter
    • An extensible allow/deny filter that removes matching (or keeps only matching) entities based on a set of built-in rules, or with an arbitrary condition
  • NameIDFormat Filter 3.3
    • A policy aid, this filter adds information, allowing <NameIDFormat> elements to be attached to metadata for use in driving identifier format selection.


  • No labels