summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPaul Scott <paul.scott@kau.se>2019-08-12 08:40:47 +0000
committerPaul Scott <paul.scott@kau.se>2019-08-12 08:40:47 +0000
commitbf527c8c7b3307a05809fd10383800c6790bb992 (patch)
tree3ad712643a129b53e755005e745b6066204602ce
parentd5061032f04f81cc64479e6f6e8350f5060183ad (diff)
Partially resolves SWAMID-2330
-rw-r--r--swamid-2.0/nyainloggning-test.hv.se-shibboleth.xml99
1 files changed, 70 insertions, 29 deletions
diff --git a/swamid-2.0/nyainloggning-test.hv.se-shibboleth.xml b/swamid-2.0/nyainloggning-test.hv.se-shibboleth.xml
index 1ff0786a..528ab2dc 100644
--- a/swamid-2.0/nyainloggning-test.hv.se-shibboleth.xml
+++ b/swamid-2.0/nyainloggning-test.hv.se-shibboleth.xml
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
-<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://nyainloggning-test.hv.se/shibboleth">
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://nyainloggning-test.hv.se/Shibboleth">
<md:Extensions>
<mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/">
<mdrpi:RegistrationPolicy xml:lang="en">https://www.sunet.se/wp-content/uploads/2016/08/SWAMID-Metadata-Registration-Practice-Statement-v2.pdf</mdrpi:RegistrationPolicy>
@@ -28,10 +28,11 @@
</samla:Attribute>
</mdattr:EntityAttributes>
</md:Extensions>
- <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:Extensions>
- <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/WAYF/testa.antagning.se"/>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/WAYF/shibboleth.antagning.se"/>
<init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/Login"/>
+ <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/Login" index="1"/>
<mdui:UIInfo>
<mdui:DisplayName xml:lang="en">University West user account activation and password reset</mdui:DisplayName>
<mdui:DisplayName xml:lang="sv">Högskolan Väst kontoaktivering och lösenordsåterställning</mdui:DisplayName>
@@ -44,32 +45,70 @@
<mdui:InformationURL xml:lang="sv">https://mittkonto.hv.se</mdui:InformationURL>
</mdui:UIInfo>
</md:Extensions>
- <md:KeyDescriptor>
+ <md:KeyDescriptor use="signing">
<ds:KeyInfo>
- <ds:KeyName>lkubik03</ds:KeyName>
- <ds:KeyName>lkubik03.server.hv.se</ds:KeyName>
+ <ds:KeyName>w16token02.wad.hv.se</ds:KeyName>
<ds:X509Data>
- <ds:X509SubjectName>CN=lkubik03.server.hv.se</ds:X509SubjectName>
- <ds:X509Certificate>MIIDEDCCAfigAwIBAgIJAJQu73IMZUmZMA0GCSqGSIb3DQEBBQUAMCAxHjAcBgNV
-BAMTFWxrdWJpazAzLnNlcnZlci5odi5zZTAeFw0xMzAzMjYxMDIzNDZaFw0yMzAz
-MjQxMDIzNDZaMCAxHjAcBgNVBAMTFWxrdWJpazAzLnNlcnZlci5odi5zZTCCASIw
-DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPD3jDIDEGCDGN/AtNGIFaMcCo8x
-xGdtE/WXJMsFR6h/K+t3LFu+80yl5j9ecWE3Wb2yxb17yhhH/osmf0yVIiopmI3s
-yrI/V0k60irTj+Nm//CsSrufXA0OzOAqGWg45Gnd5sYPNxavSxs64yqH4qQa2EZ2
-eAfQGw1Vwd4qEM7rN2FS7HC2UBo7fNnwfBSQOHXF0+IaxCnY8UJmiZbzHH/mAKnd
-w8lORZFX71OOtFPaRIu3FCNbRywNSwmZmjInHJ2Qk3sx3fMUvRAxsCcZGyQBYFKJ
-7n3GL+C+Oz9kY7R822X4Ju02LjzHEC1Yv8Bbqkg9lw4t3jy9bQ6Kl1hXivkCAwEA
-AaNNMEswKgYDVR0RBCMwIYIVbGt1YmlrMDMuc2VydmVyLmh2LnNlhghsa3ViaWsw
-MzAdBgNVHQ4EFgQU5evNJSL0xGlOMvuNQe9CYskWLugwDQYJKoZIhvcNAQEFBQAD
-ggEBAOQPeDjPGRUuslXKxdxxdS1IUOggl/mdLdZq5rEWfAOl1ZmbByPG3AGVcfqN
-CJ9+YY3D2LKa0O3ofB33GMNOM2BHhPBFRNplDscgbXkYqddYUk6QKGVeFKvNaw36
-jtoWM6zfYNp3Ih3RDY9piULYhsCAiiWhLQ1hrnRORtl2//QY0WJdKIZlsUeNKXe9
-LIQW5tVzAQ6Ch8krK8ZflILLEeuRe7YWVcc46GGz7vGeGde5/Ne6dlY1sxXUyZgI
-J2hIwcyB1uysRe0st47mthLiPCt13JSKmmL+h4CBJXvCuDXugqlwJfSqZFgFtkSD
-5vNZODdjefAAsfNUgVbO0DXQvSI=
+ <ds:X509SubjectName>CN=w16token02.wad.hv.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEDjCCAnagAwIBAgIUAmeIyTNRvqavMyNVlZbUKrFfB90wDQYJKoZIhvcNAQEL
+BQAwHzEdMBsGA1UEAxMUdzE2dG9rZW4wMi53YWQuaHYuc2UwHhcNMTkwMjEzMTQ1
+NjI1WhcNMjkwMjEwMTQ1NjI1WjAfMR0wGwYDVQQDExR3MTZ0b2tlbjAyLndhZC5o
+di5zZTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALS/s8u7vAvqTL4g
+irOc7Z4iVws/kFAUCL2cdq3VELvZDw86XuWeQlBLSf/ZNb/pZDX/osuzdNnn7NVR
+0+srV0Fg3BoD+EiJpATWqEXv5gvwEigpZWFyTxERkpptZVJvjI4ySuC7mtPjcf53
+0tD190G9kS60p+ayw5M/EokxE+d6DcdvA+ETY1Zbpv0YZ6Akn1yFtOhYt+6anfzI
+g5TgK6XfyUZpI7gc/jivt2ZLi6KZCMCRFQw/m9ljg2jBVNBNlsT4+4oXA2a2S9l3
+qO53fk0cOyYcU6xFqxcyYxm0VHqKmZTi8GlpN/XHgVQyCY+wApROSlHZpUuPC1FV
+7JP1WKKb94UI21I7CRQi7N+Id0Q2GS1pogDjNqTb/s35JOgOjgMnTayPAF1dA9qa
+ywM4LlsAi7Ptg0MNYb/78sv7C4YpNs8y5u62bKsW6P9B2maJfi5H/ZSaYmmdijvp
+SyGqJ1J35FhHIyB0GjLeI/1XxLMYX32OrGi9gOiSji+S8C1BlQIDAQABo0IwQDAf
+BgNVHREEGDAWghR3MTZ0b2tlbjAyLndhZC5odi5zZTAdBgNVHQ4EFgQUT8NZwmbh
+rgZxQe44pg7ChKLXSX4wDQYJKoZIhvcNAQELBQADggGBAA3J09Z58KzBxYKmMB7T
+abRUfVgsINHO7bYOydBVDUPgXjEAGK+Cu0wuwTnTLWIEKipyYbYPuXrTY4X4Emx/
+3C+dVHKSNSGktH2sgX/tISvmjAwgXc9hqJLYCFgSoWOPB4cPXTAcnRQDK2HoBegY
+bi5InMZI3lf6wmsojZPR24acC9zrzDRDH1OsPNzzk+8OcT3Qmksa5jeupwCfuCfL
+OMscHRHK72x0ZR2Az22v8/i7JpkNLzy91q74z1oKCjevr0wsWB6pyNT/XQteuTSs
+4hduNux0ReRpuJ63Q5CBcKlrqThVwGNhxXPofBQ2dxQyP5wX0Zj7i1XO6WiOFr5o
+HpVGbRG7dQZOopj/kV2SoP3fAvAUY5pb0I/0QCbCJiaIvljndQDwRTVkgbF8pQzv
+owPw8kGjqmO270eaenW+aaFaoba+daV/dR9BIItpU2P3vxrnRHgBT9Y0t1Lsa7ZM
+g5I8h80BOYvVWyllh9NSIkb+NHv3b/lsecOXQq2CbLaBBw==
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>w16token02.wad.hv.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=w16token02.wad.hv.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEDjCCAnagAwIBAgIUBCS3GEOGF97bytZorcjltgkB630wDQYJKoZIhvcNAQEL
+BQAwHzEdMBsGA1UEAxMUdzE2dG9rZW4wMi53YWQuaHYuc2UwHhcNMTkwMjEzMTQ1
+NjIzWhcNMjkwMjEwMTQ1NjIzWjAfMR0wGwYDVQQDExR3MTZ0b2tlbjAyLndhZC5o
+di5zZTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALjpVfhy2ZotGen4
+WtTq+8IPd/+0teGHooZVpXjk4lZp/QsnLtmD4131Fn1OS/okGFqQE8PR05XefBQC
+vYAP5DNwhVnyXHdjQtOZbaI2G9yhnFu34360+tmxmHoMOEmGFPbfrvzA737+ZQ8t
+u/D3lBdjY0xT+5PNYal4o+k0xFmgq0lFTt/b+rn/bbRcbSheNcLIXtwgLQu06oZ9
+/kClQmTGCjks5R1vayxay5QTw67KArZXk7h44JOdIp/AnvFvzbfsjXHx2LA3cwaF
+BxS42SI6ZEPMpLZKCYptQmZnNvj6vxJjYrG8A7m8neqG1c8DxyST2AinMFjEbyH3
+CYS7e/moYrhS7c4gGgaQIIWXe8nmnOdaORmoBWwHLhThH6N+Mv+v6VTtnN41fCGt
+3uu3e9CFahAdrIwfkbZXulU4iO3UEcheW6mk6NTrpMiVeXMALlqE7rRGj91pAUie
+iT3lRdfOd4AUWDzuGjWAT3sG1aNOgVe3fB8CCQqyMxqeSj4pvQIDAQABo0IwQDAf
+BgNVHREEGDAWghR3MTZ0b2tlbjAyLndhZC5odi5zZTAdBgNVHQ4EFgQU6oEGJvHe
+56gtvDV7wj6Wal2GEfMwDQYJKoZIhvcNAQELBQADggGBAJYkx7Ur7t42snrSfprX
+YaumK4KT8GyXfycREfHmElS9xLThNGkqr2ALTr645/5Fn7tbJNHB7GSdyKBDHEZa
+DzNZRWw+ND+uM7MrqN3STOcVY2e0HfSpNMSDeNkyic6kTAKDWBZXib6RMaX3/of3
+7wnHMpE6T+oFOCg94UGNYtctjAJZzZl59o3o75anylR7o+aXwvunfT/vq7sZK2IH
+GGhn1nj3i76lRljyMKFVp9As1vzLGUd8MCCnwlimvKUOWVTFVXeyLTJ6fgMi5DTJ
+xFs6d/pbv8ZpfBrcVzg8A/TXtznNT2PL7VW8vEPmse8mPQrnsRQDij23mVwkgJXq
+2akFd/ElCXI9x0lb7Df0T8N4+NB1i6vCmdhDQSgjV4NSvsW/cJCvvGVl+ff7weT4
+z6+7PZ+5rd/cobHS16LmJC+dsgpuPCY6r8+HuI3nGezZYDAhKjfOR/6Ikno8/eEW
+kAVNeiHld7cgAfvBDN59cQlSlpraBCjnkV8WAMXDcFJ/7A==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
@@ -82,10 +121,12 @@ J2hIwcyB1uysRe0st47mthLiPCt13JSKmmL+h4CBJXvCuDXugqlwJfSqZFgFtkSD
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/SLO/POST"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/SLO/Redirect"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/SLO/SOAP"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/SAML/Artifact" index="6"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/SAML/POST" index="7"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/SAML2/Artifact" index="8"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/SAML2/ECP" index="9"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/SAML2/POST" index="10"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://nyainloggning-test.hv.se/Shibboleth.sso/SAML2/POST" index="5"/>
</md:SPSSODescriptor>
+ <md:ContactPerson contactType="technical">
+ <md:SurName>Christian Jiresjö</md:SurName>
+ <md:EmailAddress>mailto:christian.jiresjo@hv.se</md:EmailAddress>
+ </md:ContactPerson>
</md:EntityDescriptor>