summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLeif Johansson <leifj@sunet.se>2016-06-09 14:41:48 +0200
committerLeif Johansson <leifj@sunet.se>2016-06-09 14:41:48 +0200
commit7c085dbede3432e991b953cdd913ef655b6e5660 (patch)
treef3fca60e963ba84714ab2a45787db6585a1e6f61
parent376f39703abf69cb49e8abeb272867d739685f0c (diff)
parent11edf6dc9e575f1da4d5df94f2d51822cac606de (diff)
Merge branch 'master' of md-master.swamid.se:swamid-metadata
Diffstat
-rw-r--r--Makefile101
-rwxr-xr-xscripts/aggregate.sh2
-rwxr-xr-xscripts/verify-uiinfo-urls.sh16
-rw-r--r--swamid-2.0/dev.play.smdb.kb.se.xml47
-rw-r--r--swamid-2.0/idp.mdh.se-idp-shibboleth.xml62
-rw-r--r--swamid-idp-2.0.mxml1
-rw-r--r--swamid-sp-2.0.mxml1
-rw-r--r--swamid-testing-idp-1.0.mxml1
8 files changed, 175 insertions, 56 deletions
diff --git a/Makefile b/Makefile
index 2648c01f..9aed3844 100644
--- a/Makefile
+++ b/Makefile
@@ -84,11 +84,10 @@ swamid-externals-sp-2.0.xml: swamid-externals-2.0.mxml
test: clean dependencies schematest
-pedantic: clean dependencies schematest refedsRnS geantCoCo
+pedantic: clean dependencies schematest testRefedsRnS testGeantCoCo
schematest:
- @for x in $(MXML); do xmllint --xinclude --nowarning --noout --path schema --schema schema.xsd $$x 2>&1 ; done | sed 's/fails to validate/&/;s/validates/&/'
- @for x in $(MXML); do xmllint --xinclude --nowarning --noout --path schema --schema schema.xsd $$x > /dev/null 2>&1 || exit 1 ; done
+ @for x in $(MXML); do test=`xmllint --xinclude --nowarning --noout --path schema --schema schema.xsd $$x 2>&1`; rc=$$?; echo $$test | sed 's/fails to validate/&/;s/validates/&/'; if [ $$rc -gt 0 ]; then exit 1; fi; done
clean:
@rm -f *.xml *.tbs *.n
@@ -96,75 +95,97 @@ clean:
tidy:
@for x in `find $(SRCDIRS) -name \*.xml`; do xsltproc xslt/clean-entitydescriptor.xsl $$x > $$x.c && mv $$x.c $$x; done
-refedsRnS:
- @echo "Checking for refeds R&S compatibillity"
- @for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l SPSSODescriptor` ; do \
+testRefedsRnS:
+ @echo "Checking for refeds R&S compatibillity for entities exported to eduGAIN"
+ @for x in `cat swamid-edugain-*.mxml | grep -v "\.mxml$$" | grep "xi:include" | awk -F\" '{print $$2}' | xargs grep -l SPSSODescriptor` ; do \
got_refeds_RnS=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/Extensions/EntityAttributes" - 2>/dev/null | grep 'http://refeds.org/category/research-and-scholarship'` ; \
if [ -n "$$got_refeds_RnS" ] ; then \
http_post=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/SPSSODescriptor/AssertionConsumerService" - 2>/dev/null | grep 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'` ; \
- if [ -z "$$http_post" ] ; then echo "$$x: Missing HTTP-POST binding." ; fi ; \
+ if [ -z "$$http_post" ] ; then echo " $$x: Missing HTTP-POST binding." | sed 's/.*/&/' ; fi ; \
mdui_DisplayName=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/SPSSODescriptor/Extensions/UIInfo/DisplayName" - 2>/dev/null | grep 'DisplayName'` ; \
- if [ -z "$$mdui_DisplayName" ] ; then echo "$$x: Missing mdui:DisplayName." ; fi ; \
+ if [ -z "$$mdui_DisplayName" ] ; then echo " $$x: Missing mdui:DisplayName." | sed 's/.*/&/' ; fi ; \
mdui_InformationURL=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/SPSSODescriptor/Extensions/UIInfo/InformationURL" - 2>/dev/null | grep 'InformationURL'` ; \
- if [ -z "$$mdui_InformationURL" ] ; then echo "$$x: Missing mdui:InformationURL." ; fi ; \
+ if [ -z "$$mdui_InformationURL" ] ; then echo " $$x: Missing mdui:InformationURL." | sed 's/.*/&/' ; fi ; \
tech_contact=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/ContactPerson[@contactType='technical']" - 2>/dev/null | grep 'EmailAddress'` ; \
- if [ -z "$$tech_contact" ] ; then echo "$$x: Missing ContactPerson contactType='technical'." ; fi ; \
+ if [ -z "$$tech_contact" ] ; then echo " $$x: Missing ContactPerson contactType='technical'." | sed 's/.*/&/' ; fi ; \
requested_attributes=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/SPSSODescriptor/AttributeConsumingService" - 2>/dev/null | grep 'RequestedAttribute'` ; \
- if [ -z "$$requested_attributes" ] ; then echo "$$x: Missing requested attributes." ; fi ; \
+ if [ -z "$$requested_attributes" ] ; then echo " $$x: Missing requested attributes." | sed 's/.*/&/' ; fi ; \
fi ; \
- done | grep . && exit 1 || true
+ done
-geantCoCo:
- @echo "Checking for Geant CoCo compliance"
- @for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l SPSSODescriptor` ; do \
+testGeantCoCo:
+ @echo "Checking for Geant CoCo compliance for entities exported to eduGAIN"
+ @for x in `cat swamid-edugain-*.mxml | grep -v "\.mxml$$" | grep "xi:include" | awk -F\" '{print $$2}' | xargs grep -l SPSSODescriptor` ; do \
got_geant_CoCo=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/Extensions/EntityAttributes" - 2>/dev/null | grep 'http://www.geant.net/uri/dataprotection-code-of-conduct/v1'` ; \
if [ -n "$$got_geant_CoCo" ] ; then \
mdui_check=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/SPSSODescriptor/Extensions/UIInfo" - 2>/dev/null` ; \
if [ -z "$$mdui_check" ] ; then \
- echo "$$x: Missing MDUI." ; \
+ echo " $$x: Missing MDUI." | sed 's/.*/&/' ; \
else \
mdui_DisplayName=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/SPSSODescriptor/Extensions/UIInfo/DisplayName" - 2>/dev/null | grep 'DisplayName'` ; \
- if [ -z "$$mdui_DisplayName" ] ; then echo "$$x: Missing mdui:DisplayName." ; fi ; \
+ if [ -z "$$mdui_DisplayName" ] ; then echo " $$x: Missing mdui:DisplayName." | sed 's/.*/&/' ; fi ; \
mdui_Descr=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/SPSSODescriptor/Extensions/UIInfo/DisplayName" - 2>/dev/null | grep 'DisplayName'` ; \
- if [ -z "$$mdui_Descr" ] ; then echo "$$x: Missing mdui:Description." ; fi ; \
+ if [ -z "$$mdui_Descr" ] ; then echo " $$x: Missing mdui:Description." | sed 's/.*/&/' ; fi ; \
for y in `cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/SPSSODescriptor/Extensions/UIInfo" - | grep -v "UIInfo" | awk '{print $$1}' | cut -c2- | sort -u` ; do \
mdui_Test=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/SPSSODescriptor/Extensions/UIInfo/$$y" - 2>/dev/null | grep $$y | grep 'xml:lang="en"'` ; \
- if [ -z "$$mdui_Test" ] ; then echo "$$x: Missing xml:lang=\"en\" on mdui:$$y." ; fi ; \
+ if [ -z "$$mdui_Test" ] ; then echo " $$x: Missing xml:lang=\"en\" on mdui:$$y." | sed 's/.*/&/' ; fi ; \
done ; \
+ mdui_PrivacyStatementURL=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/SPSSODescriptor/Extensions/UIInfo/PrivacyStatementURL" - 2>/dev/null | grep 'PrivacyStatementURL'` ; \
+ if [ -z "$$mdui_PrivacyStatementURL" ] ; then echo " $$x: Missing PrivacyStatementURL." | sed 's/.*/&/' ; \
+ else \
+ echo $$mdui_PrivacyStatementURL | sed 's/></>\n</g' | sed 's/.*\ \(xml:lang=.*\)>\(.*\)<.*/\1 \2/' | while read lang url ; do wget --timeout=5 -t 1 -q -O - $$url | grep http://www.geant.net/uri/dataprotection-code-of-conduct/v1 -q || echo " $$x missing link to geant.net in PrivacyStatementURL $$lang" | sed 's/.*/&/' ; done ; \
+ fi ; \
fi ; \
requestedAttribute=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/SPSSODescriptor/AttributeConsumingService/RequestedAttribute" - 2>/dev/null | grep 'RequestedAttribute'` ; \
- if [ -z "$$requestedAttribute" ] ; then echo "$$x: Missing RequestedAttribute." ; fi ; \
+ if [ -z "$$requestedAttribute" ] ; then echo " $$x: Missing RequestedAttribute." | sed 's/.*/&/' ; fi ; \
fi ; \
- done | grep . && exit 1 || true
+ done
+
-committest: test
+testMDUI:
@echo "Checking for bad lang codes"
- @for x in swamid-2.0/*.xml ; do bad_langs=`cat $$x | sed -n 's/.*xml:lang="\([^"]*\)".*/\1/p' | sort -u | grep -vxE 'cs|da|de|en|fi|fr|it|sv'` ; if [ -n "$$bad_langs" ] ; then echo " $$x: `echo $$bad_langs`" ; fi ; done | grep . && exit 1 || true
+ @for x in swamid-2.0/*.xml ; do bad_langs=`cat $$x | sed -n 's/.*xml:lang="\([^"]*\)".*/\1/p' | sort -u | grep -vxE 'cs|da|de|en|fi|fr|it|sv'` ; if [ -n "$$bad_langs" ] ; then echo " $$x: `echo $$bad_langs`" | sed 's/.*/&/' ; fi ; done
@echo "Check for mismatch between MDUI DisplayName and OrganizationDisplayName"
- @for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l IDPSSODescriptor` ; do for lang in `cat swamid-2.0/*.xml | sed -n 's/.*xml:lang="\([^"]*\)".*/\1/p' | sort -u` ; do mdui_displayname=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor//UIInfo/DisplayName[@xml:lang='$$lang']" - 2>/dev/null | sed 's/^[ ]*//;s/[ ]*$$//' | tr -d '\n' | sed 's;<[^>]*>\([^<]*\)</[^>]*>;\1\n;g'` organizationdisplayname=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/Organization/OrganizationDisplayName[@xml:lang='$$lang']" - 2>/dev/null | sed 's/^[ ]*//;s/[ ]*$$//' | tr -d '\n' | sed 's;<[^>]*>\([^<]*\)</[^>]*>;\1\n;g'` ; if [ -n "$$mdui_displayname" -a -n "$$organizationdisplayname" -a "$$mdui_displayname" != "$$organizationdisplayname" ] ; then echo "$$x: $$lang '$$mdui_displayname' vs $$lang '$$organizationdisplayname'" ; fi ; done ; done | grep . && exit 1 || true
- @echo "Checking for uniq IdP OrganizationDisplayName"
- @for lang in `cat swamid-2.0/*.xml | sed -n 's/.*xml:lang="\([^"]*\)".*/\1/p' | sort -u` ; do for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l IDPSSODescriptor` ; do cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/Organization/OrganizationDisplayName[@xml:lang='$$lang']" - 2>/dev/null | sed 's/^[ ]*//;s/[ ]*$$//' | tr -d '\n' | sed 's;<[^>]*>\([^<]*\)</[^>]*>;\1\n;g' | sed "s;^; $$x $$lang ;" ; done | sort -k 3 | uniq -D -f 2 ; done #| grep . && exit 1 || true
+ @for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l IDPSSODescriptor` ; do for lang in `cat $$x | sed -n 's/.*xml:lang="\(..\)".*/\1/p' | sort -u` ; do mdui_displayname=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor//UIInfo/DisplayName[@xml:lang='$$lang']" - 2>/dev/null | sed 's/^[ ]*//;s/[ ]*$$//' | tr -d '\n' | sed 's;<[^>]*>\([^<]*\)</[^>]*>;\1\n;g'` organizationdisplayname=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/Organization/OrganizationDisplayName[@xml:lang='$$lang']" - 2>/dev/null | sed 's/^[ ]*//;s/[ ]*$$//' | tr -d '\n' | sed 's;<[^>]*>\([^<]*\)</[^>]*>;\1\n;g'` ; if [ -n "$$mdui_displayname" -a -n "$$organizationdisplayname" -a "$$mdui_displayname" != "$$organizationdisplayname" ] ; then echo "$$x: $$lang '$$mdui_displayname' vs $$lang '$$organizationdisplayname'" | sed 's/.*/&/'; fi ; done ; done
@echo "Checking for uniq IdP MDUI DisplayName"
- @for lang in `cat swamid-2.0/*.xml | sed -n 's/.*xml:lang="\([^"]*\)".*/\1/p' | sort -u` ; do for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l IDPSSODescriptor` ; do cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/IDPSSODescriptor/Extensions/UIInfo/DisplayName[@xml:lang='$$lang']" - 2>/dev/null | sed 's/^[ ]*//;s/[ ]*$$//' | tr -d '\n' | sed 's;<[^>]*>\([^<]*\)</[^>]*>;\1\n;g' | sed "s;^; $$x $$lang ;" ; done | sort -k 3 | uniq -D -f 2 ; done #| grep . && exit 1 || true
+ @for lang in `cat swamid-2.0/*.xml | sed -n 's/.*xml:lang="\([^"]*\)".*/\1/p' | sort -u` ; do for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l IDPSSODescriptor` ; do cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/IDPSSODescriptor/Extensions/UIInfo/DisplayName[@xml:lang='$$lang']" - 2>/dev/null | sed 's/^[ ]*//;s/[ ]*$$//' | tr -d '\n' | sed 's;<[^>]*>\([^<]*\)</[^>]*>;\1\n;g' | sed "s;^; $$x $$lang ;" | sed 's/.*/&/' ; done | sort -k 3 | uniq -D -f 2 ; done #| grep . && exit 1 || true
+ @echo "Checking for invalid IPHint"
+ @for x in `find $(SRCDIRS) -name \*.xml`; do if cat $$x | sed -n 's;.*<[a-z0-9:]*IPHint>\(.*\)</[a-z0-9:]*IPHint>;\1;p' | grep -q -vE '^$$|^[0-9./a-fA-F:]*$$' ; then echo " $$x" | sed 's/.*/&/' ; fi ; done
+ @echo "Checking for invalid geodata (syntax is geo:xx.yy,zz.vv)"
+ @for x in `find $(SRCDIRS) -name \*.xml`; do if cat $$x | sed -n 's;.*<[a-z0-9:]*GeolocationHint>\(.*\)</[a-z0-9:]*GeolocationHint>;\1;p' | grep -q -vE '^$$|^geo:[0-9][0-9][0-9.]*,[0-9][0-9][0-9.]*$$' ; then echo " $$x" | sed 's/.*/&/' ; fi ; done
+ @echo "Check for IdP:s with Logos over http"
+ @for x in `find $(SRCDIRS) -name \*.xml`; do if cat $$x | sed -n '/IDPSSODescriptor/,/\/IDPSSODescriptor/p' | grep -q 'Logo .*http://' ; then echo " $$x" | sed 's/.*/&/' ; fi ; done
+
+testMDUIreach:
+ @echo "Check that MDUI URLs are reachable"
+ @cat swamid-idp-2.0.mxml swamid-sp-2.0.mxml swamid-externals-sp-2.0.xml | grep -v "\.mxml$$" | grep "xi:include" | awk -F\" '{print $$2}' | \
+ xargs -n1 -P 10 scripts/verify-uiinfo-urls.sh
+
+testOrgData:
+ @echo "Checking for uniq IdP OrganizationDisplayName"
+ @for lang in `cat swamid-2.0/*.xml | sed -n 's/.*xml:lang="\(..\)".*/\1/p' | sort -u` ; do for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l IDPSSODescriptor` ; do cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/Organization/OrganizationDisplayName[@xml:lang='$$lang']" - 2>/dev/null | sed 's/^[ ]*//;s/[ ]*$$//' | tr -d '\n' | sed 's;<[^>]*>\([^<]*\)</[^>]*>;\1\n;g' | sed "s;^;$$x $$lang ;" | sed 's/.*/\ \ &/' ; done | sort -k 3 | uniq -D -f 2 ; done
+
+testEntCat:
@echo "Checking for entity-categories in SPSSODescriptors that should be moved to EntityDescriptor/Extensions"
- @for x in `find $(SRCDIRS) -name \*.xml`; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath /EntityDescriptor/SPSSODescriptor/Extensions/EntityAttributes - 2>/dev/null | grep -q entity-category ; then echo " $$x" ; fi ; done | grep . && exit 1 || true
+ @for x in `find $(SRCDIRS) -name \*.xml`; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath /EntityDescriptor/SPSSODescriptor/Extensions/EntityAttributes - 2>/dev/null | grep -q entity-category ; then echo " $$x" | sed 's/.*/&/' ; fi ; done
@echo "Checking for entity-categories in IDPSSODescriptor that should be moved to EntityDescriptor/Extensions"
- @for x in `find $(SRCDIRS) -name \*.xml`; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath /EntityDescriptor/IDPSSODescriptor/Extensions/EntityAttributes - 2>/dev/null | grep -q entity-category ; then echo " $$x" ; fi ; done | grep . && exit 1 || true
+ @for x in `find $(SRCDIRS) -name \*.xml`; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath /EntityDescriptor/IDPSSODescriptor/Extensions/EntityAttributes - 2>/dev/null | grep -q entity-category ; then echo " $$x" | sed 's/.*/&/' ; fi ; done
@echo "Checking for MDUI in EntityDescriptor/Extensions"
- @for x in `find $(SRCDIRS) -name \*.xml`; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath /EntityDescriptor/Extensions/UIInfo - 2>/dev/null | grep -q . ; then echo " $$x" ; fi ; done | grep . && exit 1 || true
+ @for x in `find $(SRCDIRS) -name \*.xml`; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath /EntityDescriptor/Extensions/UIInfo - 2>/dev/null | grep -q . ; then echo " $$x" | sed 's/.*/&/' ; fi ; done
@echo "Checking for entitycategories for IdPs that should be entity-category-support"
- @for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l IDPSSODescriptor` ; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath '/EntityDescriptor/Extensions/EntityAttributes/Attribute[attribute::Name="http://macedir.org/entity-category"]/AttributeValue/text()' - 2>/dev/null | grep -q http://refeds.org/category/research-and-scholarship ; then echo " $$x" ; fi ; done | grep . && exit 1 || true
- @echo "Checking for invalid IPHint"
- @for x in `find $(SRCDIRS) -name \*.xml`; do if cat $$x | sed -n 's;.*<[a-z0-9:]*IPHint>\(.*\)</[a-z0-9:]*IPHint>;\1;p' | grep -q -vE '^$$|^[0-9./a-fA-F:]*$$' ; then echo " $$x" ; fi ; done | grep . && exit 1 || true
- @echo "Checking for invalid geodata (syntax is geo:xx.yy,zz.vv)"
- @for x in `find $(SRCDIRS) -name \*.xml`; do if cat $$x | sed -n 's;.*<[a-z0-9:]*GeolocationHint>\(.*\)</[a-z0-9:]*GeolocationHint>;\1;p' | grep -q -vE '^$$|^geo:[0-9][0-9][0-9.]*,[0-9][0-9][0-9.]*$$' ; then echo " $$x" ; fi ; done | grep . && exit 1 || true
+ @for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l IDPSSODescriptor` ; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath '/EntityDescriptor/Extensions/EntityAttributes/Attribute[attribute::Name="http://macedir.org/entity-category"]/AttributeValue/text()' - 2>/dev/null | grep -q http://refeds.org/category/research-and-scholarship ; then echo " $$x" | sed 's/.*/&/' ; fi ; done
+
+testSimpleSign:
@echo "Check for new SP:s with SimpleSign (breaks ADFS IdP:s with Shib SP 2.5+)"
- @for x in `find $(SRCDIRS) -name \*.xml`; do if ! grep -qx `basename $$x` sp-with-simplesign && grep -q HTTP-POST-SimpleSign $$x ; then echo " $$x" ; fi ; done | grep . && exit 1 || true
+ @for x in `find $(SRCDIRS) -name \*.xml`; do if ! grep -qx `basename $$x` sp-with-simplesign && grep -q HTTP-POST-SimpleSign $$x ; then echo " $$x" | sed 's/.*/&/' ; fi ; done
+
+testALlevel:
@echo "Check for IdP:s with AL2 without AL1"
- @for x in `find $(SRCDIRS) -name \*.xml`; do if grep -q http://www.swamid.se/policy/assurance/al2 $$x && ! grep -q http://www.swamid.se/policy/assurance/al1 $$x ; then echo " $$x" ; fi ; done | grep . && exit 1 || true
- @echo "Check for IdP:s with Logos over http"
- @for x in `find $(SRCDIRS) -name \*.xml`; do if cat $$x | sed -n '/IDPSSODescriptor/,/\/IDPSSODescriptor/p' | grep -q 'Logo .*http://' ; then echo " $$x" ; fi ; done #| grep . && exit 1 || true
-
+ @for x in `find $(SRCDIRS) -name \*.xml`; do if grep -q http://www.swamid.se/policy/assurance/al2 $$x && ! grep -q http://www.swamid.se/policy/assurance/al1 $$x ; then echo " $$x" | sed 's/.*/&/' ; fi ; done
+
+committest: test testMDUI testOrgData testEntCat testSimpleSign testALlevel testRefedsRnS testGeantCoCo
+
+deeptest: committest testMDUIreach
commit: tidy committest
@git diff --color || true
diff --git a/scripts/aggregate.sh b/scripts/aggregate.sh
index 5bc3be8c..25763dee 100755
--- a/scripts/aggregate.sh
+++ b/scripts/aggregate.sh
@@ -3,6 +3,8 @@
DIR=`pwd`
ODIR=$1
+rm $ODIR/*.xml
+
grep -v -e '^#' $ODIR/metadata.lst | (while read url cert; do
cfile=""
if [ "x$cert" != "x" ]; then
diff --git a/scripts/verify-uiinfo-urls.sh b/scripts/verify-uiinfo-urls.sh
new file mode 100755
index 00000000..b7e1f40a
--- /dev/null
+++ b/scripts/verify-uiinfo-urls.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+x=$1
+if [ ! -f "$x" ]; then
+ exit
+fi
+
+for i in `cat $x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath /EntityDescriptor//Extensions/UIInfo - 2>/dev/null |grep -E "https?://" | awk -F'[><]' '{print $3}' | sort -u`; do
+ code=`curl -L --connect-timeout 5 --retry 2 -o /dev/null --silent --head --write-out '%{http_code}\n' $i`
+ if [ $code -eq 405 ]; then
+ code=`curl -L --connect-timeout 5 --retry 2 -o /dev/null --silent --write-out '%{http_code}\n' $i`
+ fi
+ if [ $code -ne 200 ]; then
+ echo " Code $code: $x: $i" | sed 's/.*/&/'
+ fi
+done
diff --git a/swamid-2.0/dev.play.smdb.kb.se.xml b/swamid-2.0/dev.play.smdb.kb.se.xml
new file mode 100644
index 00000000..170a2c1d
--- /dev/null
+++ b/swamid-2.0/dev.play.smdb.kb.se.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://dev.play.smdb.kb.se">
+ <md:Extensions>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <samla:AttributeValue>http://www.swamid.se/category/nren-service</samla:AttributeValue>
+ <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+ </samla:Attribute>
+ </mdattr:EntityAttributes>
+ </md:Extensions>
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="sv">Kungliga biblioteket play</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">National Library of Sweden play</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Detta är KBs play tjänst</mdui:Description>
+ <mdui:Description xml:lang="en">This is the National Library of Sweden's streaming service</mdui:Description>
+ </mdui:UIInfo>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEVzCCAz+gAwIBAgIJAOq+2tlkBMfwMA0GCSqGSIb3DQEBBQUAMHoxCzAJBgNVBAYTAlNFMRIwEAYDVQQIEwlTdG9ja2hvbG0xEjAQBgNVBAcTCVN0b2NraG9sbTELMAkGA1UEChMCS0IxCzAJBgNVBAsTAktCMQswCQYDVQQDEwJLQjEcMBoGCSqGSIb3DQEJARYNZGV2ZWxvcEBrYi5zZTAeFw0xNjA2MDkwODEwMDZaFw0yNjA2MDkwODEwMDZaMHoxCzAJBgNVBAYTAlNFMRIwEAYDVQQIEwlTdG9ja2hvbG0xEjAQBgNVBAcTCVN0b2NraG9sbTELMAkGA1UEChMCS0IxCzAJBgNVBAsTAktCMQswCQYDVQQDEwJLQjEcMBoGCSqGSIb3DQEJARYNZGV2ZWxvcEBrYi5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOnv4zK6C1XI303zO7pi4C3318mT+W/G7Qb78uKcolubdNdI7O94bvXZpRYWtbVnEO8tP7mE5trr5OQiYA1zI9sS6pKz4LNzzcs2Q1Sbvw+IJWevwzK7HMX494v/hZkkkFRl5HaWzout0EZe/etApgbd267IdJiTYNmC6IKMR0Sks84i7rZ08FfsRWHp7OCWv+9s4tXN4h0Q2XcYLMqSY80t9Kng0oxqu67ByKGJMi6xBBDjuWSVgNDexPZrFyYNPUX28uY+3gTx5OSvMS002dJWL5yIa/xgjQ0mDm4Lc5GSk2Qrdz/cVlgSkthXpWLMlWg2c/RnTrEEeo8iYGRB7U8CAwEAAaOB3zCB3DAdBgNVHQ4EFgQUZZHmd2PBa2HcGGd3KmEVLs+KEaowgawGA1UdIwSBpDCBoYAUZZHmd2PBa2HcGGd3KmEVLs+KEaqhfqR8MHoxCzAJBgNVBAYTAlNFMRIwEAYDVQQIEwlTdG9ja2hvbG0xEjAQBgNVBAcTCVN0b2NraG9sbTELMAkGA1UEChMCS0IxCzAJBgNVBAsTAktCMQswCQYDVQQDEwJLQjEcMBoGCSqGSIb3DQEJARYNZGV2ZWxvcEBrYi5zZYIJAOq+2tlkBMfwMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAHhOCcoiT8M6aWts+GT5R602ZbfDXHQeBiDz1Fy8ZwQC3551UavmJ+c7NunPrhd6WWVnftRcOK12D5Y6Xu+/cH9ge1Ra0mpOjUCaznMMtTHZto6H1jkAUGIDkdEtuCgHTbsDppVvn2sH7XRZADc9idXgPX+0W+F8nN4GvYCnrC/LeKKUV+6hWDTmU4UiVRRTBiWUGV+qOAF3Rm2tLlJ5zpXG3L1KR4LBq/HzNrs7i/1kL15zDD29ok+Ovy09SHywpopB1QXNjKtL9FNROxv/DjVFyvji+zGXIkNjjqG5WfNvZcmUqg7QthSJbJcDb6mIUiYEEPF7qMgG/Zb3zpbRGEA=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEVzCCAz+gAwIBAgIJAOq+2tlkBMfwMA0GCSqGSIb3DQEBBQUAMHoxCzAJBgNVBAYTAlNFMRIwEAYDVQQIEwlTdG9ja2hvbG0xEjAQBgNVBAcTCVN0b2NraG9sbTELMAkGA1UEChMCS0IxCzAJBgNVBAsTAktCMQswCQYDVQQDEwJLQjEcMBoGCSqGSIb3DQEJARYNZGV2ZWxvcEBrYi5zZTAeFw0xNjA2MDkwODEwMDZaFw0yNjA2MDkwODEwMDZaMHoxCzAJBgNVBAYTAlNFMRIwEAYDVQQIEwlTdG9ja2hvbG0xEjAQBgNVBAcTCVN0b2NraG9sbTELMAkGA1UEChMCS0IxCzAJBgNVBAsTAktCMQswCQYDVQQDEwJLQjEcMBoGCSqGSIb3DQEJARYNZGV2ZWxvcEBrYi5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOnv4zK6C1XI303zO7pi4C3318mT+W/G7Qb78uKcolubdNdI7O94bvXZpRYWtbVnEO8tP7mE5trr5OQiYA1zI9sS6pKz4LNzzcs2Q1Sbvw+IJWevwzK7HMX494v/hZkkkFRl5HaWzout0EZe/etApgbd267IdJiTYNmC6IKMR0Sks84i7rZ08FfsRWHp7OCWv+9s4tXN4h0Q2XcYLMqSY80t9Kng0oxqu67ByKGJMi6xBBDjuWSVgNDexPZrFyYNPUX28uY+3gTx5OSvMS002dJWL5yIa/xgjQ0mDm4Lc5GSk2Qrdz/cVlgSkthXpWLMlWg2c/RnTrEEeo8iYGRB7U8CAwEAAaOB3zCB3DAdBgNVHQ4EFgQUZZHmd2PBa2HcGGd3KmEVLs+KEaowgawGA1UdIwSBpDCBoYAUZZHmd2PBa2HcGGd3KmEVLs+KEaqhfqR8MHoxCzAJBgNVBAYTAlNFMRIwEAYDVQQIEwlTdG9ja2hvbG0xEjAQBgNVBAcTCVN0b2NraG9sbTELMAkGA1UEChMCS0IxCzAJBgNVBAsTAktCMQswCQYDVQQDEwJLQjEcMBoGCSqGSIb3DQEJARYNZGV2ZWxvcEBrYi5zZYIJAOq+2tlkBMfwMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAHhOCcoiT8M6aWts+GT5R602ZbfDXHQeBiDz1Fy8ZwQC3551UavmJ+c7NunPrhd6WWVnftRcOK12D5Y6Xu+/cH9ge1Ra0mpOjUCaznMMtTHZto6H1jkAUGIDkdEtuCgHTbsDppVvn2sH7XRZADc9idXgPX+0W+F8nN4GvYCnrC/LeKKUV+6hWDTmU4UiVRRTBiWUGV+qOAF3Rm2tLlJ5zpXG3L1KR4LBq/HzNrs7i/1kL15zDD29ok+Ovy09SHywpopB1QXNjKtL9FNROxv/DjVFyvji+zGXIkNjjqG5WfNvZcmUqg7QthSJbJcDb6mIUiYEEPF7qMgG/Zb3zpbRGEA=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://dev.play.smdb.kb.se/user/logout"/>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dev.play.smdb.kb.se/user/authenticate" index="0"/>
+ </md:SPSSODescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">SMDB Play (DEV)</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="en">SMDB Play (DEV)</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">https://dev.play.smdb.kb.se</md:OrganizationURL>
+ </md:Organization>
+ <md:ContactPerson contactType="technical">
+ <md:SurName>Administrator</md:SurName>
+ <md:EmailAddress>saml_admin@kaltura.com</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/idp.mdh.se-idp-shibboleth.xml b/swamid-2.0/idp.mdh.se-idp-shibboleth.xml
index 44a9f6e9..f831711e 100644
--- a/swamid-2.0/idp.mdh.se-idp-shibboleth.xml
+++ b/swamid-2.0/idp.mdh.se-idp-shibboleth.xml
@@ -1,18 +1,33 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!--
- This is example metadata only. Do *NOT* supply it as is without review,
- and do *NOT* provide it in real time to your partners.
-
- This metadata is not dynamic - it will not change as your configuration changes.
--->
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://idp.mdh.se/idp/shibboleth">
+ <Extensions>
+ <attr:EntityAttributes xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <saml:AttributeValue>http://refeds.org/category/hide-from-discovery</saml:AttributeValue>
+ </saml:Attribute>
+ </attr:EntityAttributes>
+ </Extensions>
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
<Extensions>
<shibmd:Scope regexp="false">mdh.se</shibmd:Scope>
<mdui:UIInfo>
- <mdui:DisplayName xml:lang="en">A Name for the IdP at idp.mdh.se</mdui:DisplayName>
- <mdui:Description xml:lang="en">Enter a description of your IdP at idp.mdh.se</mdui:Description>
+ <mdui:DisplayName xml:lang="sv">Mälardalens Högskola (ny)</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Mälardalen University (new)</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Identity Provider för anställda och studenter vid Mälardalens högskola.</mdui:Description>
+ <mdui:Description xml:lang="en">The Mälardalen University Identity Provider is used by employees and students at the university.</mdui:Description>
+ <mdui:InformationURL xml:lang="sv">http://www.mdh.se</mdui:InformationURL>
+ <mdui:InformationURL xml:lang="en">http://www.mdh.se</mdui:InformationURL>
+ <mdui:Logo height="117" width="216">https://idp.mdh.se/idp/images/logo-sv.png</mdui:Logo>
+ <mdui:Logo xml:lang="sv" height="117" width="216">https://idp.mdh.se/idp/images/logo-sv.png</mdui:Logo>
+ <mdui:Logo xml:lang="en" height="117" width="216">https://idp.mdh.se/idp/images/logo-en.png</mdui:Logo>
+ <mdui:Keywords xml:lang="sv">mdh vasteras eskilstuna malardalen malardalen+university malardalens+hogskola mälardalens+högskola</mdui:Keywords>
+ <mdui:Keywords xml:lang="en">mdh vasteras eskilstuna malardalen malardalen+university malardalens+hogskola mälardalens+högskola</mdui:Keywords>
</mdui:UIInfo>
+ <mdui:DiscoHints>
+ <mdui:DomainHint>mdh.se</mdui:DomainHint>
+ <mdui:GeolocationHint>geo:59.6186,16.5407</mdui:GeolocationHint>
+ <mdui:GeolocationHint>geo:59.3716,16.5085</mdui:GeolocationHint>
+ </mdui:DiscoHints>
</Extensions>
<KeyDescriptor use="signing">
<ds:KeyInfo>
@@ -91,11 +106,6 @@ gJxaftdRQe7zWKOr0S7Lpm02pTSgD9bTPx1RVDuoyIYO0GGn+CF9ADzfOWR4dtJ9
</KeyDescriptor>
<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.mdh.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.mdh.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
- <!--
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.mdh.se/idp/profile/SAML2/Redirect/SLO"/>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.mdh.se/idp/profile/SAML2/POST/SLO"/>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.mdh.se:8443/idp/profile/SAML2/SOAP/SLO"/>
- -->
<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.mdh.se/idp/profile/Shibboleth/SSO"/>
@@ -182,7 +192,29 @@ gJxaftdRQe7zWKOr0S7Lpm02pTSgD9bTPx1RVDuoyIYO0GGn+CF9ADzfOWR4dtJ9
</ds:KeyInfo>
</KeyDescriptor>
<AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.mdh.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
- <!-- <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.mdh.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/> -->
- <!-- If you uncomment the above you should add urn:oasis:names:tc:SAML:2.0:protocol to the protocolSupportEnumeration above -->
</AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MDH</OrganizationName>
+ <OrganizationDisplayName xml:lang="sv">Mälardalens Högskola (ny)</OrganizationDisplayName>
+ <OrganizationDisplayName xml:lang="en">Mälardalen University (new)</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mdh.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <Company>Mälardalen University</Company>
+ <SurName>Peter Falck</SurName>
+ <EmailAddress>mailto:peter.falck@mdh.se</EmailAddress>
+ <TelephoneNumber>+46 21 101499</TelephoneNumber>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <Company>Mälardalen University</Company>
+ <SurName>MDH Drift</SurName>
+ <EmailAddress>mailto:drift.ita@mdh.se</EmailAddress>
+ <TelephoneNumber>+46 21 101499</TelephoneNumber>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <Company>Mälardalen University</Company>
+ <SurName>Helpdesk MDH</SurName>
+ <EmailAddress>mailto:helpdesk@mdh.se</EmailAddress>
+ <TelephoneNumber>+46 16 101550</TelephoneNumber>
+ </ContactPerson>
</EntityDescriptor>
diff --git a/swamid-idp-2.0.mxml b/swamid-idp-2.0.mxml
index 2afa3ec7..c0c669e7 100644
--- a/swamid-idp-2.0.mxml
+++ b/swamid-idp-2.0.mxml
@@ -17,4 +17,5 @@
<xi:include href="swamid-2.0/weblogin.kau.se-idp-shibboleth.xml"/>
<xi:include href="swamid-2.0/livesrv.ex.vr.se-idp-shibboleth.xml"/>
<xi:include href="swamid-2.0/login.fhs.se-adfs-services-trust.xml"/>
+ <xi:include href="swamid-2.0/idp.mdh.se-idp-shibboleth.xml"/>
</md:EntitiesDescriptor>
diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml
index f4fe34ba..5b4fe7b1 100644
--- a/swamid-sp-2.0.mxml
+++ b/swamid-sp-2.0.mxml
@@ -584,4 +584,5 @@
<xi:include href="swamid-2.0/connect-lab.sunet.se-shibboleth.xml"/>
<xi:include href="swamid-2.0/te-id.statenssc.se-adfs-services-trust.xml"/>
<xi:include href="swamid-2.0/id.statenssc.se-adfs-services-trust.xml"/>
+ <xi:include href="swamid-2.0/dev.play.smdb.kb.se.xml"/>
</md:EntitiesDescriptor>
diff --git a/swamid-testing-idp-1.0.mxml b/swamid-testing-idp-1.0.mxml
index 0b7bae79..a997639c 100644
--- a/swamid-testing-idp-1.0.mxml
+++ b/swamid-testing-idp-1.0.mxml
@@ -53,7 +53,6 @@
<xi:include href="swamid-2.0/shibbo3test.ltu.se-idp-shibboleth.xml"/>
<xi:include href="swamid-2.0/idp.hj.se-idp-shibboleth.xml"/>
<xi:include href="swamid-2.0/miunidptest.miun.se-idp-shibboleth.xml"/>
- <xi:include href="swamid-2.0/idp.mdh.se-idp-shibboleth.xml"/>
<xi:include href="swamid-2.0/idp.uhr.se-idp-shibboleth.xml"/>
<xi:include href="swamid-2.0/gihidp02.ihs.se-idp-shibboleth.xml"/>
<xi:include href="swamid-2.0/idp.ita.chalmers.se-idp-shibboleth.xml"/>
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-16 14:48:09 +0000