SWAMID-437, New SP metadata.lab.swamid.se

author: Björn Mattsson <bjorn@sunet.se> 2021-10-26 09:37:37 +0200
committer: Björn Mattsson <bjorn@sunet.se> 2021-10-26 09:37:37 +0200
commit: a9d19c972c68d33a09a796c85d62245eaf59eb94 (patch)
tree: 3d56159f0abd881bc7585611d4f3bf13bb76b9af
parent: a5d5781175bf0f662983aea2ea6c224875bd5073 (diff)
2 files changed, 155 insertions, 0 deletions
diff --git a/swamid-2.0/metadata.lab.swamid.se-shibboleth.xml b/swamid-2.0/metadata.lab.swamid.se-shibboleth.xml
new file mode 100644
index 00000000..9340bf0d
--- /dev/null
+++ b/swamid-2.0/metadata.lab.swamid.se-shibboleth.xml
@@ -0,0 +1,154 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://metadata.lab.swamid.se/shibboleth">
+  <md:Extensions>
+    <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/" registrationInstant="2021-10-26T09:33:57Z">
+      <mdrpi:RegistrationPolicy xml:lang="en">http://swamid.se/policy/mdrps</mdrpi:RegistrationPolicy>
+    </mdrpi:RegistrationInfo>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+    <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+      <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+        <samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue>
+      </samla:Attribute>
+    </mdattr:EntityAttributes>
+  </md:Extensions>
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <md:Extensions>
+      <mdui:UIInfo>
+        <mdui:DisplayName xml:lang="sv">SWAMID Metadatahanterare - lab</mdui:DisplayName>
+        <mdui:DisplayName xml:lang="en">SWAMID Metdata admin tool - lab</mdui:DisplayName>
+        <mdui:Description xml:lang="sv">Detta är en tjänst för att hantera metadata för entiteter i SWAMID.</mdui:Description>
+        <mdui:Description xml:lang="en">This is a service for handling Metdadata for entities in SWAMID.</mdui:Description>
+        <mdui:InformationURL xml:lang="sv">https://metadata.swamid.se/</mdui:InformationURL>
+        <mdui:InformationURL xml:lang="en">https://metadata.swamid.se/</mdui:InformationURL>
+        <mdui:PrivacyStatementURL xml:lang="sv">https://wiki.sunet.se/display/SWAMID/SWAMID+Entity+Category+Release+Check+-+Privacy+Policy?showLanguage=sv_SE</mdui:PrivacyStatementURL>
+        <mdui:PrivacyStatementURL xml:lang="en">https://wiki.sunet.se/display/SWAMID/SWAMID+Entity+Category+Release+Check+-+Privacy+Policy?showLanguage=en_GB</mdui:PrivacyStatementURL>
+        <mdui:Logo height="100" width="115" xml:lang="en">https://metadata.swamid.se/swamid-logo-2-100x115.png</mdui:Logo>
+        <mdui:Logo height="100" width="115" xml:lang="sv">https://metadata.swamid.se/swamid-logo-2-100x115.png</mdui:Logo>
+      </mdui:UIInfo>
+    </md:Extensions>
+    <md:KeyDescriptor use="signing">
+      <ds:KeyInfo>
+        <ds:KeyName>07bfaeb0ea87</ds:KeyName>
+        <ds:X509Data>
+          <ds:X509SubjectName>CN=07bfaeb0ea87</ds:X509SubjectName>
+          <ds:X509Certificate>MIID9jCCAl6gAwIBAgIUVwgtc8SFBRVTlZJGIgx76mbQm4owDQYJKoZIhvcNAQEL
+BQAwFzEVMBMGA1UEAxMMMDdiZmFlYjBlYTg3MB4XDTIxMTAyMTA5MzUwM1oXDTMx
+MTAxOTA5MzUwM1owFzEVMBMGA1UEAxMMMDdiZmFlYjBlYTg3MIIBojANBgkqhkiG
+9w0BAQEFAAOCAY8AMIIBigKCAYEAqP+avViGPhj2thVZUaISQbCE6T2rZTunDGUr
+59QtrIOkoyKYN+yIpv27x/xGdM3neDmIM+MwCkuR+bYcl2OgO9CU31Zt2iBTNEL0
+xJXyHGs1j3QJNZkv064uZu/6DhnbUarSGBOcYsyId3BA9jTD6gEaJew5iqwop1Xj
+dUNK5NuoO+vbRQ9eEGToTtnmUTiIkSymdjNgwRsbyfNIMa1it5spV2/CO4kDZy1N
+fqXyABDHLJIir0CzekRCGBDYRfeYLvsHBZ9KC6BuvHdpS/j+r23y03o+2wyIHHcp
+NgXiKb8vwfN3/Tx61zrGAmu1TIXRFBArmjhsPFZBSVxoGpDk1ep00XMhnfBBW5I6
+hJsNgsQBJZWwh0LNzgkoIXNPNmrRAYnXS2q7VZOBAuvbetfBUvnG0Bsw3qC0LJ5y
+WBNQ+Ro1aaghV6BuTWPKflUo/j5gGlnjTDV6VRAG61MjBg2d6v7Kmg2SongBD78H
+CZSZgntY5a6go1MLkrJkTn5jriDRAgMBAAGjOjA4MBcGA1UdEQQQMA6CDDA3YmZh
+ZWIwZWE4NzAdBgNVHQ4EFgQUQX8k62exP59aVyNv91xkmn805vowDQYJKoZIhvcN
+AQELBQADggGBACefiHQ9ljvXSHkPgqV7QURN8hastnbHLgoQmafa1jnyQ1PAVdm6
+GtyT6lHe+YtRl+mtDpjXV6zNlD8w0WybmfGPJ+YpMopNzSUkxGQ7v8aHd4ptfoKk
+ZscfgII3nM+rVWLWtdIgE0YIUTJU2VvCXbYxNZDte7otjdG8gMEjOXFJYu0runZv
+10rB3lFkJf0tEMycJSmtPnJEX0ES+gCmP8kv6Qx4w+xuBrBT5VxthmE14Y/4l80F
+pwRIZ1RSyXCZSAEl4Kb1Lz7mweWM0EsbtbMwkBzGtrbuuZeKg62zeuhrULO5VApF
++oHbeQGNKiylDlRvAJ574PniPjyXrblslswJN9D4scsHrsHyMzZdXSjkTjOQsrk5
+Oci1lgWUvMVEcDRNEkVzxGHW7N7QkOkEd6ggHAdcAerExVqU7GSSFJy2N2V10CtQ
+KxzjFS087+e1KGbtHGTycSxW5WPse8m4YCPlv/PIEx7ongx1ydgwf+QJp61SKcUX
+NAu5oleTjvQwQw==
+</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+    </md:KeyDescriptor>
+    <md:KeyDescriptor use="encryption">
+      <ds:KeyInfo>
+        <ds:KeyName>07bfaeb0ea87</ds:KeyName>
+        <ds:X509Data>
+          <ds:X509SubjectName>CN=07bfaeb0ea87</ds:X509SubjectName>
+          <ds:X509Certificate>MIID9jCCAl6gAwIBAgIUdnvLzleBiCh6hkldNkCxCdWRHl0wDQYJKoZIhvcNAQEL
+BQAwFzEVMBMGA1UEAxMMMDdiZmFlYjBlYTg3MB4XDTIxMTAyMTA5MzUwM1oXDTMx
+MTAxOTA5MzUwM1owFzEVMBMGA1UEAxMMMDdiZmFlYjBlYTg3MIIBojANBgkqhkiG
+9w0BAQEFAAOCAY8AMIIBigKCAYEAqMRR5xOFqKc1Sq3Lw3hc1sTl885EMg0moJ5i
+HdpWiAp9wV77KFoH9bjuQullJp96hNe3BFC9oN98ZZUdClF5NMdvIveQsgNAl+jB
+za1AjWbih0BF3WR3OMTOpfU/+rm34O+J7b8h6jKkPtm+OiRH/jWe7L7f/V18ezxT
+6PLd0LFFrr2LRQv0UaNxUU61ltKH5GNNTkRGIktGN5/UtunG6YC5V9tyWW0NCN+O
+qEgjhAtazilDROnP6P0XPdvOxaKitx5qlBB2+7QVHbDNSOeCw6SEEfnqFytR4pse
+5RsWxfbjipRsHecChrlH2GynbM0Z8JOxcPo7Y6DqESrboKbQUPGfXq8FqtMh7eWz
+0ZjosNfA4dmexF8vKzIz3A2a0oFVgOQj4QjsuucJqj7ThbfciDYMpCLKYxM4JPG2
+gk4udx2tsjmpkALcFWtIyC/mDtueKwCXuExydlVsk2g8xm1tLplM3JmYXvtPGy55
+F+wrLMnHtrK63dbpJOKBsktrL+2FAgMBAAGjOjA4MBcGA1UdEQQQMA6CDDA3YmZh
+ZWIwZWE4NzAdBgNVHQ4EFgQUfAQbbAXqqnajOyt6V8G+jYMnZpQwDQYJKoZIhvcN
+AQELBQADggGBAE7cGccvmgKclxvwRDl8GhBEV/JXjEFuNWqetUWL1uqo6LjxETVm
+p03C4MqXpnQjaS1ZKUzIE2Z92r7zFuHIzd2dXiIxluhECthDya6TwgVCRqrGfRs8
+a1tGCzoM7iZh7REvMh4i7VNB7Lyj/yNY3qowt5D2sdzCUfS5NBPVgaWkPYYZqcfm
+LMARlhy7zW1KNNuAyk45TUFi7WtGt9juu41suQRRrMCKIiIpmbK8E0L2FK/QxfXv
+oLFmecKG72DXKHKiHUbVH0sLVh8qen+3PcBSPvtrBCUyD7vS34VV8yajJo5A3Ogz
+3ZblFfrla2DZKC/HUCDOydqiXh2I8Ltt8HN7exgbrLqbsF+xUqolQv/pCaAIZq1U
+vAsVSDYSdq0zuDb+nrAtPLYAA51OwFmpO6rlMRwbVoxNfi0oegWWgxTOnK2VctBd
+2AQGKekuU96Nc8bJOxHFD7mO1iTmvORamB/Ibxle1ieOqz7+JJefAZ5l3/oOWHig
+q6dUsY0AZixwYw==
+</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </md:KeyDescriptor>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://metadata.lab.swamid.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://metadata.lab.swamid.se/Shibboleth.sso/SLO/SOAP"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://metadata.lab.swamid.se/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://metadata.lab.swamid.se/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://metadata.lab.swamid.se/Shibboleth.sso/SLO/Artifact"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://metadata.lab.swamid.se/Shibboleth.sso/SAML2/POST" index="1"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://metadata.lab.swamid.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://metadata.lab.swamid.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://metadata.lab.swamid.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+    <md:AttributeConsumingService index="1">
+      <md:ServiceName xml:lang="en">Metadata admin for SWAMID</md:ServiceName>
+      <md:ServiceName xml:lang="sv">Metadata admin for SWAMID</md:ServiceName>
+      <md:RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+      <md:RequestedAttribute FriendlyName="mail" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+      <md:RequestedAttribute FriendlyName="givenName" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+      <md:RequestedAttribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+      <md:RequestedAttribute FriendlyName="eduPersonAssurance" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+    </md:AttributeConsumingService>
+  </md:SPSSODescriptor>
+  <md:Organization>
+    <md:OrganizationName xml:lang="en">SWAMID</md:OrganizationName>
+    <md:OrganizationName xml:lang="sv">SWAMID</md:OrganizationName>
+    <md:OrganizationDisplayName xml:lang="sv">Swedish Academic Identity Federation (SWAMID)</md:OrganizationDisplayName>
+    <md:OrganizationDisplayName xml:lang="en">Swedish Academic Identity Federation (SWAMID)</md:OrganizationDisplayName>
+    <md:OrganizationURL xml:lang="en">http://www.swamid.se</md:OrganizationURL>
+    <md:OrganizationURL xml:lang="sv">http://www.swamid.se</md:OrganizationURL>
+  </md:Organization>
+  <md:ContactPerson contactType="administrative">
+    <md:GivenName>SWAMID Operations</md:GivenName>
+    <md:EmailAddress>mailto:operations@swamid.se</md:EmailAddress>
+  </md:ContactPerson>
+  <md:ContactPerson contactType="technical">
+    <md:GivenName>SWAMID Operations</md:GivenName>
+    <md:EmailAddress>mailto:operations@swamid.se</md:EmailAddress>
+  </md:ContactPerson>
+  <md:ContactPerson contactType="support">
+    <md:GivenName>SWAMID Operations</md:GivenName>
+    <md:EmailAddress>mailto:operations@swamid.se</md:EmailAddress>
+  </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml
index 40e3c712..f42c2811 100644
--- a/swamid-sp-2.0.mxml
+++ b/swamid-sp-2.0.mxml
@@ -719,4 +719,5 @@
   <xi:include href="swamid-2.0/mfa.release-check.swamid.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/pseudonymous.release-check.swamid.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/test-isp.sae.kau.se-isptest.xml"/>
+  <xi:include href="swamid-2.0/metadata.lab.swamid.se-shibboleth.xml"/>
 </md:EntitiesDescriptor>
author	Björn Mattsson <bjorn@sunet.se>	2021-10-26 09:37:37 +0200
committer	Björn Mattsson <bjorn@sunet.se>	2021-10-26 09:37:37 +0200
commit	a9d19c972c68d33a09a796c85d62245eaf59eb94 (patch)
tree	3d56159f0abd881bc7585611d4f3bf13bb76b9af
parent	a5d5781175bf0f662983aea2ea6c224875bd5073 (diff)