summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPaul Scott <paul.scott@kau.se>2015-11-11 16:03:29 +0100
committerPaul Scott <paul.scott@kau.se>2015-11-11 16:03:29 +0100
commit3017791889109ec8f2b552b610a19ccfc823bbd7 (patch)
tree256ca7cd64a741c5aa89cfbbcbec1d8718b38474
parent193c5b1653b31f871cf1c3c804d86819ce44fde1 (diff)
Resolves SWAMIDOPS-7883, Shib 3 IdPer för KI.
-rw-r--r--swamid-2.0/login.ki.se-idp-shibboleth.xml199
-rw-r--r--swamid-2.0/login.tst.ki.se-ipd-shibboleth.xml199
-rw-r--r--swamid-edugain-idp-1.0.mxml1
-rw-r--r--swamid-testing-idp-1.0.mxml1
4 files changed, 400 insertions, 0 deletions
diff --git a/swamid-2.0/login.ki.se-idp-shibboleth.xml b/swamid-2.0/login.ki.se-idp-shibboleth.xml
new file mode 100644
index 00000000..e1d90264
--- /dev/null
+++ b/swamid-2.0/login.ki.se-idp-shibboleth.xml
@@ -0,0 +1,199 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://login.ki.se/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmd:Scope regexp="false">ki.se</shibmd:Scope>
+ <mdui:UIInfo>
+ <mdui:DisplayName xml:lang="sv">Karolinska Institutet (endast nya Ladok)</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Karolinska Institutet (only new Ladok)</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Identity Provider för Karolinska Institutet.</mdui:Description>
+ <mdui:Description xml:lang="en">Identity Provider for Karolinska Institutet.</mdui:Description>
+ <mdui:Logo height="146" width="292">https://login.ki.se/images/ki_logo_292x146.png</mdui:Logo>
+ <mdui:Keywords xml:lang="sv">ki karolinska+institutet</mdui:Keywords>
+ <mdui:Keywords xml:lang="en">ki karolinska+institutet</mdui:Keywords>
+ </mdui:UIInfo>
+ <mdui:DiscoHints>
+ <mdui:DomainHint>ki.se</mdui:DomainHint>
+ <mdui:IPHint>130.229.0.0/18</mdui:IPHint>
+ <mdui:IPHint>130.237.96.0/19</mdui:IPHint>
+ <mdui:IPHint>130.237.128.0/20</mdui:IPHint>
+ <mdui:IPHint>130.237.204.0/24</mdui:IPHint>
+ <mdui:IPHint>130.237.207.0/24</mdui:IPHint>
+ <mdui:IPHint>193.10.16.0/21</mdui:IPHint>
+ <mdui:IPHint>193.10.140.0/22</mdui:IPHint>
+ <mdui:IPHint>194.14.96.0/24</mdui:IPHint>
+ <mdui:IPHint>2001:06B0:0022::/48</mdui:IPHint>
+ <mdui:IPHint>136.155.0.0/16</mdui:IPHint>
+ <mdui:IPHint>159.38.0.0/16</mdui:IPHint>
+ <mdui:IPHint>193.10.63.0/24</mdui:IPHint>
+ <mdui:IPHint>193.10.76.0/24</mdui:IPHint>
+ <mdui:GeolocationHint>geo:59.3475753,18.0279382</mdui:GeolocationHint>
+ <mdui:GeolocationHint>geo:59.219589,17.940939</mdui:GeolocationHint>
+ </mdui:DiscoHints>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDFzCCAf+gAwIBAgIUSr91KhOWgx1LLaoQAw69hE2zxN8wDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLbG9naW4ua2kuc2UwHhcNMTUxMTEwMTMyNjU0WhcNMzUx
+MTEwMTMyNjU0WjAWMRQwEgYDVQQDDAtsb2dpbi5raS5zZTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAJ+xNQGjVs6rbJym13yai5iPGLhcXcDFhs2dcckk
+9SnhS0oEhHEPdwn9iwtkXbDaQCdlPzKw1lAQ4PFeqeynh3bM/GNz5RLQp3Fiac1b
+n2MiUEK6Xj2T+5XZklJHwsXnAP5FrPfsXLJ8kbDU7cS7aQ9b+8xqs+YNjIzZzEAx
+OGQp7/zwHTFejWc0GfxrARc+L5xwlXyQGRFjGQAs8Ka+WlV5MhyZFnHV81+/O4Xu
+gztzKuC2i0QKt46S1hep2Za8KxmWfN1pzWG8hnJHFWYOtRuKmTs4tF6ln03c72zF
+0wZ0zv5VKsplRd7ZGozJ275i0gntt233X9RoBM9rGYVBkaMCAwEAAaNdMFswHQYD
+VR0OBBYEFBqgkKxTUPlSShbr1NxOyLvrWkljMDoGA1UdEQQzMDGCC2xvZ2luLmtp
+LnNlhiJodHRwczovL2xvZ2luLmtpLnNlL2lkcC9zaGliYm9sZXRoMA0GCSqGSIb3
+DQEBCwUAA4IBAQAB7enC9iTTTfKZXUFtdXPEEJte/x3VembkSftwr+sK1EtDezIB
+R8LUsMqovpC771JmJbhkEVNtErfG9cwyKC3g0oWRY5U02jGxuxcq7yEh6/bTIZ0R
+nx88SX0+V9jMDfQKBFhljKCuozq70dGtApXm8bmuvBPe5gQ9+NaSKWkniOPv+zOS
+wOUUvi/8r6AE7PtCXn6uydqUcEo/oh8OMZOVx0siApLrG6NwZpGUz6l8mqH00zd5
+Lslkb6jUsVBP2o/ORnwRlgY0I4491wMALYaplSMa1LUZPyB7Iv5IuHkybBEYy+mY
+GzAYjGQSD2+4EUgB8f7vuxJSjRnfmVUmh6cB
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDFzCCAf+gAwIBAgIUQnJmXS4G/tbR42ca8QG480l3MMEwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLbG9naW4ua2kuc2UwHhcNMTUxMTEwMTMyNjU0WhcNMzUx
+MTEwMTMyNjU0WjAWMRQwEgYDVQQDDAtsb2dpbi5raS5zZTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAJA5FGj3sWcneuNuMoqgT9nQ07FAXKdSnDtfASMq
+0ZyaxyLJbOlKyRRzy8okbWTAhuI98JvuvGsSjg2dXCvRFKI/fF5pXn70enux0Svk
+NUvZdnr38noCyEVpTUpSMjDrHF9V1FDAloJ65zbRepdHU4Sv9di5Vy9ppAo4VrLw
+iR2AXS7EFQ39aIm37xPIQz2M0HXBERVCQHOg51LrwNnMCVE1I70s28qYzI3wo/0p
+HfD9qWqnqIz8Fr1UHCDGArJN1YhQJZbWlN2KBndl3Ike4obeDxQFnS707l8B1Hnh
+ceV8ohgtK82bASKSVCJ1Z7w+CAGAhABqc8DCJ599mTDzm78CAwEAAaNdMFswHQYD
+VR0OBBYEFDrrD9A+XOKI8btkdBaO8hvc/vyMMDoGA1UdEQQzMDGCC2xvZ2luLmtp
+LnNlhiJodHRwczovL2xvZ2luLmtpLnNlL2lkcC9zaGliYm9sZXRoMA0GCSqGSIb3
+DQEBCwUAA4IBAQBhpdosfvuPTuvAoK0jokVl7gqDW53KrRTD+BrJRoOGPBQ2DXVF
+TvQdmS/zymbrFghQr0XOzYLRa+fP6lfoNusBWKfL0Fyto8skicSNswYDG1zgF6HI
+03eHqhB5ma6u4rh3gAMwVcpyYCcrrJ2hbTI8BWXzZFaxXM9JaK7u2J8k5tGAccK1
+247NSR8LEai46HkZpovuKPjD9zwunV6mQeOXQeo3WtoPW0twB9h01sfqV0iMvaXg
+Tu4iUPkcwpIeauNAjJ4KXpl5OxehsBnz9rrb6smtz2bfWBBNiPHaHhT6XIqon5X1
+kEJEO2P16fM/dhzKIPEqH52zd3J8O6Hs1Cil
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDFzCCAf+gAwIBAgIUEEr81svYHmizs6DjzN0FCQ1IlLkwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLbG9naW4ua2kuc2UwHhcNMTUxMTEwMTMyNjU0WhcNMzUx
+MTEwMTMyNjU0WjAWMRQwEgYDVQQDDAtsb2dpbi5raS5zZTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAMIJsWHFr/fc/26Dfv0WOBhspXfyRVGSHMu5IeRs
+reQGRKbrdW4KOOrKQkqZnyQVe8eZt/GZKSzy+9VnAJo3ypaUt2y0LsTqibcg7oNO
+RcC2yDKlEN8CCSX3OQrQ1kWRxHpMSaHx1TeWAPI9kB0CykeG6FmVYXG9arY9u9pn
+ZvdPCXg7SkFbTCa1zJdbxBCumq/nAKGiEct6GQHMeYOb9YBI+WYYByfseLdf5dNC
+i1fXuRYbxK9dcFIVlGuZRea99TklSZZR3BxFLHgcECjp1ZtoT0Byl2yxmm0nGJE2
+HKh+LsxAUz3ouG3qItUJPYzBS1RHQVWYz8N4T8z+w+1jEY0CAwEAAaNdMFswHQYD
+VR0OBBYEFKf0zzGixtPS531/l3z2Vc04g1seMDoGA1UdEQQzMDGCC2xvZ2luLmtp
+LnNlhiJodHRwczovL2xvZ2luLmtpLnNlL2lkcC9zaGliYm9sZXRoMA0GCSqGSIb3
+DQEBCwUAA4IBAQA4PPWZd96F0l40muNxqPzVNzTq/D+ndRhEcPOxk8SraEXaFlkm
+xqELKuLnuj7MAx+y/SJssIs9acDm8CBxp60z9hSTkokVjVAfyWiTU+KuTGvwWWnP
+T25PheKwMPl+W45PhXfbK0F1nDXvNf2L59gxuBIJEcqojx6BHlLfz1tbQUCsezV4
+fv98gre6OoWeN5TSiWgtl7Gsb1cjFRcfiYNwDo9pWqNnLOioncMs4SOyEKrTxrU7
+rmABcIrDyPLSecdGrJBUBiYy1tTm72SEGK9npcZ8QPuXkkSf7zskTenf4tFszUnq
+BazoaLKp7SoAtN5cqOcYTgOJY89fkO6T8gqd
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.ki.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.ki.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://login.ki.se/idp/profile/Shibboleth/SSO"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://login.ki.se/idp/profile/SAML2/POST/SSO"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.ki.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope regexp="false">ki.se</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDFzCCAf+gAwIBAgIUSr91KhOWgx1LLaoQAw69hE2zxN8wDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLbG9naW4ua2kuc2UwHhcNMTUxMTEwMTMyNjU0WhcNMzUx
+MTEwMTMyNjU0WjAWMRQwEgYDVQQDDAtsb2dpbi5raS5zZTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAJ+xNQGjVs6rbJym13yai5iPGLhcXcDFhs2dcckk
+9SnhS0oEhHEPdwn9iwtkXbDaQCdlPzKw1lAQ4PFeqeynh3bM/GNz5RLQp3Fiac1b
+n2MiUEK6Xj2T+5XZklJHwsXnAP5FrPfsXLJ8kbDU7cS7aQ9b+8xqs+YNjIzZzEAx
+OGQp7/zwHTFejWc0GfxrARc+L5xwlXyQGRFjGQAs8Ka+WlV5MhyZFnHV81+/O4Xu
+gztzKuC2i0QKt46S1hep2Za8KxmWfN1pzWG8hnJHFWYOtRuKmTs4tF6ln03c72zF
+0wZ0zv5VKsplRd7ZGozJ275i0gntt233X9RoBM9rGYVBkaMCAwEAAaNdMFswHQYD
+VR0OBBYEFBqgkKxTUPlSShbr1NxOyLvrWkljMDoGA1UdEQQzMDGCC2xvZ2luLmtp
+LnNlhiJodHRwczovL2xvZ2luLmtpLnNlL2lkcC9zaGliYm9sZXRoMA0GCSqGSIb3
+DQEBCwUAA4IBAQAB7enC9iTTTfKZXUFtdXPEEJte/x3VembkSftwr+sK1EtDezIB
+R8LUsMqovpC771JmJbhkEVNtErfG9cwyKC3g0oWRY5U02jGxuxcq7yEh6/bTIZ0R
+nx88SX0+V9jMDfQKBFhljKCuozq70dGtApXm8bmuvBPe5gQ9+NaSKWkniOPv+zOS
+wOUUvi/8r6AE7PtCXn6uydqUcEo/oh8OMZOVx0siApLrG6NwZpGUz6l8mqH00zd5
+Lslkb6jUsVBP2o/ORnwRlgY0I4491wMALYaplSMa1LUZPyB7Iv5IuHkybBEYy+mY
+GzAYjGQSD2+4EUgB8f7vuxJSjRnfmVUmh6cB
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDFzCCAf+gAwIBAgIUQnJmXS4G/tbR42ca8QG480l3MMEwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLbG9naW4ua2kuc2UwHhcNMTUxMTEwMTMyNjU0WhcNMzUx
+MTEwMTMyNjU0WjAWMRQwEgYDVQQDDAtsb2dpbi5raS5zZTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAJA5FGj3sWcneuNuMoqgT9nQ07FAXKdSnDtfASMq
+0ZyaxyLJbOlKyRRzy8okbWTAhuI98JvuvGsSjg2dXCvRFKI/fF5pXn70enux0Svk
+NUvZdnr38noCyEVpTUpSMjDrHF9V1FDAloJ65zbRepdHU4Sv9di5Vy9ppAo4VrLw
+iR2AXS7EFQ39aIm37xPIQz2M0HXBERVCQHOg51LrwNnMCVE1I70s28qYzI3wo/0p
+HfD9qWqnqIz8Fr1UHCDGArJN1YhQJZbWlN2KBndl3Ike4obeDxQFnS707l8B1Hnh
+ceV8ohgtK82bASKSVCJ1Z7w+CAGAhABqc8DCJ599mTDzm78CAwEAAaNdMFswHQYD
+VR0OBBYEFDrrD9A+XOKI8btkdBaO8hvc/vyMMDoGA1UdEQQzMDGCC2xvZ2luLmtp
+LnNlhiJodHRwczovL2xvZ2luLmtpLnNlL2lkcC9zaGliYm9sZXRoMA0GCSqGSIb3
+DQEBCwUAA4IBAQBhpdosfvuPTuvAoK0jokVl7gqDW53KrRTD+BrJRoOGPBQ2DXVF
+TvQdmS/zymbrFghQr0XOzYLRa+fP6lfoNusBWKfL0Fyto8skicSNswYDG1zgF6HI
+03eHqhB5ma6u4rh3gAMwVcpyYCcrrJ2hbTI8BWXzZFaxXM9JaK7u2J8k5tGAccK1
+247NSR8LEai46HkZpovuKPjD9zwunV6mQeOXQeo3WtoPW0twB9h01sfqV0iMvaXg
+Tu4iUPkcwpIeauNAjJ4KXpl5OxehsBnz9rrb6smtz2bfWBBNiPHaHhT6XIqon5X1
+kEJEO2P16fM/dhzKIPEqH52zd3J8O6Hs1Cil
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDFzCCAf+gAwIBAgIUEEr81svYHmizs6DjzN0FCQ1IlLkwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLbG9naW4ua2kuc2UwHhcNMTUxMTEwMTMyNjU0WhcNMzUx
+MTEwMTMyNjU0WjAWMRQwEgYDVQQDDAtsb2dpbi5raS5zZTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAMIJsWHFr/fc/26Dfv0WOBhspXfyRVGSHMu5IeRs
+reQGRKbrdW4KOOrKQkqZnyQVe8eZt/GZKSzy+9VnAJo3ypaUt2y0LsTqibcg7oNO
+RcC2yDKlEN8CCSX3OQrQ1kWRxHpMSaHx1TeWAPI9kB0CykeG6FmVYXG9arY9u9pn
+ZvdPCXg7SkFbTCa1zJdbxBCumq/nAKGiEct6GQHMeYOb9YBI+WYYByfseLdf5dNC
+i1fXuRYbxK9dcFIVlGuZRea99TklSZZR3BxFLHgcECjp1ZtoT0Byl2yxmm0nGJE2
+HKh+LsxAUz3ouG3qItUJPYzBS1RHQVWYz8N4T8z+w+1jEY0CAwEAAaNdMFswHQYD
+VR0OBBYEFKf0zzGixtPS531/l3z2Vc04g1seMDoGA1UdEQQzMDGCC2xvZ2luLmtp
+LnNlhiJodHRwczovL2xvZ2luLmtpLnNlL2lkcC9zaGliYm9sZXRoMA0GCSqGSIb3
+DQEBCwUAA4IBAQA4PPWZd96F0l40muNxqPzVNzTq/D+ndRhEcPOxk8SraEXaFlkm
+xqELKuLnuj7MAx+y/SJssIs9acDm8CBxp60z9hSTkokVjVAfyWiTU+KuTGvwWWnP
+T25PheKwMPl+W45PhXfbK0F1nDXvNf2L59gxuBIJEcqojx6BHlLfz1tbQUCsezV4
+fv98gre6OoWeN5TSiWgtl7Gsb1cjFRcfiYNwDo9pWqNnLOioncMs4SOyEKrTxrU7
+rmABcIrDyPLSecdGrJBUBiYy1tTm72SEGK9npcZ8QPuXkkSf7zskTenf4tFszUnq
+BazoaLKp7SoAtN5cqOcYTgOJY89fkO6T8gqd
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.ki.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.ki.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+ </AttributeAuthorityDescriptor>
+</EntityDescriptor>
diff --git a/swamid-2.0/login.tst.ki.se-ipd-shibboleth.xml b/swamid-2.0/login.tst.ki.se-ipd-shibboleth.xml
new file mode 100644
index 00000000..cd86091b
--- /dev/null
+++ b/swamid-2.0/login.tst.ki.se-ipd-shibboleth.xml
@@ -0,0 +1,199 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://login.tst.ki.se/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmd:Scope regexp="false">ki.se</shibmd:Scope>
+ <mdui:UIInfo>
+ <mdui:DisplayName xml:lang="sv">Karolinska Institutet (test Shibboleth 3)</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Karolinska Institutet (test Shibboleth 3)</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Test Identity Provider för Karolinska Institutet.</mdui:Description>
+ <mdui:Description xml:lang="en">Test Identity Provider for Karolinska Institutet.</mdui:Description>
+ <mdui:Logo height="146" width="292">https://login.tst.ki.se/images/ki_logo_292x146.png</mdui:Logo>
+ <mdui:Keywords xml:lang="sv">ki karolinska+institutet</mdui:Keywords>
+ <mdui:Keywords xml:lang="en">ki karolinska+institutet</mdui:Keywords>
+ </mdui:UIInfo>
+ <mdui:DiscoHints>
+ <mdui:DomainHint>ki.se</mdui:DomainHint>
+ <mdui:IPHint>130.229.0.0/18</mdui:IPHint>
+ <mdui:IPHint>130.237.96.0/19</mdui:IPHint>
+ <mdui:IPHint>130.237.128.0/20</mdui:IPHint>
+ <mdui:IPHint>130.237.204.0/24</mdui:IPHint>
+ <mdui:IPHint>130.237.207.0/24</mdui:IPHint>
+ <mdui:IPHint>193.10.16.0/21</mdui:IPHint>
+ <mdui:IPHint>193.10.140.0/22</mdui:IPHint>
+ <mdui:IPHint>194.14.96.0/24</mdui:IPHint>
+ <mdui:IPHint>2001:06B0:0022::/48</mdui:IPHint>
+ <mdui:IPHint>136.155.0.0/16</mdui:IPHint>
+ <mdui:IPHint>159.38.0.0/16</mdui:IPHint>
+ <mdui:IPHint>193.10.63.0/24</mdui:IPHint>
+ <mdui:IPHint>193.10.76.0/24</mdui:IPHint>
+ <mdui:GeolocationHint>geo:59.3475753,18.0279382</mdui:GeolocationHint>
+ <mdui:GeolocationHint>geo:59.219589,17.940939</mdui:GeolocationHint>
+ </mdui:DiscoHints>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDKDCCAhCgAwIBAgIVAMoel+MKpG2xaTjyazTBhaikYRLhMA0GCSqGSIb3DQEB
+CwUAMBoxGDAWBgNVBAMMD2xvZ2luLnRzdC5raS5zZTAeFw0xNTExMDQxNDI4MDRa
+Fw0zNTExMDQxNDI4MDRaMBoxGDAWBgNVBAMMD2xvZ2luLnRzdC5raS5zZTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIsH/cWaST4Ua0YvM2A1IpfWnWS4
+V8gzg8MFWL9vwAyTmg9prTkOzHxVSXpvrXz+Sr9OvAcpG7Qcia7+rS+raRMqaiG+
++3tF932XgCZmq532oSYxFLk/ZssmyHQiUYY/tzC832yoiM8vIHYuQeyaD2i9HdhH
+vS4FLLcP5k4H166wW/uUkRDs/pG2e7uiT6RIhavV3sUIPlzRdkkuYhURcGjpTCsb
+5DRb+FmkRHH61OdLJMkqi7c8z3jmRXBZn+FsENElQPySzaiWJI+XKS8Mn36sFrTM
+gOXEYC3u9H6k3ZdXYVq+Brh0dwaQi7waPt3FJpfYPIDwxOYKtLHrgoS0MzECAwEA
+AaNlMGMwHQYDVR0OBBYEFMi5T4diS2VMxS0jWp5BszYiV96bMEIGA1UdEQQ7MDmC
+D2xvZ2luLnRzdC5raS5zZYYmaHR0cHM6Ly9sb2dpbi50c3Qua2kuc2UvaWRwL3No
+aWJib2xldGgwDQYJKoZIhvcNAQELBQADggEBAErKe5nlDdbds4rre39uKZZXvPuF
++JZ/VvmJJXF7t/YADLYQEhU4ybZOc0MRvGV6IKrmEwXHOpIcD7Uf+T1rvyIKQ24l
+a2qbjZ0/Si4K5V3VHWKw9n1hFxzpBVblRBQKpe3C2/AHtXo42I581Aj4RiMMvdtE
+s6I6mUGkWt+12okiFPkPYkZiKNS44MRH/MpFBRZyq2+16AvarO5TxU8czzuHIaiw
+WWUe6DVFlidT5MLwtVawka9hmB11ck88jfu1I9MuBA3kshE4P3nAZFUSxWBEJVhw
+n8eLCYnUBlf2Tz/qD15v7rjTQgMM5HFL8z5dSdm/ku7V0BGdseke4CKTTWE=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDJzCCAg+gAwIBAgIUNQiQqRF0OWgY/8AQmnbujTqk5pUwDQYJKoZIhvcNAQEL
+BQAwGjEYMBYGA1UEAwwPbG9naW4udHN0LmtpLnNlMB4XDTE1MTEwNDE0MjgwMloX
+DTM1MTEwNDE0MjgwMlowGjEYMBYGA1UEAwwPbG9naW4udHN0LmtpLnNlMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqigba9iKeQgpVTxXDJdR8XY3unuY
+tE4BnM29l3kUIPO17FPURUkhbrl86SeWHE6xPRATi9XHG44o9ACsLyR85FWkeGnj
+o26QqovXOxFn+YDEXIFu2Ier2YxJiL8MWte5n41Wf1poZQb0Sf4o+LOSrVZxd98n
+xzEuCJ93Luf4RxB9l+dfoVK4EDp6AAIJO/sxBmeEYfvNFukp+duyDFdQV1oSWaWg
+TMIqmaPevF4t39YwGCutFpZJyp++jfkixbNHzC75xiFyWfdumMcOs5FYA70rPUEl
+ZgQs1pUZv4qP7VeNNS6QXQyQl86kxMN7XfymgoqLQdHN2e1+JiEsk95kmwIDAQAB
+o2UwYzAdBgNVHQ4EFgQUTvEk7OlxQx65QaRT+nO7cuOY71wwQgYDVR0RBDswOYIP
+bG9naW4udHN0LmtpLnNlhiZodHRwczovL2xvZ2luLnRzdC5raS5zZS9pZHAvc2hp
+YmJvbGV0aDANBgkqhkiG9w0BAQsFAAOCAQEATSLgQWRc05CI6vkw8fCaC4pAYKmu
+uMqAIcKhkaVslYJGRRxnPlEKKvXZeh3QAkqj0RW7o/VFbltsfbOKpmg/h1hp110Q
+EdFRvAfpycCvKp7BnJa4mJ9RD0/PwuyeZ6IMg4hGt82gsgRbWJsCb6lYwj8i0ZIu
+N8jxHT9GPA1BezK2+iC7x/UZXuPzI+/AfRMchBzStgau9H+MsP1mXi1SIm+iqaRA
+fyNTnKTNyov83sU5fX101h10Qp9rW7Im/Ol1zZefMdOc4rsSYi8zSlaPWuIPz9nu
+MrwNBQ4u5RUrJQQCdmBSr/Iw8h4zKUYeAXW+LvaMoyY8uIN3mAq1wle+3A==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDKDCCAhCgAwIBAgIVAN0l6j5eWkN11rN3K+x95i/rrVYgMA0GCSqGSIb3DQEB
+CwUAMBoxGDAWBgNVBAMMD2xvZ2luLnRzdC5raS5zZTAeFw0xNTExMDQxNDI4MDNa
+Fw0zNTExMDQxNDI4MDNaMBoxGDAWBgNVBAMMD2xvZ2luLnRzdC5raS5zZTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKJ3zTxhdfaqyeZScdvMEST9OtZ8
+DV2qXwakGUN8o2tdxn+zXKcrN0QN1CUsHkQlZ2m3PEEZlpgsp618SBGJVOHsLea8
+v3UxoEtw9BSGWip8xyWKMAhRh7KRmq4K4OqdNlo6M30KuPpPe0ZkI7gA2qR2lVv6
+ybR97uc9DrM8wKJjwYJKaYFeePdU99H4l2bzR6Au3mJ8Dd4Vq4wIPhC0ADvvDzU4
+UfZY/YkqAyroiwPZsaM2o8mspDqnbTOu6lPM4XeKFYKNdDamFVimnYLDKgM81/Ne
+IMv/7Klx5zt1Tf5NZaxgZ/xSXdQQAgQe/emteLIV5bdtIWlmT6O7WUI5QiUCAwEA
+AaNlMGMwHQYDVR0OBBYEFF7LNVAsmm6yfKeW7ViJuMrPTWfHMEIGA1UdEQQ7MDmC
+D2xvZ2luLnRzdC5raS5zZYYmaHR0cHM6Ly9sb2dpbi50c3Qua2kuc2UvaWRwL3No
+aWJib2xldGgwDQYJKoZIhvcNAQELBQADggEBACYeLTIPNFIMCey2yr95YxXdZTzB
+wRAODcgpQGaCPdb+MtyT2a7m/Z3g2bzQvqGgC7er/fv8pXMhpsGuPrgwvQNWXWUA
+l+0EyhfpVZn/KvehtJV911wrqbLh8XVCTL1f+yegjZb927m3i1ctHIRRq5i2xMoC
+xDQRJ2cT1zKmKy/1EaZpJXNvWjt7Jpis7MAa5Upl6bjnYWLfCWwTxnSZ5hVqTU9G
+U5qAm8DQOPhc4+r9NNyiwB159QMR9AcUZNb6YHjqV3vcRQqTL6+UlryQimkERyZO
+jcblqs70JyQRXtd9os7yqr20I31AuUW8esXh7BQI2puRxXgTTfMJyxoPC5s=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.tst.ki.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.tst.ki.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://login.tst.ki.se/idp/profile/Shibboleth/SSO"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://login.tst.ki.se/idp/profile/SAML2/POST/SSO"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.tst.ki.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope regexp="false">ki.se</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDKDCCAhCgAwIBAgIVAMoel+MKpG2xaTjyazTBhaikYRLhMA0GCSqGSIb3DQEB
+CwUAMBoxGDAWBgNVBAMMD2xvZ2luLnRzdC5raS5zZTAeFw0xNTExMDQxNDI4MDRa
+Fw0zNTExMDQxNDI4MDRaMBoxGDAWBgNVBAMMD2xvZ2luLnRzdC5raS5zZTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIsH/cWaST4Ua0YvM2A1IpfWnWS4
+V8gzg8MFWL9vwAyTmg9prTkOzHxVSXpvrXz+Sr9OvAcpG7Qcia7+rS+raRMqaiG+
++3tF932XgCZmq532oSYxFLk/ZssmyHQiUYY/tzC832yoiM8vIHYuQeyaD2i9HdhH
+vS4FLLcP5k4H166wW/uUkRDs/pG2e7uiT6RIhavV3sUIPlzRdkkuYhURcGjpTCsb
+5DRb+FmkRHH61OdLJMkqi7c8z3jmRXBZn+FsENElQPySzaiWJI+XKS8Mn36sFrTM
+gOXEYC3u9H6k3ZdXYVq+Brh0dwaQi7waPt3FJpfYPIDwxOYKtLHrgoS0MzECAwEA
+AaNlMGMwHQYDVR0OBBYEFMi5T4diS2VMxS0jWp5BszYiV96bMEIGA1UdEQQ7MDmC
+D2xvZ2luLnRzdC5raS5zZYYmaHR0cHM6Ly9sb2dpbi50c3Qua2kuc2UvaWRwL3No
+aWJib2xldGgwDQYJKoZIhvcNAQELBQADggEBAErKe5nlDdbds4rre39uKZZXvPuF
++JZ/VvmJJXF7t/YADLYQEhU4ybZOc0MRvGV6IKrmEwXHOpIcD7Uf+T1rvyIKQ24l
+a2qbjZ0/Si4K5V3VHWKw9n1hFxzpBVblRBQKpe3C2/AHtXo42I581Aj4RiMMvdtE
+s6I6mUGkWt+12okiFPkPYkZiKNS44MRH/MpFBRZyq2+16AvarO5TxU8czzuHIaiw
+WWUe6DVFlidT5MLwtVawka9hmB11ck88jfu1I9MuBA3kshE4P3nAZFUSxWBEJVhw
+n8eLCYnUBlf2Tz/qD15v7rjTQgMM5HFL8z5dSdm/ku7V0BGdseke4CKTTWE=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDJzCCAg+gAwIBAgIUNQiQqRF0OWgY/8AQmnbujTqk5pUwDQYJKoZIhvcNAQEL
+BQAwGjEYMBYGA1UEAwwPbG9naW4udHN0LmtpLnNlMB4XDTE1MTEwNDE0MjgwMloX
+DTM1MTEwNDE0MjgwMlowGjEYMBYGA1UEAwwPbG9naW4udHN0LmtpLnNlMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqigba9iKeQgpVTxXDJdR8XY3unuY
+tE4BnM29l3kUIPO17FPURUkhbrl86SeWHE6xPRATi9XHG44o9ACsLyR85FWkeGnj
+o26QqovXOxFn+YDEXIFu2Ier2YxJiL8MWte5n41Wf1poZQb0Sf4o+LOSrVZxd98n
+xzEuCJ93Luf4RxB9l+dfoVK4EDp6AAIJO/sxBmeEYfvNFukp+duyDFdQV1oSWaWg
+TMIqmaPevF4t39YwGCutFpZJyp++jfkixbNHzC75xiFyWfdumMcOs5FYA70rPUEl
+ZgQs1pUZv4qP7VeNNS6QXQyQl86kxMN7XfymgoqLQdHN2e1+JiEsk95kmwIDAQAB
+o2UwYzAdBgNVHQ4EFgQUTvEk7OlxQx65QaRT+nO7cuOY71wwQgYDVR0RBDswOYIP
+bG9naW4udHN0LmtpLnNlhiZodHRwczovL2xvZ2luLnRzdC5raS5zZS9pZHAvc2hp
+YmJvbGV0aDANBgkqhkiG9w0BAQsFAAOCAQEATSLgQWRc05CI6vkw8fCaC4pAYKmu
+uMqAIcKhkaVslYJGRRxnPlEKKvXZeh3QAkqj0RW7o/VFbltsfbOKpmg/h1hp110Q
+EdFRvAfpycCvKp7BnJa4mJ9RD0/PwuyeZ6IMg4hGt82gsgRbWJsCb6lYwj8i0ZIu
+N8jxHT9GPA1BezK2+iC7x/UZXuPzI+/AfRMchBzStgau9H+MsP1mXi1SIm+iqaRA
+fyNTnKTNyov83sU5fX101h10Qp9rW7Im/Ol1zZefMdOc4rsSYi8zSlaPWuIPz9nu
+MrwNBQ4u5RUrJQQCdmBSr/Iw8h4zKUYeAXW+LvaMoyY8uIN3mAq1wle+3A==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDKDCCAhCgAwIBAgIVAN0l6j5eWkN11rN3K+x95i/rrVYgMA0GCSqGSIb3DQEB
+CwUAMBoxGDAWBgNVBAMMD2xvZ2luLnRzdC5raS5zZTAeFw0xNTExMDQxNDI4MDNa
+Fw0zNTExMDQxNDI4MDNaMBoxGDAWBgNVBAMMD2xvZ2luLnRzdC5raS5zZTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKJ3zTxhdfaqyeZScdvMEST9OtZ8
+DV2qXwakGUN8o2tdxn+zXKcrN0QN1CUsHkQlZ2m3PEEZlpgsp618SBGJVOHsLea8
+v3UxoEtw9BSGWip8xyWKMAhRh7KRmq4K4OqdNlo6M30KuPpPe0ZkI7gA2qR2lVv6
+ybR97uc9DrM8wKJjwYJKaYFeePdU99H4l2bzR6Au3mJ8Dd4Vq4wIPhC0ADvvDzU4
+UfZY/YkqAyroiwPZsaM2o8mspDqnbTOu6lPM4XeKFYKNdDamFVimnYLDKgM81/Ne
+IMv/7Klx5zt1Tf5NZaxgZ/xSXdQQAgQe/emteLIV5bdtIWlmT6O7WUI5QiUCAwEA
+AaNlMGMwHQYDVR0OBBYEFF7LNVAsmm6yfKeW7ViJuMrPTWfHMEIGA1UdEQQ7MDmC
+D2xvZ2luLnRzdC5raS5zZYYmaHR0cHM6Ly9sb2dpbi50c3Qua2kuc2UvaWRwL3No
+aWJib2xldGgwDQYJKoZIhvcNAQELBQADggEBACYeLTIPNFIMCey2yr95YxXdZTzB
+wRAODcgpQGaCPdb+MtyT2a7m/Z3g2bzQvqGgC7er/fv8pXMhpsGuPrgwvQNWXWUA
+l+0EyhfpVZn/KvehtJV911wrqbLh8XVCTL1f+yegjZb927m3i1ctHIRRq5i2xMoC
+xDQRJ2cT1zKmKy/1EaZpJXNvWjt7Jpis7MAa5Upl6bjnYWLfCWwTxnSZ5hVqTU9G
+U5qAm8DQOPhc4+r9NNyiwB159QMR9AcUZNb6YHjqV3vcRQqTL6+UlryQimkERyZO
+jcblqs70JyQRXtd9os7yqr20I31AuUW8esXh7BQI2puRxXgTTfMJyxoPC5s=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.tst.ki.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.tst.ki.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+ </AttributeAuthorityDescriptor>
+</EntityDescriptor>
diff --git a/swamid-edugain-idp-1.0.mxml b/swamid-edugain-idp-1.0.mxml
index a09ca97d..8d920bc8 100644
--- a/swamid-edugain-idp-1.0.mxml
+++ b/swamid-edugain-idp-1.0.mxml
@@ -49,4 +49,5 @@
<xi:include href="swamid-2.0/login.idp.eduid.se-idp.xml.xml"/>
<xi:include href="swamid-2.0/idp.sics.se-idp-shibboleth.xml"/>
<xi:include href="swamid-2.0/idp.kkh.se-idp-shibboleth.xml"/>
+ <xi:include href="swamid-2.0/login.ki.se-idp-shibboleth.xml"/>
</md:EntitiesDescriptor>
diff --git a/swamid-testing-idp-1.0.mxml b/swamid-testing-idp-1.0.mxml
index cb168875..7a43078e 100644
--- a/swamid-testing-idp-1.0.mxml
+++ b/swamid-testing-idp-1.0.mxml
@@ -47,4 +47,5 @@
<xi:include href="swamid-2.0/idpsimplesaml.irf.se-simplesaml-saml2-idp-metadata.php.xml"/>
<xi:include href="swamid-2.0/ls00002.ad.mah.se-idp-shibboleth.xml"/>
<xi:include href="swamid-2.0/idp.fhs.se-swamid.xml"/>
+ <xi:include href="swamid-2.0/login.tst.ki.se-ipd-shibboleth.xml"/>
</EntitiesDescriptor>