summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFredrik Domeij <fredrik.domeij@umu.se>2017-07-17 08:58:36 +0200
committerFredrik Domeij <fredrik.domeij@umu.se>2017-07-17 08:58:36 +0200
commit567707b5db5e567c4fd3682b8b20081c65a7e2b6 (patch)
tree1366fccf11314ca43bacc0715370fe102725e1fd
parent69caff1b0354ac816669acc7d5325a5dd4e8e0ad (diff)
IDPSSODescripts removed from SP:s, they should not be there and confuses by showing up in discovery service
Diffstat
-rw-r--r--Makefile6
-rw-r--r--swamid-2.0/id.statenssc.se-adfs-services-trust.xml98
-rw-r--r--swamid-2.0/konto.hig.se-443-idm.xml50
-rw-r--r--swamid-2.0/te-id.statenssc.se-adfs-services-trust.xml95
4 files changed, 5 insertions, 244 deletions
diff --git a/Makefile b/Makefile
index cbe37e44..23ebe5df 100644
--- a/Makefile
+++ b/Makefile
@@ -168,6 +168,10 @@ testMDUI:
@echo "Check for IdP:s with Logos over http"
@for x in `find $(SRCDIRS) -name \*.xml`; do if cat $$x | sed -n '/IDPSSODescriptor/,/\/IDPSSODescriptor/p' | grep -q 'Logo .*http://' ; then echo " $$x" | sed 's/.*/&/' ; fi ; done
+testIdPinSP:
+ @echo "Check that SP:s does not define IDPSSODescriptor"
+ @for spfile in `cat swamid-sp-2.0.mxml swamid-externals-sp-2.0.xml | grep -v "\.mxml$$" | grep "xi:include" | awk -F\" '{print $$2}'` ; do grep -q IDPSSODescriptor $$spfile && echo " $$spfile" | sed 's/.*/&/' ; done | grep . && exit 1 || exit 0
+
testMDUIreach:
@echo "Check that MDUI URLs are reachable"
@cat swamid-idp-2.0.mxml swamid-sp-2.0.mxml swamid-externals-sp-2.0.xml | grep -v "\.mxml$$" | grep "xi:include" | awk -F\" '{print $$2}' | \
@@ -199,7 +203,7 @@ testBadStrings:
@echo "Check for bad strings in metadata"
@for x in `find $(SRCDIRS) -name \*.xml`; do grep -E 'ServiceName xml:lang="[^"]*"/>' $$x | sed 's/^/ /' ; done | grep . && exit 1 || exit 0
-committest: test testMDUI testOrgData testEntCat testSimpleSign testALlevel testRefedsRnS testGeantCoCo testMetadataUsage testBadStrings
+committest: test testMDUI testOrgData testEntCat testSimpleSign testALlevel testRefedsRnS testGeantCoCo testMetadataUsage testBadStrings testIdPinSP
deeptest: committest testMDUIreach
diff --git a/swamid-2.0/id.statenssc.se-adfs-services-trust.xml b/swamid-2.0/id.statenssc.se-adfs-services-trust.xml
index c372afb5..64bd601e 100644
--- a/swamid-2.0/id.statenssc.se-adfs-services-trust.xml
+++ b/swamid-2.0/id.statenssc.se-adfs-services-trust.xml
@@ -710,104 +710,6 @@
<AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://id.statenssc.se/adfs/ls/" index="1"/>
<AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://id.statenssc.se/adfs/ls/" index="2"/>
</SPSSODescriptor>
- <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC4DCCAcigAwIBAgIQTJDRE11esadK2AHqvGUBATANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDEyFBREZTIEVuY3J5cHRpb24gLSBpZC5zdGF0ZW5zc2Muc2UwHhcNMTQwOTA3MjEyNzQxWhcNMTkwOTA3MjEyNzQxWjAsMSowKAYDVQQDEyFBREZTIEVuY3J5cHRpb24gLSBpZC5zdGF0ZW5zc2Muc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI9BftUUS6LbxyhTUbpziaaY+7WyOKUXkHguFyFiL6nSdAn4R14TuJFug8uJCCRY6UEcEAn18QWgW1FvUyf7Zbzpu+U0XGq4QRy+GTbCIWeLmQAc9QFAjbOSqv7TMkgHg2Jo46L8/0ttgr+olPYTO454Ft7XuOm27WasCxrYxOo7tTd3w1YXz9CUtVxdnKPf3stxa+3RqlatrKansieOnI6YbStnhdM42l4S0cSer4Eu5SOakpFQH/BSdNrVV0knQih7seyhv6TmeK0bCYWriPS4lAAPJ8sllzWDQmhX7w8HJB8DFtMdHG4lrmahH3r7uUd/2+uzHjAWBhu2xq80uZAgMBAAEwDQYJKoZIhvcNAQELBQADggEBALFrJzyXfTeY2jyFWVq9jDjxQCm7D6oMipzbn2auPNku5HeUtQaKrnxjp3HFGFkeHMw2WxCo+n2UUsGEnSm4MiszNfHinkVu7KnHxMp3CnkfS6NMWyyGZQ/Sfi71ubMHmEsQrv4GJX4Mcvw4yaI/Ae59IQeUSBLPNzcsvYBtwq3EM/vSwAQpD1PNZEwh8/B/8BsutnvbAEExlUtU9EKxzUX4xl1SNnvDKIMEVue4Qm8DrjhEuLl/8uImfHPCnHcqN4tEe6gJoxBw767istcZmNLTYcJkCEMkL79vetgFad8UZWjJyaUCj16S2bd8w3NlXrb26a1iFj0Fxx9+p7QOSxE=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC2jCCAcKgAwIBAgIQNiJSeyIIjZNIgrCFtM7wjzANBgkqhkiG9w0BAQsFADApMScwJQYDVQQDEx5BREZTIFNpZ25pbmcgLSBpZC5zdGF0ZW5zc2Muc2UwHhcNMTQwOTA3MjEyNzQzWhcNMTkwOTA3MjEyNzQzWjApMScwJQYDVQQDEx5BREZTIFNpZ25pbmcgLSBpZC5zdGF0ZW5zc2Muc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvyasbdU+qo4Km/Ci2Y4dQynGCmV4N7mhiGZfZy4NGXJLAxY5a93M7pVHSanprju2M1IiwOu0TM7yR7glBW5kgry8G0/qwIEkcB0NtyDnSfF9qpVcwL7SQUL+pcVSRzOIMYaCHr3uydSkqfenSpCo2pQskT4fI3H6WuIt+ssttqzjh107bjfO7jaywV4VsvT6hx2j1PhW9H3h6c1ax6aMSRhBEcutS/SQ4JvULdcM/yITMs+YfN+5uRDUy2OpwPuXNTeNZ6N5lNH/zUCGdVCiz0GP5t6n6591u6vfo62PaIOLvKjmDpyhZEKBXnei2ccZiv01ErQn1U1EjUj3NG9MFAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAFZAIg+ngKrFMBkD6dD3THPK8ky0FxH7hCSASthn1PdIRQCorKIemqglV8yc+hadK+jK6//vc0xRk102Ku6t3T1ThWlTZluJt/WcZ1hb1p+hq3ZaxLSZkzEiu5G2xCPsAXg3QBQO1JyW8j+VnT4ls+wm/QQyG96W42O7bws7b6GWKsmfJNQgbrZDAxFuXKcO8jTP6iqXoRUARSHCe1sUBP+vqKZXE1Pgvwdvo69tqmK3uIUPDlj7cPCs1y01xiPw4qhPzLYyW60epOaGvC2yy4ecsGV9F1NAIbNFU+V2Gdu91bKYAqTt+bNUBMc9ikKy0R84W9Gqj8/vlys8IL5IIWU=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://id.statenssc.se/adfs/ls/"/>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://id.statenssc.se/adfs/ls/"/>
- <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
- <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://id.statenssc.se/adfs/ls/"/>
- <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://id.statenssc.se/adfs/ls/"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonPrincipalName"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://statenssc.se/claims/organisationsnummer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Organisationsnummer"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://statenssc.se/claims/personnummer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Personnummer"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Efternamn OID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Förnamn OID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.2.752.29.4.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Organisationsnummer OID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.2.752.29.4.13" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Personnummer OID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://statenssc.se/claims/hermes" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Hermes kod"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-post OID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://statenssc.se/claims/myndighet" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Myndighet"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://statenssc.se/claims/useridnoprefix" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UserId No Prefix"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2013/11/alternateloginid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Alternate Login ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Request ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication Methods References"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Update Password URL"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Days"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Time"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Inside Corporate Network"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="X.509 Version"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Thumbprint"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V1 Template Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V2 Template Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Key Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Signature Algorithm"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Serial Number"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Alternative Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Raw Data"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Public Key"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Policies"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not Before"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not After"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Key Usage"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Enhanced Key Usage"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Basic Constraint"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authority Key Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application policies"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Proxy"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Endpoint Path"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client IP"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client User Agent"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Application"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Forwarded Client IP"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Managed Device"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS Version"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS type"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration DisplayName"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Registered User"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
- </IDPSSODescriptor>
<Organization>
<OrganizationName xml:lang="sv">Statens Servicecenter</OrganizationName>
<OrganizationDisplayName xml:lang="sv">Ekonomi- och lönetjänster för anställda på svenska myndigheter</OrganizationDisplayName>
diff --git a/swamid-2.0/konto.hig.se-443-idm.xml b/swamid-2.0/konto.hig.se-443-idm.xml
index 6efa2157..55e80928 100644
--- a/swamid-2.0/konto.hig.se-443-idm.xml
+++ b/swamid-2.0/konto.hig.se-443-idm.xml
@@ -70,56 +70,6 @@ toK8L6pqaFCbNOcoCOFIF37SX7skdyefXRiYXwy8Ut7sS211qtLu8w==</ds:X509Certificate>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://konto.hig.se:443/idm/login/saml/SSO" index="0" isDefault="true"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://konto.hig.se:443/idm/login/saml/SSO" index="1"/>
</md:SPSSODescriptor>
- <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
- <md:KeyDescriptor use="signing">
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:X509Data>
- <ds:X509Certificate>MIIC0DCCAbigAwIBAgIJAJEQFd5GvH6uMA0GCSqGSIb3DQEBBQUAMA4xDDAKBgNVBAMTA2lkbTAe
-Fw0xNzAzMTUwOTU5NTRaFw0yNzAzMTMwOTU5NTRaMA4xDDAKBgNVBAMTA2lkbTCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAKND+/+j5dw8lVvCDVB3kmEpsm7Y3Eg+CXcBowsbrUChssqa
-Knnni77xnpfGV2wruaTIP72wAoMJhM5ZU8rnydQkOs3SagZiajcmZ4WwYpZTfYXQ5Ct7I5bK7NFM
-NhjBc0/Nw0fg+49KhdCN+G3BIRXD9hHF1No0kcqVY4TBj2zDuZc4UJh5xBgaqLwjFdJgq7R+T/by
-55YDpZHFg9qLOPNuxBj45ZFL1IiZdX6MWhrJiFEEHOXu0UX1YTD9qWuN5c5Pu9UzBT5A/2F2Wb0r
-GQOwb8xBg3K6bW7/MK5iSnd9ZHQB4JxUhv6ZNJoTz61QMG74R4HEK/Ec4wxid2OjD8MCAwEAAaMx
-MC8wDgYDVR0RBAcwBYIDaWRtMB0GA1UdDgQWBBSvXwTfFmPlpW3GtcMWCEZHVfNEiDANBgkqhkiG
-9w0BAQUFAAOCAQEAFXWOymh7+gGFJPCB0X/WEZZZsW2a02WpB5b3i8XhrqhuWLZvHtw2wjFeW+6N
-cIVc245Q9XCuHJ8eBqgMFeUbKjJ1W4ErZErhhLzWSkemhx4lnCtk5f7L9ZQQXhCSv+jyzS186N4a
-qm9tCcYZrwmpn+zLlwzgmbe3MQfhCP2r1jDC05ALoExL1hNroBz/VwicR11XOZ17zPK1OYwP4ih8
-TnvGP4OWdlxveTP0xwoTTi3lDHoJpzBUHZtZC80w+OuBosPBaq2e2z2UgLOJ25/od3Pue+gfuNmn
-toK8L6pqaFCbNOcoCOFIF37SX7skdyefXRiYXwy8Ut7sS211qtLu8w==</ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- </md:KeyDescriptor>
- <md:KeyDescriptor use="encryption">
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:X509Data>
- <ds:X509Certificate>MIIC0DCCAbigAwIBAgIJAJEQFd5GvH6uMA0GCSqGSIb3DQEBBQUAMA4xDDAKBgNVBAMTA2lkbTAe
-Fw0xNzAzMTUwOTU5NTRaFw0yNzAzMTMwOTU5NTRaMA4xDDAKBgNVBAMTA2lkbTCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAKND+/+j5dw8lVvCDVB3kmEpsm7Y3Eg+CXcBowsbrUChssqa
-Knnni77xnpfGV2wruaTIP72wAoMJhM5ZU8rnydQkOs3SagZiajcmZ4WwYpZTfYXQ5Ct7I5bK7NFM
-NhjBc0/Nw0fg+49KhdCN+G3BIRXD9hHF1No0kcqVY4TBj2zDuZc4UJh5xBgaqLwjFdJgq7R+T/by
-55YDpZHFg9qLOPNuxBj45ZFL1IiZdX6MWhrJiFEEHOXu0UX1YTD9qWuN5c5Pu9UzBT5A/2F2Wb0r
-GQOwb8xBg3K6bW7/MK5iSnd9ZHQB4JxUhv6ZNJoTz61QMG74R4HEK/Ec4wxid2OjD8MCAwEAAaMx
-MC8wDgYDVR0RBAcwBYIDaWRtMB0GA1UdDgQWBBSvXwTfFmPlpW3GtcMWCEZHVfNEiDANBgkqhkiG
-9w0BAQUFAAOCAQEAFXWOymh7+gGFJPCB0X/WEZZZsW2a02WpB5b3i8XhrqhuWLZvHtw2wjFeW+6N
-cIVc245Q9XCuHJ8eBqgMFeUbKjJ1W4ErZErhhLzWSkemhx4lnCtk5f7L9ZQQXhCSv+jyzS186N4a
-qm9tCcYZrwmpn+zLlwzgmbe3MQfhCP2r1jDC05ALoExL1hNroBz/VwicR11XOZ17zPK1OYwP4ih8
-TnvGP4OWdlxveTP0xwoTTi3lDHoJpzBUHZtZC80w+OuBosPBaq2e2z2UgLOJ25/od3Pue+gfuNmn
-toK8L6pqaFCbNOcoCOFIF37SX7skdyefXRiYXwy8Ut7sS211qtLu8w==</ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- </md:KeyDescriptor>
- <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://konto.hig.se:443/idm/profile/SAML2/SOAP/ArtifactResolution" index="1" isDefault="true"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://konto.hig.se:443/idm/profile/SAML2/POST/SLO"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://konto.hig.se:443/idm/profile/SAML2/Redirect/SLO"/>
- <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
- <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
- <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
- <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
- <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName</md:NameIDFormat>
- <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://konto.hig.se:443/idm/profile/SAML2/POST/SSO"/>
- <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://konto.hig.se:443/idm/profile/SAML2/Redirect/SSO"/>
- </md:IDPSSODescriptor>
<md:ContactPerson contactType="administrative">
<md:GivenName>Mona</md:GivenName>
<md:SurName>Åkerman</md:SurName>
diff --git a/swamid-2.0/te-id.statenssc.se-adfs-services-trust.xml b/swamid-2.0/te-id.statenssc.se-adfs-services-trust.xml
index 971465f2..d4b9cb89 100644
--- a/swamid-2.0/te-id.statenssc.se-adfs-services-trust.xml
+++ b/swamid-2.0/te-id.statenssc.se-adfs-services-trust.xml
@@ -677,101 +677,6 @@
<AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://te-id.statenssc.se/adfs/ls/" index="1"/>
<AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://te-id.statenssc.se/adfs/ls/" index="2"/>
</SPSSODescriptor>
- <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC5jCCAc6gAwIBAgIQZmLOGQ7D65NBAKMx53MHTzANBgkqhkiG9w0BAQsFADAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZS1pZC5zdGF0ZW5zc2Muc2UwHhcNMTUwMTEyMTEyOTE0WhcNMjAwMTEyMTEyOTE0WjAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZS1pZC5zdGF0ZW5zc2Muc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/CAXk68VfTOgI12msQPBLuSgUsfMwZYXqBWmBIty2m9HOjbYOMdydFUDihuVEJkNq6OkWrhBs5phBdnEQ2v0aDjXdzp6tVq+h5Kc6508CVUeDDoxE1G4pbylFAZrHMUfVikDKiPlXWkKN2Po7vX6hyKVjUGLLvS42U1DsT98onQNiNsK/XBxddwjFYROCc6dTjx1Y43RTFhR9ycK46Z1PZSHAEIETl4xIqNhLPeGmgdPBtqV4wyk3kidTq2kUbBBjay2i6at/Kq++IM+ZaJpONGGeI02od1BpvNIC8MxnUj7MOWtzucE7R2uWvfjMFbl+NwWly4PaMRpzeCaIbCRfAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAG2y79ay8DN3Lt+Yp+gOtV/FunIZP1Rd1dMBooyoe8Zs/kkddGq6ABIQUwHoddu1Zcjnpa65NWMCO148HjQxcsggX6RXTSevWIUlpWcI95uJkGJpwiMQCcvctMuV3sxIZXezIj5SZcaSNJP+lxhrR2kB4FDf2P0i64YLZvBLmyWG+cuIw5qG8vC44VmPJ8W/dKb50SPHRgLEk2r5EAm3uYCcMvyyT0D4T+xPq+m54mII1Q0P+3irhxqXh4E7a9dI7PrYWqDth9KQtsoRiZveTFqlV4N9DCL9yGbJAyTc7jqDrjSIr2/Koek3PQBI5XO27aLOyhMjYoyYtCv/U96Hbe0=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC4DCCAcigAwIBAgIQPI5QFpf7V4VNKPr18lyOpjANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZS1pZC5zdGF0ZW5zc2Muc2UwHhcNMTUwMTEyMTEyOTE5WhcNMjAwMTEyMTEyOTE5WjAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZS1pZC5zdGF0ZW5zc2Muc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFcAvIAF5haM4s9A7ovFPZnOK0OOV3z62JUfIh7K3mwlL3ff0+PoTBc2zB62uoEq9vpDtIqa/8tP4f8qD2KlflZB6dTwh/N/aKP+w3B+TdpOklH/+/LKsURnO84wqu6XvpznRpO2ZbSE9G0YKOgcCntmKGGVwfINu5PMMBAKFq2VpuUIkdbyn5S7LVpDjggI/4zNtfF+qDij7mAhE5maexf7rLmQvLj9sDAI+tlTAchoNOMSpsBffhIM7jly/97SQWcGePH2+cg68SjxFixGbDteTHwTtAKJr0Gn0HJdK23gUhua95HgZjVodb+oIfQToUOSnxf6Ft+WjxxI+fjQSRAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAKSdqKTbL0DJheNn0dti+oy7z1Y1nPCZx9y3FGTkIesHmh/+cLZmw8rmXdYXi1JsUh3ybwHUSpRY1dYn6Pg34RAPXKzNwOGjFZ6RZ6OTdoloh+hq30efkO0CDYk5xOfBL9Jq686pp+AOGQyYOUZhWz1eocjptzr9Vzspi5BiNNt0y3D42dZz4ebOq89vQRo7+T0Y+t+3Iued8iMolwntCCBuE5TMhYjYjPDGFpF8vQRRJESXa2w5WX/vqq5gZ5G1uHRC5tNngyNtbKzBsu4yq+F7cp+HcxAu9jeYzHHegLn+VO+NRSzc59wZjX3m+g6BeXiv55GXWl31DFf9aEaT6rY=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://te-id.statenssc.se/adfs/ls/"/>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://te-id.statenssc.se/adfs/ls/"/>
- <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
- <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://te-id.statenssc.se/adfs/ls/"/>
- <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://te-id.statenssc.se/adfs/ls/"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Registered User"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration DisplayName"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS type"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS Version"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Managed Device"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Forwarded Client IP"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Application"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client User Agent"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Proxy"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application policies"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authority Key Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Basic Constraint"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Enhanced Key Usage"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Key Usage"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not After"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not Before"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Policies"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Public Key"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Raw Data"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Alternative Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Serial Number"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Signature Algorithm"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Key Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V2 Template Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V1 Template Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Thumbprint"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="X.509 Version"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Inside Corporate Network"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Time"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Days"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Update Password URL"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication Methods References"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Request ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2013/11/alternateloginid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Alternate Login ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-post OID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.2.752.29.4.13" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Personnummer OID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.2.752.29.4.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Organisationsnummer OID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Förnamn OID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Efternamn OID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://statenssc.se/claims/personnummer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Personnummer"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://statenssc.se/claims/organisationsnummer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Organisationsnummer"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonPrincipalName"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://statenssc.se/claims/myndighet" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Myndighet"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://statenssc.se/claims/hermes" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Hermes kod"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.3.6.1.4.1.5923.1.5.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="member"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:2.5.4.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="cn"/>
- </IDPSSODescriptor>
<Organization>
<OrganizationName xml:lang="sv">Statens Servicecenter</OrganizationName>
<OrganizationDisplayName xml:lang="sv">Ekonomi- och lönetjänster för anställda på svenska myndigheter (test)</OrganizationDisplayName>
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-15 12:34:24 +0000