Add new IdPs for HiG and HiS to production metadata, hidden

author: Paul Scott <paul.scott@kau.se> 2016-11-17 13:52:23 +0100
committer: Paul Scott <paul.scott@kau.se> 2016-11-17 13:52:23 +0100
commit: 51d656cdee6579dc37e5486a075964937aa9d0ea (patch)
tree: 1136516d912f2fd5c632f28faf1147db167c04e4
parent: 846509dccee195ba39a2a7d8e319bfd12d653fa0 (diff)
4 files changed, 105 insertions, 21 deletions
diff --git a/swamid-2.0/idp2.his.se-idp-shibboleth.xml b/swamid-2.0/idp2.his.se-idp-shibboleth.xml
index a31ba2b3..42603a03 100644
--- a/swamid-2.0/idp2.his.se-idp-shibboleth.xml
+++ b/swamid-2.0/idp2.his.se-idp-shibboleth.xml
@@ -1,19 +1,38 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<!--
-     This is example metadata only. Do *NOT* supply it as is without review,
-     and do *NOT* provide it in real time to your partners.
-
-     This metadata is not dynamic - it will not change as your configuration changes.
--->
 <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://idp2.his.se/idp/shibboleth">
+  <Extensions>
+    <attr:EntityAttributes xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute">
+      <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+        <saml:AttributeValue>http://refeds.org/category/hide-from-discovery</saml:AttributeValue>
+      </saml:Attribute>
+    </attr:EntityAttributes>
+  </Extensions>
   <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
     <Extensions>
       <shibmd:Scope regexp="false">his.se</shibmd:Scope>
       <mdui:UIInfo>
-        <mdui:DisplayName xml:lang="en">Shib 3 University of Skövde</mdui:DisplayName>
-        <mdui:Description xml:lang="en">Shib 3 Identity Provider for University of Skövde</mdui:Description>
-        <mdui:Logo height="80" width="80">https://idp2.his.se/idp/images/ny_his_logo.png</mdui:Logo>
+        <mdui:DisplayName xml:lang="sv">Högskolan i Skövde (ny)</mdui:DisplayName>
+        <mdui:DisplayName xml:lang="en">University of Skövde (new)</mdui:DisplayName>
+        <mdui:Description xml:lang="sv">Identity Provider för Högskolan i Skövde</mdui:Description>
+        <mdui:Description xml:lang="en">Identity Provider for University of Skövde</mdui:Description>
+        <mdui:InformationURL xml:lang="sv">http://www.his.se</mdui:InformationURL>
+        <mdui:InformationURL xml:lang="en">http://www.his.se/en/</mdui:InformationURL>
+        <mdui:Logo height="196" width="193">https://idp.his.se/his_eng_rubin.png</mdui:Logo>
+        <mdui:Logo xml:lang="sv" height="196" width="206">https://idp.his.se/his_se_rubin.png</mdui:Logo>
+        <mdui:Logo xml:lang="en" height="196" width="193">https://idp.his.se/his_eng_rubin.png</mdui:Logo>
+        <mdui:Keywords xml:lang="sv">skövde his</mdui:Keywords>
+        <mdui:Keywords xml:lang="en">skövde his</mdui:Keywords>
       </mdui:UIInfo>
+      <mdui:DiscoHints>
+        <mdui:DomainHint>his.se</mdui:DomainHint>
+        <mdui:IPHint>193.10.176.0/21</mdui:IPHint>
+        <mdui:IPHint>193.10.184.0/23</mdui:IPHint>
+        <mdui:IPHint>193.11.96.0/22</mdui:IPHint>
+        <mdui:IPHint>212.25.128.0/23</mdui:IPHint>
+        <mdui:IPHint>212.25.134.0/23</mdui:IPHint>
+        <mdui:GeolocationHint>geo:58.39,13.85</mdui:GeolocationHint>
+        <mdui:GeolocationHint>geo:58.39412,13.85542</mdui:GeolocationHint>
+      </mdui:DiscoHints>
     </Extensions>
     <KeyDescriptor use="signing">
       <ds:KeyInfo>
@@ -92,11 +111,6 @@ lydgJ83mLCTu9Bueh30Fp3aQ64DAHbCABkgW
     </KeyDescriptor>
     <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp2.his.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
     <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp2.his.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
-    <!--
-        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp2.his.se/idp/profile/SAML2/Redirect/SLO"/>
-        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp2.his.se/idp/profile/SAML2/POST/SLO"/>
-        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp2.his.se:8443/idp/profile/SAML2/SOAP/SLO"/>
-        -->
     <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
     <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
     <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp2.his.se/idp/profile/Shibboleth/SSO"/>
@@ -183,7 +197,29 @@ lydgJ83mLCTu9Bueh30Fp3aQ64DAHbCABkgW
       </ds:KeyInfo>
     </KeyDescriptor>
     <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp2.his.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
-    <!-- <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp2.his.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/> -->
-    <!-- If you uncomment the above you should add urn:oasis:names:tc:SAML:2.0:protocol to the protocolSupportEnumeration above -->
   </AttributeAuthorityDescriptor>
+  <Organization>
+    <OrganizationName xml:lang="en">HIS</OrganizationName>
+    <OrganizationDisplayName xml:lang="sv">Högskolan i Skövde (ny)</OrganizationDisplayName>
+    <OrganizationDisplayName xml:lang="en">University of Skövde (new)</OrganizationDisplayName>
+    <OrganizationURL xml:lang="en">http://www.his.se</OrganizationURL>
+  </Organization>
+  <ContactPerson contactType="administrative">
+    <Company>University of Skövde</Company>
+    <SurName>HiS Netadmin</SurName>
+    <EmailAddress>mailto:netadmin@his.se</EmailAddress>
+    <TelephoneNumber>+46 500 448800</TelephoneNumber>
+  </ContactPerson>
+  <ContactPerson contactType="technical">
+    <Company>University of Skövde</Company>
+    <SurName>HiS Netadmin</SurName>
+    <EmailAddress>mailto:netadmin@his.se</EmailAddress>
+    <TelephoneNumber>+46 500 448800</TelephoneNumber>
+  </ContactPerson>
+  <ContactPerson contactType="support">
+    <Company>University of Skövde</Company>
+    <SurName>IT Helpdesk Högskolan i Skövde</SurName>
+    <EmailAddress>mailto:helpdesk@his.se</EmailAddress>
+    <TelephoneNumber>+46 500 448800</TelephoneNumber>
+  </ContactPerson>
 </EntityDescriptor>
diff --git a/swamid-2.0/idp3.hig.se-idp-shibboleth.xml b/swamid-2.0/idp3.hig.se-idp-shibboleth.xml
index 312b4ee9..ffdf049b 100644
--- a/swamid-2.0/idp3.hig.se-idp-shibboleth.xml
+++ b/swamid-2.0/idp3.hig.se-idp-shibboleth.xml
@@ -1,13 +1,37 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://idp3.hig.se/idp/shibboleth">
+  <Extensions>
+    <attr:EntityAttributes xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute">
+      <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+        <saml:AttributeValue>http://www.swamid.se/policy/assurance/al1</saml:AttributeValue>
+      </saml:Attribute>
+      <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+        <saml:AttributeValue>http://refeds.org/category/hide-from-discovery</saml:AttributeValue>
+      </saml:Attribute>
+    </attr:EntityAttributes>
+  </Extensions>
   <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
     <Extensions>
       <shibmd:Scope regexp="false">hig.se</shibmd:Scope>
       <mdui:UIInfo>
-        <mdui:DisplayName xml:lang="en">HiG Test idp3.hig.se</mdui:DisplayName>
-        <mdui:Description xml:lang="en">Enter a description of your IdP at idp3.hig.se</mdui:Description>
-        <mdui:Logo height="80" width="80">https://idp3.hig.se/Path/To/Logo.png</mdui:Logo>
+        <mdui:DisplayName xml:lang="sv">Högskolan i Gävle (ny)</mdui:DisplayName>
+        <mdui:DisplayName xml:lang="en">University of Gävle (new)</mdui:DisplayName>
+        <mdui:Description xml:lang="sv">Identity Provider för anställda och studenter vid Högskolan i Gävle.</mdui:Description>
+        <mdui:Description xml:lang="en">The University of Gävle Identity Provider is used by employees and students at the university.</mdui:Description>
+        <mdui:Logo height="94" width="83">https://webkonto.student.hig.se/head/loggaengelska.png</mdui:Logo>
+        <mdui:Logo xml:lang="sv" height="94" width="83">https://webkonto.student.hig.se/head/logga3.png</mdui:Logo>
+        <mdui:Logo xml:lang="en" height="94" width="83">https://webkonto.student.hig.se/head/loggaengelska.png</mdui:Logo>
+        <mdui:Keywords xml:lang="sv">gävle gavle hig</mdui:Keywords>
+        <mdui:Keywords xml:lang="en">gävle gavle hig</mdui:Keywords>
       </mdui:UIInfo>
+      <mdui:DiscoHints>
+        <mdui:DomainHint>hig.se</mdui:DomainHint>
+        <mdui:IPHint>130.243.0.0/20</mdui:IPHint>
+        <mdui:IPHint>193.11.48.0/20</mdui:IPHint>
+        <mdui:IPHint>193.10.163.0/24</mdui:IPHint>
+        <mdui:IPHint>2001:6b0:23::/48</mdui:IPHint>
+        <mdui:GeolocationHint>geo:60.6692,17.1191</mdui:GeolocationHint>
+      </mdui:DiscoHints>
     </Extensions>
     <KeyDescriptor use="signing">
       <ds:KeyInfo>
@@ -173,4 +197,28 @@ uSUv8QvuQcOa9kYsSNH4o1+qTVp8mrFCghss
     </KeyDescriptor>
     <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp3.hig.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
   </AttributeAuthorityDescriptor>
+  <Organization>
+    <OrganizationName xml:lang="en">HIG</OrganizationName>
+    <OrganizationDisplayName xml:lang="sv">Högskolan i Gävle (ny)</OrganizationDisplayName>
+    <OrganizationDisplayName xml:lang="en">University of Gävle (new)</OrganizationDisplayName>
+    <OrganizationURL xml:lang="en">http://www.hig.se</OrganizationURL>
+  </Organization>
+  <ContactPerson contactType="administrative">
+    <Company>University of Gävle</Company>
+    <SurName>Network Operations</SurName>
+    <EmailAddress>mailto:nat@hig.se</EmailAddress>
+    <TelephoneNumber>+46 26 648500</TelephoneNumber>
+  </ContactPerson>
+  <ContactPerson contactType="technical">
+    <Company>University of Gävle</Company>
+    <SurName>Operations</SurName>
+    <EmailAddress>mailto:nat@hig.se</EmailAddress>
+    <TelephoneNumber>+46 26 648500</TelephoneNumber>
+  </ContactPerson>
+  <ContactPerson contactType="support">
+    <Company>University of Gävle</Company>
+    <SurName>IT Support</SurName>
+    <EmailAddress>mailto:itsupport@hig.se</EmailAddress>
+    <TelephoneNumber>+46 26 648500</TelephoneNumber>
+  </ContactPerson>
 </EntityDescriptor>
diff --git a/swamid-idp-2.0.mxml b/swamid-idp-2.0.mxml
index 6d6735d2..41aa1c39 100644
--- a/swamid-idp-2.0.mxml
+++ b/swamid-idp-2.0.mxml
@@ -15,4 +15,6 @@
   <xi:include href="swamid-2.0/adfs01.fhs.se-adfs-services-trust.xml"/>
   <xi:include href="swamid-2.0/idp.suni.se-adfs-services-trust.xml"/>
   <xi:include href="swamid-2.0/idp2.rkh.se-idp-shibboleth.xml"/>
+  <xi:include href="swamid-2.0/idp3.hig.se-idp-shibboleth.xml"/>
+  <xi:include href="swamid-2.0/idp2.his.se-idp-shibboleth.xml"/>
 </md:EntitiesDescriptor>
diff --git a/swamid-testing-idp-1.0.mxml b/swamid-testing-idp-1.0.mxml
index f3aa6927..781c6e96 100644
--- a/swamid-testing-idp-1.0.mxml
+++ b/swamid-testing-idp-1.0.mxml
@@ -54,12 +54,10 @@
   <xi:include href="swamid-2.0/shib-test02.skolfederation.se-idp-shibboleth.xml"/>
   <xi:include href="swamid-2.0/idp2.it.gu.se-idp-shibboleth.xml"/>
   <xi:include href="swamid-2.0/nya-00.ladok.umu.se-idp-shibboleth.xml"/>
-  <xi:include href="swamid-2.0/idp2.his.se-idp-shibboleth.xml"/>
   <xi:include href="swamid-2.0/weblogin.test.uu.se-idp-shibboleth.xml"/>
   <xi:include href="swamid-2.0/idp01.gih.se-idp-shibboleth.xml"/>
   <xi:include href="swamid-2.0/testswamid.vr.se-idp-shibboleth.xml"/>
   <xi:include href="swamid-2.0/idp2.rkh.se-idp-shibboleth.xml"/>
   <xi:include href="swamid-2.0/weblogin-test.kau.se-idp-shibboleth.xml"/>
-  <xi:include href="swamid-2.0/idp3.hig.se-idp-shibboleth.xml"/>
   <xi:include href="swamid-2.0/rikards-idp.omv.lu.se-idp-shibboleth.xml"/>
 </EntitiesDescriptor>
author	Paul Scott <paul.scott@kau.se>	2016-11-17 13:52:23 +0100
committer	Paul Scott <paul.scott@kau.se>	2016-11-17 13:52:23 +0100
commit	51d656cdee6579dc37e5486a075964937aa9d0ea (patch)
tree	1136516d912f2fd5c632f28faf1147db167c04e4
parent	846509dccee195ba39a2a7d8e319bfd12d653fa0 (diff)