<?xml version="1.0" encoding="UTF-8"?>
<AttributeFilterPolicyGroup id="ShibbolethFilterPolicy"
xmlns="urn:mace:shibboleth:2.0:afp"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="urn:mace:shibboleth:2.0:afp http://shibboleth.net/schema/idp/shibboleth-afp.xsd">
<!-- REFEDS ReleaseAnonymous theAuthorization transient ID to anyoneEntity Category -->
<AttributeFilterPolicy id="releaseTransientIdToAnyonereleaseToRefedsAnonymous">
<PolicyRequirementRule xsi:type="ANYEntityAttributeExactMatch" attributeName="http://macedir.org/entity-category" attributeValue="https://refeds.org/category/anonymous" />
<AttributeRule attributeID="transientIdeduPersonScopedAffiliation">
<PermitValueRule xsi:type="ANY" />
</AttributeRule>
</AttributeFilterPolicy>
<!-- GEANT Data protection Code of Conduct <AttributeRule attributeID="schacHomeOrganization">
<PermitValueRule xsi:type="ANY"/>
</AttributeRule>
</AttributeFilterPolicy>
<!-- REFEDS Pseudonymous Authorization Entity Category -->
<!-- Supports data minimalisation to prevent use together with anonymous -->
<AttributeFilterPolicy id="releaseToCoCoreleaseToRefedsPseudonymous">
<PolicyRequirementRule xsi:type="EntityAttributeExactMatchAND">
<Rule xsi:type="EntityAttributeExactMatch" attributeName="http://macedir.org/entity-category"
attributeValue="httphttps://wwwrefeds.geant.netorg/uri/dataprotection-code-of-conduct/v1category/pseudonymous" />
<AttributeRule attributeID="eduPersonTargetedID <Rule xsi:type="NOT">
<PermitValueRule<Rule xsi:type="AttributeInMetadataEntityAttributeExactMatch" onlyIfRequired="trueattributeName="http://macedir.org/entity-category" attributeValue="https://refeds.org/category/anonymous" />
</AttributeRule>
</Rule>
</PolicyRequirementRule>
<AttributeRule attributeID="eduPersonPrincipalNamesamlPairwiseID">
<PermitValueRule xsi:type="AttributeInMetadata" onlyIfRequired="true" ANY"/>
</AttributeRule>
<AttributeRule attributeID="eduPersonUniqueIdeduPersonScopedAffiliation">
<PermitValueRule xsi:type="AttributeInMetadata" onlyIfRequired="true" ANY"/>
</AttributeRule>
<AttributeRule attributeID="eduPersonOrcidschacHomeOrganization">
<PermitValueRule xsi:type="AttributeInMetadata" onlyIfRequired="true" ANY"/>
</AttributeRule>
<AttributeRule attributeID="norEduPersonNINeduPersonAssurance">
<PermitValueRule xsi:type="ANDANY" />
<Rule xsi:type="AttributeInMetadata" onlyIfRequired="true" />
<Rule xsi:type="RegistrationAuthority" registrars="http://www.swamid.se/" />
</PermitValueRule>
</AttributeRule>
<AttributeRule attributeID="personalIdentityNumber">
<PermitValueRule xsi:type="AND">
</AttributeRule>
</AttributeFilterPolicy>
<!-- REFEDS Personalized Access Entity Category -->
<!-- Supports data minimalisation to prevent use together with anonymous and pseudonymous-->
<AttributeFilterPolicy id="releaseToRefedsPersonalized">
<PolicyRequirementRule xsi:type="AND">
<Rule xsi:type="EntityAttributeExactMatch" attributeName="http://macedir.org/entity-category" attributeValue="https://refeds.org/category/personalized" />
<Rule xsi:type="NOT">
<Rule xsi:type="OR">
<Rule xsi:type="EntityAttributeExactMatch" attributeName="http://macedir.org/entity-category" attributeValue="https://refeds.org/category/anonymous" />
<Rule xsi:type="EntityAttributeExactMatch" attributeName="http://macedir.org/entity-category" attributeValue="https://refeds.org/category/pseudonymous" />
</Rule>
</Rule>
</PolicyRequirementRule>
<AttributeRule attributeID="samlSubjectID">
<PermitValueRule xsi:type="ANY" />
</AttributeRule>
<AttributeRule attributeID="displayName">
<PermitValueRule xsi:type="ANY" />
</AttributeRule>
<AttributeRule attributeID="givenName">
<PermitValueRule xsi:type="ANY" />
</AttributeRule>
<AttributeRule attributeID="sn">
<PermitValueRule xsi:type="ANY" />
</AttributeRule>
<AttributeRule attributeID="mail">
<PermitValueRule xsi:type="ANY" />
</AttributeRule>
<AttributeRule attributeID="eduPersonAssurance">
<PermitValueRule xsi:type="ANY" />
</AttributeRule>
<AttributeRule attributeID="schacHomeOrganization">
<PermitValueRule xsi:type="ANY" />
</AttributeRule>
<AttributeRule attributeID="eduPersonScopedAffiliation">
<PermitValueRule xsi:type="OR">
<Rule xsi:type="Value" value="faculty" caseSensitive="false" />
<Rule xsi:type="Value" value="student" caseSensitive="false"/>
<Rule xsi:type="Value" value="staff" caseSensitive="false"/>
<Rule xsi:type="Value" value="alum" caseSensitive="false"/>
<Rule xsi:type="Value" value="member" caseSensitive="false"/>
<Rule xsi:type="AttributeInMetadataValue" onlyIfRequiredvalue="trueaffiliate" caseSensitive="false"/>
<Rule xsi:type="RegistrationAuthorityValue" registrarsvalue="http://www.swamid.se/employee" caseSensitive="false"/>
</PermitValueRule>
</AttributeRule>
<AttributeRule<Rule attributeIDxsi:type="schacDateOfBirthValue">
<PermitValueRule xsi:type="AttributeInMetadata" onlyIfRequired="true" />
</AttributeRule>
<AttributeRule attributeID="mail">
<PermitValueRule xsi:type="AttributeInMetadata" onlyIfRequired="true" />
</AttributeRule>
<AttributeRule attributeID="cn">
<PermitValueRule xsi:type="AttributeInMetadata" onlyIfRequired="true" />
</AttributeRule>
<AttributeRule attributeID="displayName">
<PermitValueRule xsi:type="AttributeInMetadata" onlyIfRequired="true" />
</AttributeRule>
<AttributeRule attributeID="givenName">
<PermitValueRule xsi:type="AttributeInMetadata" onlyIfRequired="true" />
</AttributeRule>
<AttributeRule attributeID="sn">
<PermitValueRule xsi:type="AttributeInMetadata" onlyIfRequired="true" />
</AttributeRule>
<AttributeRule attributeID="eduPersonAssurance">
<PermitValueRule xsi:type="AttributeInMetadata" onlyIfRequired="true" />
</AttributeRule>
<AttributeRule attributeID="eduPersonScopedAffiliation">
<PermitValueRule xsi:type="AND">
<Rule xsi:type="AttributeInMetadata" onlyIfRequired="true" />
<Rule xsi:type="OR">
<Rule xsi:type="Value" value="faculty" ignoreCase="true" / value="library-walk-in" caseSensitive="false"/>
</PermitValueRule>
</AttributeRule>
</AttributeFilterPolicy>
<!-- Rule to honour Subject ID requirement tag in metadata. Used in combination with Geant/Refeds Code of Conduct v* -->
<!-- Code of Conduct can be combined with other entity categories -->
<!-- Supports data minimalisation to prevent subject-id and pairwise-id being released together -->
<AttributeFilterPolicy id="subject-identifiers">
<PolicyRequirementRule xsi:type="OR">
<Rule xsi:type="EntityAttributeExactMatch" attributeName="http://macedir.org/entity-category" attributeValue="http://www.geant.net/uri/dataprotection-code-of-conduct/v1" />
<Rule xsi:type="EntityAttributeExactMatch" attributeName="http://macedir.org/entity-category" attributeValue="https://refeds.org/category/code-of-conduct/v2" />
</PolicyRequirementRule>
<AttributeRule attributeID="samlPairwiseID">
<PermitValueRule xsi:type="AND">
<Rule xsi:type="Value" value="student" ignoreCase="true" /NOT">
<Rule xsi:type="ValueEntityAttributeExactMatch" valueattributeName="staffhttp://macedir.org/entity-category" ignoreCaseattributeValue="truehttps://refeds.org/category/personalized" />
<Rule xsi:type="Value" value="alum" ignoreCase="true" />
</Rule>
<Rule xsi:type="OR">
<Rule xsi:type="ValueEntityAttributeExactMatch" valueattributeName="memberurn:oasis:names:tc:SAML:profiles:subject-id:req" ignoreCase="true" />
<Rule xsi:type="Value" value="affiliate" ignoreCase="true" />
attributeNameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" attributeValue="pairwise-id" />
<Rule xsi:type="ValueEntityAttributeExactMatch" value="employee" ignoreCase="true" />
<Rule xsi:type="Value" value="library-walk-in" ignoreCase="trueattributeName="urn:oasis:names:tc:SAML:profiles:subject-id:req" attributeNameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" attributeValue="any" />
</Rule>
</PermitValueRule>
</AttributeRule>
<AttributeRule attributeID="eduPersonAffiliation">
<PermitValueRule xsi:type="AttributeInMetadata" onlyIfRequired="true" />
</AttributeRule>
<AttributeRule attributeID="organizationNamesamlSubjectID">
<PermitValueRule xsi:type="AttributeInMetadata" onlyIfRequired="true" /AND">
</AttributeRule>
<AttributeRule<Rule attributeIDxsi:type="norEduOrgAcronymNOT">
<PermitValueRule<Rule xsi:type="AttributeInMetadataEntityAttributeExactMatch" attributeName="http://macedir.org/entity-category" onlyIfRequired="trueattributeValue="https://refeds.org/category/pseudonymous" />
</AttributeRule>Rule>
<AttributeRule attributeID <Rule xsi:type="countryNameEntityAttributeExactMatch">
<PermitValueRule xsi:type="AttributeInMetadata" onlyIfRequired="true attributeName="urn:oasis:names:tc:SAML:profiles:subject-id:req" attributeNameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" attributeValue="subject-id" />
</PermitValueRule>
</AttributeRule>
<AttributeRule attributeID="friendlyCountryName
</AttributeFilterPolicy>
<!-- GEANT Data protection Code of Conduct or REFEDS Data Protection Code of Conduct Entity Category -->
<AttributeFilterPolicy id="releaseToCodeOfConduct">
<PermitValueRule<PolicyRequirementRule xsi:type="AttributeInMetadata" onlyIfRequired="true" /OR">
</AttributeRule>
<AttributeRule attributeID="schacHomeOrganization">
<PermitValueRule<Rule xsi:type="AttributeInMetadataEntityAttributeExactMatch" onlyIfRequiredattributeName="true" />
</AttributeRule>
<AttributeRule attributeID="schacHomeOrganizationType">
<PermitValueRule xsi:type="AttributeInMetadata" onlyIfRequired="true" />
</AttributeRule>
</AttributeFilterPolicy>
<!-- REFEDS Research and Schoolarship -->
<AttributeFilterPolicy id="releaseToRandS">
<PolicyRequirementRulehttp://macedir.org/entity-category" attributeValue="http://www.geant.net/uri/dataprotection-code-of-conduct/v1" />
<Rule xsi:type="EntityAttributeExactMatch"
attributeName="http://macedir.org/entity-category"
attributeValue="httphttps://refeds.org/category/research-and-scholarship" />
<!-- eduPersonTargetedID should only be released in with the entity category REFEDS Research & Scholarship if eduPersonPrincipalName is reassignable -->
/category/code-of-conduct/v2" />
</PolicyRequirementRule>
<AttributeRule attributeID="eduPersonTargetedID">
<PermitValueRule xsi:type="NOT">
<Rule xsi:type="Value" value="https://refeds.org/assurance/ID/eppn-unique-no-reassign"AttributeInMetadata" onlyIfRequired="true" />
</AttributeRule>
<AttributeRule attributeID="eduPersonAssuranceeduPersonPrincipalName" />
</PermitValueRule>
<PermitValueRule xsi:type="AttributeInMetadata" onlyIfRequired="true" />
</AttributeRule>
<AttributeRule attributeID="displayNameeduPersonOrcid">
<PermitValueRule xsi:type="ANYAttributeInMetadata" onlyIfRequired="true" />
</AttributeRule>
<AttributeRule attributeID="givenNamenorEduPersonNIN">
<PermitValueRule xsi:type="ANYAND" />
</AttributeRule>
<AttributeRule attributeID="surname">
<PermitValueRule <Rule xsi:type="AttributeInMetadata" onlyIfRequired="true" />
<Rule xsi:type="RegistrationAuthority" registrars="ANYhttp://www.swamid.se/" />
</PermitValueRule>
</AttributeRule>
<AttributeRule attributeID="mailpersonalIdentityNumber">
<PermitValueRule xsi:type="ANYAND" />
</AttributeRule>
<AttributeRule attributeID="eduPersonUniqueId">
<PermitValueRule<Rule xsi:type="AttributeInMetadata" onlyIfRequired="ANYtrue" />
</AttributeRule>
<AttributeRule attributeID="eduPersonAssurance">
<PermitValueRule<Rule xsi:type="ANYRegistrationAuthority" registrars="http://www.swamid.se/" />
</PermitValueRule>
</AttributeRule>
<AttributeRule attributeID="eduPersonPrincipalNameschacDateOfBirth">
<PermitValueRule xsi:type="AttributeInMetadata" onlyIfRequired="ANYtrue" />
</AttributeRule>
<AttributeRule attributeID="eduPersonScopedAffiliation">
<PermitValueRule<AttributeRule xsi:typeattributeID="ORmail">
<Rule<PermitValueRule xsi:type="ValueAttributeInMetadata" valueonlyIfRequired="facultytrue" ignoreCase/>
</AttributeRule>
<AttributeRule attributeID="truemailLocalAddress" />
<Rule<PermitValueRule xsi:type="ValueAttributeInMetadata" valueonlyIfRequired="student" ignoreCase="true" /true" />
</AttributeRule>
<AttributeRule attributeID="cn">
<Rule<PermitValueRule xsi:type="ValueAttributeInMetadata" valueonlyIfRequired="stafftrue" ignoreCase/>
</AttributeRule>
<AttributeRule attributeID="truedisplayName" />
<Rule<PermitValueRule xsi:type="ValueAttributeInMetadata" value="alum" ignoreCaseonlyIfRequired="true" />
</AttributeRule>
<Rule xsi:type="Value" value="member" ignoreCase="true" /<AttributeRule attributeID="givenName">
<Rule<PermitValueRule xsi:type="ValueAttributeInMetadata" valueonlyIfRequired="affiliatetrue" ignoreCase/>
</AttributeRule>
<AttributeRule attributeID="truesn" />
<Rule<PermitValueRule xsi:type="ValueAttributeInMetadata" valueonlyIfRequired="employee" ignoreCase="true" /true" />
</AttributeRule>
<AttributeRule attributeID="eduPersonAssurance">
<Rule<PermitValueRule xsi:type="Value" value="library-walk-inAttributeInMetadata" ignoreCaseonlyIfRequired="true" />
</PermitValueRule>AttributeRule>
</AttributeRule>
</AttributeFilterPolicy>
<!-- DEPRECATED entity-category-swamid-research-and-education WILL BE REMOVED 2020-10-31 -->
<AttributeFilterPolicy id="entity-category-research-and-education <AttributeRule attributeID="eduPersonScopedAffiliation">
<PolicyRequirementRule <PermitValueRule xsi:type="AND">
<Rule xsi:type="OR""AttributeInMetadata" onlyIfRequired="true" />
<Rule xsi:type="EntityAttributeExactMatchOR">
attributeName="http://macedir.org/entity-category"
attributeValue="http://www.swamid.se/category/eu-adequate-protection<Rule xsi:type="Value" value="faculty" caseSensitive="false" />
<Rule xsi:type="EntityAttributeExactMatch"
Value" value="student" caseSensitive="false" />
attributeName="http://macedir.org/entity-category"
attributeValue="http://www.swamid.se/category/nren-service<Rule xsi:type="Value" value="staff" caseSensitive="false" />
<Rule xsi:type="EntityAttributeExactMatch"
attributeName="http://macedir.org/entity-category"
attributeValue="http://www.swamid.se/category/hei-serviceValue" value="alum" caseSensitive="false" />
</Rule>
<Rule xsi:type="EntityAttributeExactMatch"
"Value" value="member" caseSensitive="false" />
attributeName="http://macedir.org/entity-category"
attributeValue="http://www.swamid.se/category/research-and-education<Rule xsi:type="Value" value="affiliate" caseSensitive="false" />
</PolicyRequirementRule>
<AttributeRule attributeID="givenName">
<PermitValueRule<Rule xsi:type="Value" value="ANY"employee" caseSensitive="false" />
</AttributeRule>
<AttributeRule attributeID="surname">
<PermitValueRule xsi:type="ANY <Rule xsi:type="Value" value="library-walk-in" caseSensitive="false" />
</AttributeRule>Rule>
<AttributeRule attributeID="displayName">
<PermitValueRule xsi:type="ANY" />
</PermitValueRule>
</AttributeRule>
<AttributeRule attributeID="commonNameeduPersonAffiliation">
<PermitValueRule xsi:type="ANY" />
</AttributeRule>
<AttributeRule attributeID="eduPersonPrincipalName">
<PermitValueRule xsi:type="ANYAttributeInMetadata" onlyIfRequired="true" />
</AttributeRule>
<AttributeRule attributeID="eduPersonAssuranceo">
<PermitValueRule xsi:type="ANY"AttributeInMetadata" onlyIfRequired="true" />
</AttributeRule>
<AttributeRule attributeID="mailnorEduOrgAcronym">
<PermitValueRule xsi:type="AttributeInMetadata" onlyIfRequired="ANYtrue" />
</AttributeRule>
<AttributeRule attributeID="eduPersonScopedAffiliationc">
<PermitValueRule xsi:type="AttributeInMetadata" onlyIfRequired="ORtrue" />
<Rule xsi:type="Value" value="faculty" ignoreCase="true" /</AttributeRule>
<AttributeRule attributeID="co">
<Rule<PermitValueRule xsi:type="ValueAttributeInMetadata" valueonlyIfRequired="student" ignoreCase="true" /true" />
</AttributeRule>
<AttributeRule attributeID="schacHomeOrganization">
<Rule<PermitValueRule xsi:type="ValueAttributeInMetadata" value="staff" ignoreCaseonlyIfRequired="true" />
<Rule xsi:type="Value" value="alum" ignoreCase="true" /</AttributeRule>
<AttributeRule attributeID="schacHomeOrganizationType">
<Rule<PermitValueRule xsi:type="ValueAttributeInMetadata" value="member" ignoreCaseonlyIfRequired="true" />
<Rule xsi:type="Value" value="affiliate" ignoreCase="true" />
<Rule xsi:type="Value" value="employee" ignoreCase="true" />
<Rule</AttributeRule>
</AttributeFilterPolicy>
<!-- REFEDS Research and Scholarship Entity Category -->
<AttributeFilterPolicy id="releaseToRefedsResearchAndScholarship">
<PolicyRequirementRule xsi:type="ValueEntityAttributeExactMatch" valueattributeName="library-walk-in" ignoreCase="true"http://macedir.org/entity-category" attributeValue="http://refeds.org/category/research-and-scholarship" />
</PermitValueRule>
</AttributeRule>
<AttributeRule attributeID="organizationNameeduPersonTargetedID">
<PermitValueRule xsi:type="ANYNOT" />
</AttributeRule>
<AttributeRule attributeID="norEduOrgAcronym">
<PermitValueRule xsi:type="ANY <Rule xsi:type="Value" value="https://refeds.org/assurance/ID/eppn-unique-no-reassign" attributeID="eduPersonAssurance" />
</PermitValueRule>
</AttributeRule>
<AttributeRule attributeID="countryNamedisplayName">
<PermitValueRule xsi:type="ANY" />
</AttributeRule>
<AttributeRule attributeID="friendlyCountryNamegivenName">
<PermitValueRule xsi:type="ANY" />
</AttributeRule>
<AttributeRule attributeID="schacHomeOrganizationsn">
<PermitValueRule xsi:type="ANY" />
</AttributeRule>
</AttributeFilterPolicy>
<!-- DEPRECATED entity-category-sfs-1993-1153 WILL BE REMOVED 2020-10-31-->
<AttributeFilterPolicy id="entity-category-sfs-1993-1153">
<PolicyRequirementRule</AttributeRule>
<AttributeRule attributeID="mail">
<PermitValueRule xsi:type="EntityAttributeExactMatchANY" />
attributeName="http://macedir.org/entity-category"</AttributeRule>
<AttributeRule attributeID="eduPersonAssurance">
attributeValue="http://www.swamid.se/category/sfs-1993-1153<PermitValueRule xsi:type="ANY" />
</AttributeRule>
<AttributeRule attributeID="norEduPersonNINeduPersonPrincipalName">
<PermitValueRule xsi:type="ANY" />
</AttributeRule>
<AttributeRule attributeID="eduPersonAssurance">
<PermitValueRule
<AttributeRule attributeID="eduPersonScopedAffiliation">
<PermitValueRule xsi:type="OR">
<Rule xsi:type="Value" value="faculty" caseSensitive="false" />
<Rule xsi:type="ANY" />
</AttributeRule>
</AttributeFilterPolicy>
<!-- Examples of entityId based release to Service Providers -->
<!-- Release to testshib.org -->
<!--
<AttributeFilterPolicy id="testShib">
<PolicyRequirementRuleValue" value="student" caseSensitive="false" />
<Rule xsi:type="RequesterValue" value="https://sp.testshib.org/shibboleth-sp" />
<AttributeRule attributeID="givenName">
<PermitValueRule"staff" caseSensitive="false" />
<Rule xsi:type="Value" value="alum" caseSensitive="false" />
<Rule xsi:type="ANY" />
</AttributeRule>
<AttributeRule attributeID="commonName">
<PermitValueRuleValue" value="member" caseSensitive="false" />
<Rule xsi:type="ANY" />
</AttributeRule>
<AttributeRule attributeID="surname"Value" value="affiliate" caseSensitive="false" />
<PermitValueRule <Rule xsi:type="ANY" />
</AttributeRule>
<AttributeRule attributeID="principal">
<PermitValueRule xsi:type="ANY" />
Value" value="employee" caseSensitive="false" />
<Rule xsi:type="Value" value="library-walk-in" caseSensitive="false" />
</PermitValueRule>
</AttributeRule>
</AttributeFilterPolicy>
-->
<!-- NyA-webben UHRESI European Student Identifier -->
<!--
<AttributeFilterPolicy id="releaseNyAwebbenEntitlement">
<PolicyRequirementRule xsi:type="OR">
<Rule <AttributeFilterPolicy id="entity-category-european-student-identifier">
<PolicyRequirementRule xsi:type="EntityAttributeExactMatch" attributeName="http://macedir.org/entity-category" attributeValue="https://myacademicid.org/entity-categories/esi" />
<AttributeRule attributeID="schacPersonalUniqueCode">
<PermitValueRule xsi:type="RequesterValueRegex" valueregex="https://expert.antagning.se/ecs-sp" />
<Rule xsi:type="Requester" value="https://expert.testa.antagning.se/ecs-sp" />
<Rule^urn:schac:personalUniqueCode:int:esi:.*" />
</AttributeRule>
</AttributeFilterPolicy>
<!-- Sectigo -->
<AttributeFilterPolicy id="releaseSectigoAttributeBundle">
<PolicyRequirementRule xsi:type="Requester" value="https://expert.testb.antagning.se/ecs-sp" />
</PolicyRequirementRule>
cert-manager.com/shibboleth" />
<AttributeRule attributeID="NyAwebbenEntitlementeduPersonPrincipalName">
<PermitValueRule xsi:type="ANY" />
</AttributeRule>
</AttributeFilterPolicy>
-->
<!-- New TCS Personal -->
<!--
<AttributeFilterPolicy id="releaseTcsPersonalEntitlement">
<PolicyRequirementRule xsi:type="Requester" value="https://www.digicert.com/sso <AttributeRule attributeID="displayName">
<PermitValueRule xsi:type="ANY" />
</AttributeRule>
<AttributeRule attributeID="displayNamegivenName">
<PermitValueRule xsi:type="ANY" />
</AttributeRule>
<AttributeRule attributeID="eduPersonPrincipalNamemail">
<PermitValueRule xsi:type="ANY" />
</AttributeRule>
<AttributeRule attributeID="tcsPersonalEntitlementsn">
<PermitValueRule xsi:type="ANY" />
</AttributeRule>
<AttributeRule attributeID="mailschacHomeOrganization">
<PermitValueRule xsi:type="ANY" />
</AttributeRule>
<AttributeRule attributeID="schacHomeOrganizationtcsPersonalEntitlement">
<PermitValueRule xsi:type="ANY"/>
</AttributeRule>
< </AttributeFilterPolicy>
-->
<!-- PLACEHOLDER DO NOT REMOVE -->
</AttributeFilterPolicyGroup> |