Merge branch 'master' of git.swamid.se:swamid-metadata

author: Leif Johansson <leifj@sunet.se> 2017-07-18 14:16:58 +0200
committer: Leif Johansson <leifj@sunet.se> 2017-07-18 14:16:58 +0200
commit: fa8e8408e2085b637cb5cc9fe88b598a8105c4ac (patch)
tree: eb218c7f8af9ee7ab706edc5f86267a5cb0e8bc4
parent: 31d375500969ff0782ceda4ab386134193a4fe00 (diff)
parent: e752af24f0310a1cabf2b71639cd0659704c8c8d (diff)
7 files changed, 137 insertions, 250 deletions
diff --git a/Makefile b/Makefile
index cbe37e44..08fa8ec3 100644
--- a/Makefile
+++ b/Makefile
@@ -156,7 +156,7 @@ testGeantCoCo:
 
 testMDUI:
 	@echo "Checking for bad lang codes"
-	@for x in swamid-2.0/*.xml ; do bad_langs=`cat $$x | sed -n 's/.*xml:lang="\([^"]*\)".*/\1/p' | sort -u | grep -vxE 'cs|da|de|en|fi|fr|it|sv'` ; if [ -n "$$bad_langs" ] ; then echo "  $$x: `echo $$bad_langs`" | sed 's/.*/[1;31m&[0m/' ; fi ; done
+	@for x in swamid-2.0/*.xml ; do bad_langs=`cat $$x | sed -n 's/.*xml:lang="\([^"]*\)".*/\1/p' | sort -u | grep -vxE 'cs|da|de|en|fi|fr|it|sv'` ; if [ -n "$$bad_langs" ] ; then echo "  $$x: `echo $$bad_langs`" | sed 's/.*/[1;31m&[0m/' ; fi ; done | grep . && exit 1 || exit 0
 	@echo "Check for mismatch between MDUI DisplayName and OrganizationDisplayName"
 	@for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l IDPSSODescriptor` ; do for lang in `cat $$x | sed -n 's/.*xml:lang="\(..\)".*/\1/p' | sort -u` ; do mdui_displayname=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor//UIInfo/DisplayName[@xml:lang='$$lang']" - 2>/dev/null | sed 's/^[ 	]*//;s/[ 	]*$$//' | tr -d '\n' | sed 's;<[^>]*>\([^<]*\)</[^>]*>;\1\n;g'` organizationdisplayname=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/Organization/OrganizationDisplayName[@xml:lang='$$lang']" - 2>/dev/null | sed 's/^[ 	]*//;s/[ 	]*$$//' | tr -d '\n' | sed 's;<[^>]*>\([^<]*\)</[^>]*>;\1\n;g'` ; if [ -n "$$mdui_displayname" -a -n "$$organizationdisplayname" -a "$$mdui_displayname" != "$$organizationdisplayname" ] ; then echo "$$x: $$lang '$$mdui_displayname' vs $$lang '$$organizationdisplayname'" | sed 's/.*/[1;31m&[0m/'; fi ; done ; done | grep . && exit 1 || true
 	@echo "Checking for uniq IdP MDUI DisplayName"
@@ -168,6 +168,10 @@ testMDUI:
 	@echo "Check for IdP:s with Logos over http"
 	@for x in `find $(SRCDIRS) -name \*.xml`; do if cat $$x | sed -n '/IDPSSODescriptor/,/\/IDPSSODescriptor/p' | grep -q 'Logo .*http://' ; then echo "  $$x" | sed 's/.*/[1;31m&[0m/' ; fi ; done
 
+testIdPinSP:
+	@echo "Check that SP:s does not define IDPSSODescriptor"
+	@for spfile in `cat swamid-sp-2.0.mxml swamid-externals-sp-2.0.xml | grep -v "\.mxml$$" | grep "xi:include" | awk -F\" '{print $$2}'` ; do grep -q IDPSSODescriptor $$spfile && echo "  $$spfile" | sed 's/.*/[1;31m&[0m/' ; done | grep . && exit 1 || exit 0
+
 testMDUIreach:
 	@echo "Check that MDUI URLs are reachable"
 	@cat swamid-idp-2.0.mxml swamid-sp-2.0.mxml swamid-externals-sp-2.0.xml | grep -v "\.mxml$$" | grep "xi:include" | awk -F\" '{print $$2}' | \
@@ -199,7 +203,7 @@ testBadStrings:
 	@echo "Check for bad strings in metadata"
 	@for x in `find $(SRCDIRS) -name \*.xml`; do grep -E 'ServiceName xml:lang="[^"]*"/>' $$x | sed 's/^/  /' ; done | grep . && exit 1 || exit 0
 
-committest: test testMDUI testOrgData testEntCat testSimpleSign testALlevel testRefedsRnS testGeantCoCo testMetadataUsage testBadStrings
+committest: test testMDUI testOrgData testEntCat testSimpleSign testALlevel testRefedsRnS testGeantCoCo testMetadataUsage testBadStrings testIdPinSP
 
 deeptest: committest testMDUIreach
 
diff --git a/swamid-2.0/connect.eoppimispalvelut.fi-shibboleth.xml b/swamid-2.0/connect.eoppimispalvelut.fi-shibboleth.xml
new file mode 100644
index 00000000..a5745861
--- /dev/null
+++ b/swamid-2.0/connect.eoppimispalvelut.fi-shibboleth.xml
@@ -0,0 +1,125 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://connect.eoppimispalvelut.fi/shibboleth">
+  <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+    <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+      <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+        <samla:AttributeValue>http://www.swamid.se/category/nren-service</samla:AttributeValue>
+        <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+      </samla:Attribute>
+    </mdattr:EntityAttributes>
+  </md:Extensions>
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <md:Extensions>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/DS/nordu.net"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/DS/nordu.net" index="1"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/DS/nordu.net"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/DS/nordu.net" index="2"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/DS/ds.sunet.se"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/DS/ds.sunet.se" index="3"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/DS/kalmar2"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/DS/kalmar2" index="4"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/Login/feide"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/DS/haka.funet.fi"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/DS/haka.funet.fi" index="5"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/Login/idp.funet.fi"/>
+      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+        <mdui:DisplayName xml:lang="fi">eOppimispalvelut E-Meeting Service</mdui:DisplayName>
+        <mdui:DisplayName xml:lang="en">Lapland E-Meeting Service</mdui:DisplayName>
+        <mdui:DisplayName xml:lang="sv">Lapland E-Meeting Service</mdui:DisplayName>
+        <mdui:Description xml:lang="fi">ET eOppimispalvelut E-Meeting Service (Adobe Connect)</mdui:Description>
+        <mdui:Description xml:lang="en">An E-Meeting Service (Adobe Connect)</mdui:Description>
+        <mdui:Description xml:lang="sv">En E-Meeting Service (Adobe Connect)</mdui:Description>
+        <mdui:PrivacyStatementURL xml:lang="fi">https://portal.nordu.net/display/NORDUwiki/Adobe+Connect+Privacy+Policy</mdui:PrivacyStatementURL>
+        <mdui:PrivacyStatementURL xml:lang="en">https://portal.nordu.net/display/NORDUwiki/Adobe+Connect+Privacy+Policy</mdui:PrivacyStatementURL>
+        <mdui:PrivacyStatementURL xml:lang="sv">https://portal.nordu.net/display/NORDUwiki/Adobe+Connect+Privacy+Policy</mdui:PrivacyStatementURL>
+      </mdui:UIInfo>
+    </md:Extensions>
+    <md:KeyDescriptor>
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:KeyName>connect.eoppimispalvelut.fi</ds:KeyName>
+        <ds:X509Data>
+          <ds:X509SubjectName>CN=connect.eoppimispalvelut.fi</ds:X509SubjectName>
+          <ds:X509Certificate>MIIFHzCCAwegAwIBAgIJAM/iGU5RC6ggMA0GCSqGSIb3DQEBCwUAMCYxJDAiBgNV
+BAMMG2Nvbm5lY3QuZW9wcGltaXNwYWx2ZWx1dC5maTAeFw0xNzA3MTExNDA5MDVa
+Fw0yNzA3MDkxNDA5MDVaMCYxJDAiBgNVBAMMG2Nvbm5lY3QuZW9wcGltaXNwYWx2
+ZWx1dC5maTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOrFJSEYwSrl
+GAKy6EZ1ArvYntmfOYgwsEDBwyBb3lyJh6lo0kU7pny4DkvDOeUB8zz5iTWUSUab
+j64n6Nh8sT3pMG/wd1KMKJHtiF7wA7/3mNXN5AmNLW6MC4VR5oQgjZV3Ja4de69j
+2AU0+OqfKKYq5r6PQPR68AVb4Iek8/YnDMo/3iMQTzBNBAPeR7bbXITJffFFR9gl
+z4KLlnsmLaNIyICszRcBBfN1aZdJZ4f+5kp6TDnspWdNo5SnksO+SNFyBSV83V0M
+OMf5E9e2jSF1sGkdOiFzc6QxtL98bBUYg9NErr9X1MP1kSh7WT5WaE4LGfNFScf4
+4+T5qYCHrINB5QjB2cl5NBh9riN7RImL/RzCPyH3XaNft1RhN1TJ8nVpgVirgjNy
+G1cbdFJeoqqfzlOOMwVAWCBJwiWUSr7voFsvxcHGFW/lp14czCb9cwrgT+Y37Wi2
+4vxyR9vQjd1+yojxltt3E3+8VkSCn5hR3/CuUHgwUoUgiu3yI9qrANQ/B/RsGJ5Z
+mgqGoKkTb1mQbXjxvr7pxfneFbU/TnICFBmLhCJwNK6znjaZIiPZ0076FCSjgX0j
+pWdgsRAcCYTABI/3UCG7MD+8Ysqh+WoXfO+W8KVmOgAjFxzSgn7P/MZdjAjba70O
+G/40AM0eY5jkC7KLlKL9t6h18sE6l9/jAgMBAAGjUDBOMB0GA1UdDgQWBBTTFaPz
+03n7WwFnxOlTBqWjf1KanjAfBgNVHSMEGDAWgBTTFaPz03n7WwFnxOlTBqWjf1Ka
+njAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQB5ijNlpDR7DhwT7lMp
+OvKvTtaYB+k8MJLLALxGRSgWjd7FVEa/lXBq8o45L25fHjyZkv419pr25a/rEWA+
+jjPGCYay+ivXdyrhrAE0ZlusCUi1cjEeRxL7t5B4qIBsUB2XAMuo2cNN9dTa6lkZ
+HnzIiAru9C5FSUUskwcW5Tz9FRP1yzxMXVEEl0bWfEZeiOIXD0gQqMt00+427Bqm
+q1zwwji4r7h+p6oJbEBNmCBV6IZ+9rpDHW+Cza61loIPGf8QwuLPBBFsWajBws7g
+1WtiGmEv8Kr8u2zqNaQkwvuRE3hLjGch+TP+zESRDM7wjHNsx0YU123hPnwhKeHN
+Z7Qx1MIBShQCagZdb/m+wHmuQ2Cwzh5cySdzTvhcJKka5XpdygXLFP2aOrRCc2Z0
+Xf8USeIYX4iLde56FvkfDYn7ATr7spbWotn8BJn3rWuK/Zsx8HMcOkqwGK03gUg3
+HDrUiFxeXBtdPGAlcbFoNPRVECfSkyzDL7RqvU/e/O7FDfNK8FYRNZ0SdCV/1ITZ
+I695b+MfI3EQfDkg2j2/XOi+yyNfwgrkf4oAFNC31Cc2puXsfWb1pVIEmQG7ovfm
+gAhzBP0snGc/6uQ8gK9u+l6PCRiuGBuWzN/uwlIxMdEdAJ9bEHVe06u5TGU0Hxvo
+YsO5+6eqWfrGgcbrEy6s5qH2VA==
+</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </md:KeyDescriptor>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/Artifact/SOAP" index="1"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/SLO/SOAP"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/SLO/Artifact"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/SAML2/POST" index="1"/>
+  </md:SPSSODescriptor>
+  <md:Organization>
+    <md:OrganizationName xml:lang="en">NORDUnet</md:OrganizationName>
+    <md:OrganizationDisplayName xml:lang="en">NORDUnet A/S</md:OrganizationDisplayName>
+    <md:OrganizationURL xml:lang="en">http://www.nordu.net</md:OrganizationURL>
+  </md:Organization>
+  <md:ContactPerson contactType="administrative">
+    <md:GivenName>Harri</md:GivenName>
+    <md:SurName>Kuusisto</md:SurName>
+    <md:EmailAddress>mailto:harri.kuusisto@csc.fi</md:EmailAddress>
+  </md:ContactPerson>
+  <md:ContactPerson contactType="technical">
+    <md:Company>NORDUnet NOC</md:Company>
+    <md:EmailAddress>mailto:noc@nordu.net</md:EmailAddress>
+  </md:ContactPerson>
+  <md:ContactPerson contactType="support">
+    <md:GivenName>Vesa</md:GivenName>
+    <md:SurName>Savolainen</md:SurName>
+    <md:EmailAddress>mailto:Vesa.Savolainen@csc.fi</md:EmailAddress>
+  </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/fs.test.ad.liu.se-adfs-services-trust.xml b/swamid-2.0/fs.test.ad.liu.se-adfs-services-trust.xml
index 781c72e6..b98eefc0 100644
--- a/swamid-2.0/fs.test.ad.liu.se-adfs-services-trust.xml
+++ b/swamid-2.0/fs.test.ad.liu.se-adfs-services-trust.xml
@@ -664,9 +664,9 @@
   <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
     <Extensions>
       <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
-        <mdui:DisplayName xml:lang="sv">Linköping University Test (ADFS)</mdui:DisplayName>
+        <mdui:DisplayName xml:lang="sv">Linköpings universitet Test (ADFS)</mdui:DisplayName>
         <mdui:DisplayName xml:lang="en">Linköping University Test (ADFS)</mdui:DisplayName>
-        <mdui:Description xml:lang="sv">Linköping University Test (ADFS)</mdui:Description>
+        <mdui:Description xml:lang="sv">Linköpings universityet Test (ADFS)</mdui:Description>
         <mdui:Description xml:lang="en">Linköping University Test (ADFS)</mdui:Description>
         <mdui:Keywords xml:lang="sv">LIU Linköping+University</mdui:Keywords>
         <mdui:Keywords xml:lang="en">LIU Linköping+University</mdui:Keywords>
@@ -768,9 +768,9 @@
     <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://liu.se/claims/extensionAttribute8" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="extensionAttribute8"/>
   </IDPSSODescriptor>
   <Organization>
-    <OrganizationName xml:lang="sv-SE">Linköpings universitet</OrganizationName>
-    <OrganizationDisplayName xml:lang="sv-SE">Linköpings universitet</OrganizationDisplayName>
-    <OrganizationURL xml:lang="sv-SE">https://www.liu.se/</OrganizationURL>
+    <OrganizationName xml:lang="sv">Linköpings universitet</OrganizationName>
+    <OrganizationDisplayName xml:lang="sv">Linköpings universitet Test (ADFS)</OrganizationDisplayName>
+    <OrganizationURL xml:lang="sv">https://www.liu.se/</OrganizationURL>
   </Organization>
   <ContactPerson contactType="support">
     <GivenName>Johan</GivenName>
diff --git a/swamid-2.0/id.statenssc.se-adfs-services-trust.xml b/swamid-2.0/id.statenssc.se-adfs-services-trust.xml
index c372afb5..64bd601e 100644
--- a/swamid-2.0/id.statenssc.se-adfs-services-trust.xml
+++ b/swamid-2.0/id.statenssc.se-adfs-services-trust.xml
@@ -710,104 +710,6 @@
     <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://id.statenssc.se/adfs/ls/" index="1"/>
     <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://id.statenssc.se/adfs/ls/" index="2"/>
   </SPSSODescriptor>
-  <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
-    <KeyDescriptor use="encryption">
-      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
-        <X509Data>
-          <X509Certificate>MIIC4DCCAcigAwIBAgIQTJDRE11esadK2AHqvGUBATANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDEyFBREZTIEVuY3J5cHRpb24gLSBpZC5zdGF0ZW5zc2Muc2UwHhcNMTQwOTA3MjEyNzQxWhcNMTkwOTA3MjEyNzQxWjAsMSowKAYDVQQDEyFBREZTIEVuY3J5cHRpb24gLSBpZC5zdGF0ZW5zc2Muc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI9BftUUS6LbxyhTUbpziaaY+7WyOKUXkHguFyFiL6nSdAn4R14TuJFug8uJCCRY6UEcEAn18QWgW1FvUyf7Zbzpu+U0XGq4QRy+GTbCIWeLmQAc9QFAjbOSqv7TMkgHg2Jo46L8/0ttgr+olPYTO454Ft7XuOm27WasCxrYxOo7tTd3w1YXz9CUtVxdnKPf3stxa+3RqlatrKansieOnI6YbStnhdM42l4S0cSer4Eu5SOakpFQH/BSdNrVV0knQih7seyhv6TmeK0bCYWriPS4lAAPJ8sllzWDQmhX7w8HJB8DFtMdHG4lrmahH3r7uUd/2+uzHjAWBhu2xq80uZAgMBAAEwDQYJKoZIhvcNAQELBQADggEBALFrJzyXfTeY2jyFWVq9jDjxQCm7D6oMipzbn2auPNku5HeUtQaKrnxjp3HFGFkeHMw2WxCo+n2UUsGEnSm4MiszNfHinkVu7KnHxMp3CnkfS6NMWyyGZQ/Sfi71ubMHmEsQrv4GJX4Mcvw4yaI/Ae59IQeUSBLPNzcsvYBtwq3EM/vSwAQpD1PNZEwh8/B/8BsutnvbAEExlUtU9EKxzUX4xl1SNnvDKIMEVue4Qm8DrjhEuLl/8uImfHPCnHcqN4tEe6gJoxBw767istcZmNLTYcJkCEMkL79vetgFad8UZWjJyaUCj16S2bd8w3NlXrb26a1iFj0Fxx9+p7QOSxE=</X509Certificate>
-        </X509Data>
-      </KeyInfo>
-    </KeyDescriptor>
-    <KeyDescriptor use="signing">
-      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
-        <X509Data>
-          <X509Certificate>MIIC2jCCAcKgAwIBAgIQNiJSeyIIjZNIgrCFtM7wjzANBgkqhkiG9w0BAQsFADApMScwJQYDVQQDEx5BREZTIFNpZ25pbmcgLSBpZC5zdGF0ZW5zc2Muc2UwHhcNMTQwOTA3MjEyNzQzWhcNMTkwOTA3MjEyNzQzWjApMScwJQYDVQQDEx5BREZTIFNpZ25pbmcgLSBpZC5zdGF0ZW5zc2Muc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvyasbdU+qo4Km/Ci2Y4dQynGCmV4N7mhiGZfZy4NGXJLAxY5a93M7pVHSanprju2M1IiwOu0TM7yR7glBW5kgry8G0/qwIEkcB0NtyDnSfF9qpVcwL7SQUL+pcVSRzOIMYaCHr3uydSkqfenSpCo2pQskT4fI3H6WuIt+ssttqzjh107bjfO7jaywV4VsvT6hx2j1PhW9H3h6c1ax6aMSRhBEcutS/SQ4JvULdcM/yITMs+YfN+5uRDUy2OpwPuXNTeNZ6N5lNH/zUCGdVCiz0GP5t6n6591u6vfo62PaIOLvKjmDpyhZEKBXnei2ccZiv01ErQn1U1EjUj3NG9MFAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAFZAIg+ngKrFMBkD6dD3THPK8ky0FxH7hCSASthn1PdIRQCorKIemqglV8yc+hadK+jK6//vc0xRk102Ku6t3T1ThWlTZluJt/WcZ1hb1p+hq3ZaxLSZkzEiu5G2xCPsAXg3QBQO1JyW8j+VnT4ls+wm/QQyG96W42O7bws7b6GWKsmfJNQgbrZDAxFuXKcO8jTP6iqXoRUARSHCe1sUBP+vqKZXE1Pgvwdvo69tqmK3uIUPDlj7cPCs1y01xiPw4qhPzLYyW60epOaGvC2yy4ecsGV9F1NAIbNFU+V2Gdu91bKYAqTt+bNUBMc9ikKy0R84W9Gqj8/vlys8IL5IIWU=</X509Certificate>
-        </X509Data>
-      </KeyInfo>
-    </KeyDescriptor>
-    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://id.statenssc.se/adfs/ls/"/>
-    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://id.statenssc.se/adfs/ls/"/>
-    <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
-    <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
-    <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
-    <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://id.statenssc.se/adfs/ls/"/>
-    <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://id.statenssc.se/adfs/ls/"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonPrincipalName"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://statenssc.se/claims/organisationsnummer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Organisationsnummer"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://statenssc.se/claims/personnummer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Personnummer"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Efternamn OID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Förnamn OID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.2.752.29.4.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Organisationsnummer OID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.2.752.29.4.13" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Personnummer OID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://statenssc.se/claims/hermes" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Hermes kod"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-post OID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://statenssc.se/claims/myndighet" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Myndighet"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://statenssc.se/claims/useridnoprefix" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UserId No Prefix"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2013/11/alternateloginid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Alternate Login ID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Request ID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication Methods References"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Update Password URL"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Days"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Time"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Inside Corporate Network"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="X.509 Version"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Thumbprint"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V1 Template Name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V2 Template Name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Key Identifier"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Signature Algorithm"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Serial Number"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Alternative Name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Raw Data"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Public Key"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Policies"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not Before"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not After"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Key Usage"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer Name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Enhanced Key Usage"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Basic Constraint"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authority Key Identifier"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application policies"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application Identifier"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Proxy"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Endpoint Path"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client IP"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client User Agent"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Application"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Forwarded Client IP"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Managed Device"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS Version"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS type"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration DisplayName"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration Identifier"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Identifier"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Registered User"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
-  </IDPSSODescriptor>
   <Organization>
     <OrganizationName xml:lang="sv">Statens Servicecenter</OrganizationName>
     <OrganizationDisplayName xml:lang="sv">Ekonomi- och lönetjänster för anställda på svenska myndigheter</OrganizationDisplayName>
diff --git a/swamid-2.0/konto.hig.se-443-idm.xml b/swamid-2.0/konto.hig.se-443-idm.xml
index 6efa2157..55e80928 100644
--- a/swamid-2.0/konto.hig.se-443-idm.xml
+++ b/swamid-2.0/konto.hig.se-443-idm.xml
@@ -70,56 +70,6 @@ toK8L6pqaFCbNOcoCOFIF37SX7skdyefXRiYXwy8Ut7sS211qtLu8w==</ds:X509Certificate>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://konto.hig.se:443/idm/login/saml/SSO" index="0" isDefault="true"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://konto.hig.se:443/idm/login/saml/SSO" index="1"/>
   </md:SPSSODescriptor>
-  <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
-    <md:KeyDescriptor use="signing">
-      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
-        <ds:X509Data>
-          <ds:X509Certificate>MIIC0DCCAbigAwIBAgIJAJEQFd5GvH6uMA0GCSqGSIb3DQEBBQUAMA4xDDAKBgNVBAMTA2lkbTAe
-Fw0xNzAzMTUwOTU5NTRaFw0yNzAzMTMwOTU5NTRaMA4xDDAKBgNVBAMTA2lkbTCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAKND+/+j5dw8lVvCDVB3kmEpsm7Y3Eg+CXcBowsbrUChssqa
-Knnni77xnpfGV2wruaTIP72wAoMJhM5ZU8rnydQkOs3SagZiajcmZ4WwYpZTfYXQ5Ct7I5bK7NFM
-NhjBc0/Nw0fg+49KhdCN+G3BIRXD9hHF1No0kcqVY4TBj2zDuZc4UJh5xBgaqLwjFdJgq7R+T/by
-55YDpZHFg9qLOPNuxBj45ZFL1IiZdX6MWhrJiFEEHOXu0UX1YTD9qWuN5c5Pu9UzBT5A/2F2Wb0r
-GQOwb8xBg3K6bW7/MK5iSnd9ZHQB4JxUhv6ZNJoTz61QMG74R4HEK/Ec4wxid2OjD8MCAwEAAaMx
-MC8wDgYDVR0RBAcwBYIDaWRtMB0GA1UdDgQWBBSvXwTfFmPlpW3GtcMWCEZHVfNEiDANBgkqhkiG
-9w0BAQUFAAOCAQEAFXWOymh7+gGFJPCB0X/WEZZZsW2a02WpB5b3i8XhrqhuWLZvHtw2wjFeW+6N
-cIVc245Q9XCuHJ8eBqgMFeUbKjJ1W4ErZErhhLzWSkemhx4lnCtk5f7L9ZQQXhCSv+jyzS186N4a
-qm9tCcYZrwmpn+zLlwzgmbe3MQfhCP2r1jDC05ALoExL1hNroBz/VwicR11XOZ17zPK1OYwP4ih8
-TnvGP4OWdlxveTP0xwoTTi3lDHoJpzBUHZtZC80w+OuBosPBaq2e2z2UgLOJ25/od3Pue+gfuNmn
-toK8L6pqaFCbNOcoCOFIF37SX7skdyefXRiYXwy8Ut7sS211qtLu8w==</ds:X509Certificate>
-        </ds:X509Data>
-      </ds:KeyInfo>
-    </md:KeyDescriptor>
-    <md:KeyDescriptor use="encryption">
-      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
-        <ds:X509Data>
-          <ds:X509Certificate>MIIC0DCCAbigAwIBAgIJAJEQFd5GvH6uMA0GCSqGSIb3DQEBBQUAMA4xDDAKBgNVBAMTA2lkbTAe
-Fw0xNzAzMTUwOTU5NTRaFw0yNzAzMTMwOTU5NTRaMA4xDDAKBgNVBAMTA2lkbTCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAKND+/+j5dw8lVvCDVB3kmEpsm7Y3Eg+CXcBowsbrUChssqa
-Knnni77xnpfGV2wruaTIP72wAoMJhM5ZU8rnydQkOs3SagZiajcmZ4WwYpZTfYXQ5Ct7I5bK7NFM
-NhjBc0/Nw0fg+49KhdCN+G3BIRXD9hHF1No0kcqVY4TBj2zDuZc4UJh5xBgaqLwjFdJgq7R+T/by
-55YDpZHFg9qLOPNuxBj45ZFL1IiZdX6MWhrJiFEEHOXu0UX1YTD9qWuN5c5Pu9UzBT5A/2F2Wb0r
-GQOwb8xBg3K6bW7/MK5iSnd9ZHQB4JxUhv6ZNJoTz61QMG74R4HEK/Ec4wxid2OjD8MCAwEAAaMx
-MC8wDgYDVR0RBAcwBYIDaWRtMB0GA1UdDgQWBBSvXwTfFmPlpW3GtcMWCEZHVfNEiDANBgkqhkiG
-9w0BAQUFAAOCAQEAFXWOymh7+gGFJPCB0X/WEZZZsW2a02WpB5b3i8XhrqhuWLZvHtw2wjFeW+6N
-cIVc245Q9XCuHJ8eBqgMFeUbKjJ1W4ErZErhhLzWSkemhx4lnCtk5f7L9ZQQXhCSv+jyzS186N4a
-qm9tCcYZrwmpn+zLlwzgmbe3MQfhCP2r1jDC05ALoExL1hNroBz/VwicR11XOZ17zPK1OYwP4ih8
-TnvGP4OWdlxveTP0xwoTTi3lDHoJpzBUHZtZC80w+OuBosPBaq2e2z2UgLOJ25/od3Pue+gfuNmn
-toK8L6pqaFCbNOcoCOFIF37SX7skdyefXRiYXwy8Ut7sS211qtLu8w==</ds:X509Certificate>
-        </ds:X509Data>
-      </ds:KeyInfo>
-    </md:KeyDescriptor>
-    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://konto.hig.se:443/idm/profile/SAML2/SOAP/ArtifactResolution" index="1" isDefault="true"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://konto.hig.se:443/idm/profile/SAML2/POST/SLO"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://konto.hig.se:443/idm/profile/SAML2/Redirect/SLO"/>
-    <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
-    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
-    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
-    <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
-    <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName</md:NameIDFormat>
-    <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://konto.hig.se:443/idm/profile/SAML2/POST/SSO"/>
-    <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://konto.hig.se:443/idm/profile/SAML2/Redirect/SSO"/>
-  </md:IDPSSODescriptor>
   <md:ContactPerson contactType="administrative">
     <md:GivenName>Mona</md:GivenName>
     <md:SurName>Åkerman</md:SurName>
diff --git a/swamid-2.0/te-id.statenssc.se-adfs-services-trust.xml b/swamid-2.0/te-id.statenssc.se-adfs-services-trust.xml
index 971465f2..d4b9cb89 100644
--- a/swamid-2.0/te-id.statenssc.se-adfs-services-trust.xml
+++ b/swamid-2.0/te-id.statenssc.se-adfs-services-trust.xml
@@ -677,101 +677,6 @@
     <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://te-id.statenssc.se/adfs/ls/" index="1"/>
     <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://te-id.statenssc.se/adfs/ls/" index="2"/>
   </SPSSODescriptor>
-  <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
-    <KeyDescriptor use="encryption">
-      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
-        <X509Data>
-          <X509Certificate>MIIC5jCCAc6gAwIBAgIQZmLOGQ7D65NBAKMx53MHTzANBgkqhkiG9w0BAQsFADAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZS1pZC5zdGF0ZW5zc2Muc2UwHhcNMTUwMTEyMTEyOTE0WhcNMjAwMTEyMTEyOTE0WjAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZS1pZC5zdGF0ZW5zc2Muc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/CAXk68VfTOgI12msQPBLuSgUsfMwZYXqBWmBIty2m9HOjbYOMdydFUDihuVEJkNq6OkWrhBs5phBdnEQ2v0aDjXdzp6tVq+h5Kc6508CVUeDDoxE1G4pbylFAZrHMUfVikDKiPlXWkKN2Po7vX6hyKVjUGLLvS42U1DsT98onQNiNsK/XBxddwjFYROCc6dTjx1Y43RTFhR9ycK46Z1PZSHAEIETl4xIqNhLPeGmgdPBtqV4wyk3kidTq2kUbBBjay2i6at/Kq++IM+ZaJpONGGeI02od1BpvNIC8MxnUj7MOWtzucE7R2uWvfjMFbl+NwWly4PaMRpzeCaIbCRfAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAG2y79ay8DN3Lt+Yp+gOtV/FunIZP1Rd1dMBooyoe8Zs/kkddGq6ABIQUwHoddu1Zcjnpa65NWMCO148HjQxcsggX6RXTSevWIUlpWcI95uJkGJpwiMQCcvctMuV3sxIZXezIj5SZcaSNJP+lxhrR2kB4FDf2P0i64YLZvBLmyWG+cuIw5qG8vC44VmPJ8W/dKb50SPHRgLEk2r5EAm3uYCcMvyyT0D4T+xPq+m54mII1Q0P+3irhxqXh4E7a9dI7PrYWqDth9KQtsoRiZveTFqlV4N9DCL9yGbJAyTc7jqDrjSIr2/Koek3PQBI5XO27aLOyhMjYoyYtCv/U96Hbe0=</X509Certificate>
-        </X509Data>
-      </KeyInfo>
-    </KeyDescriptor>
-    <KeyDescriptor use="signing">
-      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
-        <X509Data>
-          <X509Certificate>MIIC4DCCAcigAwIBAgIQPI5QFpf7V4VNKPr18lyOpjANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZS1pZC5zdGF0ZW5zc2Muc2UwHhcNMTUwMTEyMTEyOTE5WhcNMjAwMTEyMTEyOTE5WjAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZS1pZC5zdGF0ZW5zc2Muc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFcAvIAF5haM4s9A7ovFPZnOK0OOV3z62JUfIh7K3mwlL3ff0+PoTBc2zB62uoEq9vpDtIqa/8tP4f8qD2KlflZB6dTwh/N/aKP+w3B+TdpOklH/+/LKsURnO84wqu6XvpznRpO2ZbSE9G0YKOgcCntmKGGVwfINu5PMMBAKFq2VpuUIkdbyn5S7LVpDjggI/4zNtfF+qDij7mAhE5maexf7rLmQvLj9sDAI+tlTAchoNOMSpsBffhIM7jly/97SQWcGePH2+cg68SjxFixGbDteTHwTtAKJr0Gn0HJdK23gUhua95HgZjVodb+oIfQToUOSnxf6Ft+WjxxI+fjQSRAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAKSdqKTbL0DJheNn0dti+oy7z1Y1nPCZx9y3FGTkIesHmh/+cLZmw8rmXdYXi1JsUh3ybwHUSpRY1dYn6Pg34RAPXKzNwOGjFZ6RZ6OTdoloh+hq30efkO0CDYk5xOfBL9Jq686pp+AOGQyYOUZhWz1eocjptzr9Vzspi5BiNNt0y3D42dZz4ebOq89vQRo7+T0Y+t+3Iued8iMolwntCCBuE5TMhYjYjPDGFpF8vQRRJESXa2w5WX/vqq5gZ5G1uHRC5tNngyNtbKzBsu4yq+F7cp+HcxAu9jeYzHHegLn+VO+NRSzc59wZjX3m+g6BeXiv55GXWl31DFf9aEaT6rY=</X509Certificate>
-        </X509Data>
-      </KeyInfo>
-    </KeyDescriptor>
-    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://te-id.statenssc.se/adfs/ls/"/>
-    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://te-id.statenssc.se/adfs/ls/"/>
-    <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
-    <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
-    <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
-    <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://te-id.statenssc.se/adfs/ls/"/>
-    <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://te-id.statenssc.se/adfs/ls/"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Registered User"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Identifier"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration Identifier"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration DisplayName"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS type"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS Version"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Managed Device"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Forwarded Client IP"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Application"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client User Agent"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Proxy"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application Identifier"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application policies"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authority Key Identifier"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Basic Constraint"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Enhanced Key Usage"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer Name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Key Usage"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not After"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not Before"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Policies"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Public Key"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Raw Data"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Alternative Name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Serial Number"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Signature Algorithm"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Key Identifier"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V2 Template Name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V1 Template Name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Thumbprint"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="X.509 Version"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Inside Corporate Network"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Time"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Days"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Update Password URL"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication Methods References"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Request ID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2013/11/alternateloginid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Alternate Login ID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-post OID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.2.752.29.4.13" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Personnummer OID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.2.752.29.4.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Organisationsnummer OID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Förnamn OID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Efternamn OID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://statenssc.se/claims/personnummer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Personnummer"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://statenssc.se/claims/organisationsnummer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Organisationsnummer"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonPrincipalName"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://statenssc.se/claims/myndighet" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Myndighet"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://statenssc.se/claims/hermes" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Hermes kod"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.3.6.1.4.1.5923.1.5.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="member"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:2.5.4.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="cn"/>
-  </IDPSSODescriptor>
   <Organization>
     <OrganizationName xml:lang="sv">Statens Servicecenter</OrganizationName>
     <OrganizationDisplayName xml:lang="sv">Ekonomi- och lönetjänster för anställda på svenska myndigheter (test)</OrganizationDisplayName>
diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml
index 021de365..a733ac46 100644
--- a/swamid-sp-2.0.mxml
+++ b/swamid-sp-2.0.mxml
@@ -658,4 +658,5 @@
   <xi:include href="swamid-2.0/se.timeedit.net-ki.xml"/>
   <xi:include href="swamid-2.0/pptest.hj.se-Shibboleth-sso.xml"/>
   <xi:include href="swamid-2.0/pingpong.ju.se-Shibboleth-sso.xml"/>
+  <xi:include href="swamid-2.0/connect.eoppimispalvelut.fi-shibboleth.xml"/>
 </md:EntitiesDescriptor>
author	Leif Johansson <leifj@sunet.se>	2017-07-18 14:16:58 +0200
committer	Leif Johansson <leifj@sunet.se>	2017-07-18 14:16:58 +0200
commit	fa8e8408e2085b637cb5cc9fe88b598a8105c4ac (patch)
tree	eb218c7f8af9ee7ab706edc5f86267a5cb0e8bc4
parent	31d375500969ff0782ceda4ab386134193a4fe00 (diff)
parent	e752af24f0310a1cabf2b71639cd0659704c8c8d (diff)