diff options
author | Paul Scott <paul.scott@kau.se> | 2019-08-12 08:40:47 +0000 |
---|---|---|
committer | Paul Scott <paul.scott@kau.se> | 2019-08-12 08:40:47 +0000 |
commit | bf527c8c7b3307a05809fd10383800c6790bb992 (patch) | |
tree | 3ad712643a129b53e755005e745b6066204602ce | |
parent | d5061032f04f81cc64479e6f6e8350f5060183ad (diff) |
Partially resolves SWAMID-2330
-rw-r--r-- | swamid-2.0/nyainloggning-test.hv.se-shibboleth.xml | 99 |
1 files changed, 70 insertions, 29 deletions
diff --git a/swamid-2.0/nyainloggning-test.hv.se-shibboleth.xml b/swamid-2.0/nyainloggning-test.hv.se-shibboleth.xml index 1ff0786a..528ab2dc 100644 --- a/swamid-2.0/nyainloggning-test.hv.se-shibboleth.xml +++ b/swamid-2.0/nyainloggning-test.hv.se-shibboleth.xml @@ -1,5 +1,5 @@ <?xml version="1.0" encoding="UTF-8"?> -<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://nyainloggning-test.hv.se/shibboleth"> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://nyainloggning-test.hv.se/Shibboleth"> <md:Extensions> <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/"> <mdrpi:RegistrationPolicy xml:lang="en">https://www.sunet.se/wp-content/uploads/2016/08/SWAMID-Metadata-Registration-Practice-Statement-v2.pdf</mdrpi:RegistrationPolicy> @@ -28,10 +28,11 @@ </samla:Attribute> </mdattr:EntityAttributes> </md:Extensions> - <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol"> + <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <md:Extensions> - <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/WAYF/testa.antagning.se"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/WAYF/shibboleth.antagning.se"/> <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/Login"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/Login" index="1"/> <mdui:UIInfo> <mdui:DisplayName xml:lang="en">University West user account activation and password reset</mdui:DisplayName> <mdui:DisplayName xml:lang="sv">Högskolan Väst kontoaktivering och lösenordsåterställning</mdui:DisplayName> @@ -44,32 +45,70 @@ <mdui:InformationURL xml:lang="sv">https://mittkonto.hv.se</mdui:InformationURL> </mdui:UIInfo> </md:Extensions> - <md:KeyDescriptor> + <md:KeyDescriptor use="signing"> <ds:KeyInfo> - <ds:KeyName>lkubik03</ds:KeyName> - <ds:KeyName>lkubik03.server.hv.se</ds:KeyName> + <ds:KeyName>w16token02.wad.hv.se</ds:KeyName> <ds:X509Data> - <ds:X509SubjectName>CN=lkubik03.server.hv.se</ds:X509SubjectName> - <ds:X509Certificate>MIIDEDCCAfigAwIBAgIJAJQu73IMZUmZMA0GCSqGSIb3DQEBBQUAMCAxHjAcBgNV -BAMTFWxrdWJpazAzLnNlcnZlci5odi5zZTAeFw0xMzAzMjYxMDIzNDZaFw0yMzAz -MjQxMDIzNDZaMCAxHjAcBgNVBAMTFWxrdWJpazAzLnNlcnZlci5odi5zZTCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPD3jDIDEGCDGN/AtNGIFaMcCo8x -xGdtE/WXJMsFR6h/K+t3LFu+80yl5j9ecWE3Wb2yxb17yhhH/osmf0yVIiopmI3s -yrI/V0k60irTj+Nm//CsSrufXA0OzOAqGWg45Gnd5sYPNxavSxs64yqH4qQa2EZ2 -eAfQGw1Vwd4qEM7rN2FS7HC2UBo7fNnwfBSQOHXF0+IaxCnY8UJmiZbzHH/mAKnd -w8lORZFX71OOtFPaRIu3FCNbRywNSwmZmjInHJ2Qk3sx3fMUvRAxsCcZGyQBYFKJ -7n3GL+C+Oz9kY7R822X4Ju02LjzHEC1Yv8Bbqkg9lw4t3jy9bQ6Kl1hXivkCAwEA -AaNNMEswKgYDVR0RBCMwIYIVbGt1YmlrMDMuc2VydmVyLmh2LnNlhghsa3ViaWsw -MzAdBgNVHQ4EFgQU5evNJSL0xGlOMvuNQe9CYskWLugwDQYJKoZIhvcNAQEFBQAD -ggEBAOQPeDjPGRUuslXKxdxxdS1IUOggl/mdLdZq5rEWfAOl1ZmbByPG3AGVcfqN -CJ9+YY3D2LKa0O3ofB33GMNOM2BHhPBFRNplDscgbXkYqddYUk6QKGVeFKvNaw36 -jtoWM6zfYNp3Ih3RDY9piULYhsCAiiWhLQ1hrnRORtl2//QY0WJdKIZlsUeNKXe9 -LIQW5tVzAQ6Ch8krK8ZflILLEeuRe7YWVcc46GGz7vGeGde5/Ne6dlY1sxXUyZgI -J2hIwcyB1uysRe0st47mthLiPCt13JSKmmL+h4CBJXvCuDXugqlwJfSqZFgFtkSD -5vNZODdjefAAsfNUgVbO0DXQvSI= + <ds:X509SubjectName>CN=w16token02.wad.hv.se</ds:X509SubjectName> + <ds:X509Certificate>MIIEDjCCAnagAwIBAgIUAmeIyTNRvqavMyNVlZbUKrFfB90wDQYJKoZIhvcNAQEL +BQAwHzEdMBsGA1UEAxMUdzE2dG9rZW4wMi53YWQuaHYuc2UwHhcNMTkwMjEzMTQ1 +NjI1WhcNMjkwMjEwMTQ1NjI1WjAfMR0wGwYDVQQDExR3MTZ0b2tlbjAyLndhZC5o +di5zZTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALS/s8u7vAvqTL4g +irOc7Z4iVws/kFAUCL2cdq3VELvZDw86XuWeQlBLSf/ZNb/pZDX/osuzdNnn7NVR +0+srV0Fg3BoD+EiJpATWqEXv5gvwEigpZWFyTxERkpptZVJvjI4ySuC7mtPjcf53 +0tD190G9kS60p+ayw5M/EokxE+d6DcdvA+ETY1Zbpv0YZ6Akn1yFtOhYt+6anfzI +g5TgK6XfyUZpI7gc/jivt2ZLi6KZCMCRFQw/m9ljg2jBVNBNlsT4+4oXA2a2S9l3 +qO53fk0cOyYcU6xFqxcyYxm0VHqKmZTi8GlpN/XHgVQyCY+wApROSlHZpUuPC1FV +7JP1WKKb94UI21I7CRQi7N+Id0Q2GS1pogDjNqTb/s35JOgOjgMnTayPAF1dA9qa +ywM4LlsAi7Ptg0MNYb/78sv7C4YpNs8y5u62bKsW6P9B2maJfi5H/ZSaYmmdijvp +SyGqJ1J35FhHIyB0GjLeI/1XxLMYX32OrGi9gOiSji+S8C1BlQIDAQABo0IwQDAf +BgNVHREEGDAWghR3MTZ0b2tlbjAyLndhZC5odi5zZTAdBgNVHQ4EFgQUT8NZwmbh +rgZxQe44pg7ChKLXSX4wDQYJKoZIhvcNAQELBQADggGBAA3J09Z58KzBxYKmMB7T +abRUfVgsINHO7bYOydBVDUPgXjEAGK+Cu0wuwTnTLWIEKipyYbYPuXrTY4X4Emx/ +3C+dVHKSNSGktH2sgX/tISvmjAwgXc9hqJLYCFgSoWOPB4cPXTAcnRQDK2HoBegY +bi5InMZI3lf6wmsojZPR24acC9zrzDRDH1OsPNzzk+8OcT3Qmksa5jeupwCfuCfL +OMscHRHK72x0ZR2Az22v8/i7JpkNLzy91q74z1oKCjevr0wsWB6pyNT/XQteuTSs +4hduNux0ReRpuJ63Q5CBcKlrqThVwGNhxXPofBQ2dxQyP5wX0Zj7i1XO6WiOFr5o +HpVGbRG7dQZOopj/kV2SoP3fAvAUY5pb0I/0QCbCJiaIvljndQDwRTVkgbF8pQzv +owPw8kGjqmO270eaenW+aaFaoba+daV/dR9BIItpU2P3vxrnRHgBT9Y0t1Lsa7ZM +g5I8h80BOYvVWyllh9NSIkb+NHv3b/lsecOXQq2CbLaBBw== </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> + </md:KeyDescriptor> + <md:KeyDescriptor use="encryption"> + <ds:KeyInfo> + <ds:KeyName>w16token02.wad.hv.se</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=w16token02.wad.hv.se</ds:X509SubjectName> + <ds:X509Certificate>MIIEDjCCAnagAwIBAgIUBCS3GEOGF97bytZorcjltgkB630wDQYJKoZIhvcNAQEL +BQAwHzEdMBsGA1UEAxMUdzE2dG9rZW4wMi53YWQuaHYuc2UwHhcNMTkwMjEzMTQ1 +NjIzWhcNMjkwMjEwMTQ1NjIzWjAfMR0wGwYDVQQDExR3MTZ0b2tlbjAyLndhZC5o +di5zZTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALjpVfhy2ZotGen4 +WtTq+8IPd/+0teGHooZVpXjk4lZp/QsnLtmD4131Fn1OS/okGFqQE8PR05XefBQC +vYAP5DNwhVnyXHdjQtOZbaI2G9yhnFu34360+tmxmHoMOEmGFPbfrvzA737+ZQ8t +u/D3lBdjY0xT+5PNYal4o+k0xFmgq0lFTt/b+rn/bbRcbSheNcLIXtwgLQu06oZ9 +/kClQmTGCjks5R1vayxay5QTw67KArZXk7h44JOdIp/AnvFvzbfsjXHx2LA3cwaF +BxS42SI6ZEPMpLZKCYptQmZnNvj6vxJjYrG8A7m8neqG1c8DxyST2AinMFjEbyH3 +CYS7e/moYrhS7c4gGgaQIIWXe8nmnOdaORmoBWwHLhThH6N+Mv+v6VTtnN41fCGt +3uu3e9CFahAdrIwfkbZXulU4iO3UEcheW6mk6NTrpMiVeXMALlqE7rRGj91pAUie +iT3lRdfOd4AUWDzuGjWAT3sG1aNOgVe3fB8CCQqyMxqeSj4pvQIDAQABo0IwQDAf +BgNVHREEGDAWghR3MTZ0b2tlbjAyLndhZC5odi5zZTAdBgNVHQ4EFgQU6oEGJvHe +56gtvDV7wj6Wal2GEfMwDQYJKoZIhvcNAQELBQADggGBAJYkx7Ur7t42snrSfprX +YaumK4KT8GyXfycREfHmElS9xLThNGkqr2ALTr645/5Fn7tbJNHB7GSdyKBDHEZa +DzNZRWw+ND+uM7MrqN3STOcVY2e0HfSpNMSDeNkyic6kTAKDWBZXib6RMaX3/of3 +7wnHMpE6T+oFOCg94UGNYtctjAJZzZl59o3o75anylR7o+aXwvunfT/vq7sZK2IH +GGhn1nj3i76lRljyMKFVp9As1vzLGUd8MCCnwlimvKUOWVTFVXeyLTJ6fgMi5DTJ +xFs6d/pbv8ZpfBrcVzg8A/TXtznNT2PL7VW8vEPmse8mPQrnsRQDij23mVwkgJXq +2akFd/ElCXI9x0lb7Df0T8N4+NB1i6vCmdhDQSgjV4NSvsW/cJCvvGVl+ff7weT4 +z6+7PZ+5rd/cobHS16LmJC+dsgpuPCY6r8+HuI3nGezZYDAhKjfOR/6Ikno8/eEW +kAVNeiHld7cgAfvBDN59cQlSlpraBCjnkV8WAMXDcFJ/7A== +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> @@ -82,10 +121,12 @@ J2hIwcyB1uysRe0st47mthLiPCt13JSKmmL+h4CBJXvCuDXugqlwJfSqZFgFtkSD <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/SLO/POST"/> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/SLO/Redirect"/> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/SLO/SOAP"/> - <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/SAML/Artifact" index="6"/> - <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/SAML/POST" index="7"/> - <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/SAML2/Artifact" index="8"/> - <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/SAML2/ECP" index="9"/> - <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/SAML2/POST" index="10"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/SAML2/Artifact" index="3"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/SAML2/ECP" index="4"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/SAML2/POST" index="5"/> </md:SPSSODescriptor> + <md:ContactPerson contactType="technical"> + <md:SurName>Christian Jiresjö</md:SurName> + <md:EmailAddress>mailto:christian.jiresjo@hv.se</md:EmailAddress> + </md:ContactPerson> </md:EntityDescriptor> |