Merge branch 'master' of md-master.swamid.se:swamid-metadata

author: Leif Johansson <leifj@sunet.se> 2017-03-17 11:07:43 +0100
committer: Leif Johansson <leifj@sunet.se> 2017-03-17 11:07:43 +0100
commit: fd23bc1a89d37659a3c9ef19a6df32603fc07d1d (patch)
tree: f23fb6a53294490f8fa5fec08f4875bb2bc4410d
parent: 10e80ec290debb91e8bc8fa9510515e802dce2cd (diff)
parent: ee43e95506d0222198ce29d8c700cb47a5421777 (diff)
10 files changed, 224 insertions, 29 deletions
diff --git a/scripts/get-metadata.sh b/scripts/get-metadata.sh
index 88938b61..efc73c7d 100755
--- a/scripts/get-metadata.sh
+++ b/scripts/get-metadata.sh
@@ -22,6 +22,13 @@ EOF
 	exit 1
 fi
 
+script_cwd=`dirname "$0"`
+if test -d swamid-2.0 ; then
+	echo "Moving into swamid-2.0/"
+	cd swamid-2.0
+	echo "$script_cwd" | grep -q ^/ || script_cwd=../$script_cwd
+fi
+
 if echo "$metadataurl" | grep -qE '^http://|^https://' ; then
 	metadata=`curl -s -k -f "$metadataurl"`
 elif echo "$metadataurl" | grep -qE '^reep:' ; then
@@ -48,19 +55,47 @@ entityid=`echo "$metadata" | sed -n 's/.*entityID=['\''"]\([^"]*\)['\''"].*/\1/p
 entityidfn=`echo "$entityid" | sed 's;https*://;;' | tr 'A-Z' 'a-z' | sed 's;/$;;' | sed 's/[^a-z0-9_.-]/-/g' | sed 's/\.xml$//;s/$/.xml/'`
 [ -n "$entityidfn" ] || error "Failed to generate filename from entityid $entityid"
 
-if [ -r "$entityidfn" ] ; then
-	echo -n "Replace $entityidfn with metadata [Y/n]? "
-else
+[ -r "$entityidfn" ] && new=false || new=true
+if $new ; then
 	echo -n "Save metadata into $entityidfn [Y/n]? "
+else
+	echo -n "Replace $entityidfn with metadata [Y/n]? "
 fi
 read x
 case $x in
 	Y|y|"")
+		if $new ; then
+			echo -n "Add swamid-2.0/$entityidfn to swamid-sp-2.0.mxml [Y/n]? "
+			read x
+			case $x in
+				Y|y|"")
+					sed -i "s;^</md:EntitiesDescriptor>;  <xi:include href=\"swamid-2.0/$entityidfn\"/>\n&;" ../swamid-sp-2.0.mxml
+					echo --
+					tail -n 10 ../swamid-sp-2.0.mxml | sed 's/^/  /'
+					echo --
+					;;
+				*)
+					echo "Not added"
+					;;
+			esac
+		fi
+
 		echo "$metadata" > $entityidfn
 		tmp=`mktemp`
-		xsltproc `dirname $0`/../xslt/clean-entitydescriptor.xsl ${entityidfn} > ${tmp} && mv ${tmp} ${entityidfn}
+		xsltproc $script_cwd/../xslt/clean-entitydescriptor.xsl ${entityidfn} > ${tmp} && mv ${tmp} ${entityidfn}
 
-		echo $entityidfn
+		if $new ; then
+			echo -n "Add swamid-2.0/$entityidfn to git [Y/n]? "
+			read x
+			case $x in
+				Y|y|"")
+					git add $entityidfn
+					;;
+				*)
+					echo "Not added"
+					;;
+			esac
+		fi
 		;;
 	*)
 		echo "Nothing done"
diff --git a/swamid-2.0/eduroamkonto.kau.se.xml b/swamid-2.0/eduroamkonto.kau.se.xml
new file mode 100644
index 00000000..34b4b890
--- /dev/null
+++ b/swamid-2.0/eduroamkonto.kau.se.xml
@@ -0,0 +1,96 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://eduroamkonto.kau.se">
+  <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+    <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+      <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+        <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+        <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
+      </samla:Attribute>
+    </mdattr:EntityAttributes>
+  </md:Extensions>
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+    <md:Extensions>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://eduroamkonto.kau.se/Shibboleth.sso/Login"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://eduroamkonto.kau.se/Shibboleth.sso/Login" index="1"/>
+      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+        <mdui:DisplayName xml:lang="sv">eduroam kontohantering - Karlstads universitet</mdui:DisplayName>
+        <mdui:DisplayName xml:lang="en">eduroam account management - Karlstad University</mdui:DisplayName>
+        <mdui:Description xml:lang="sv">Denna tjänst är till KAU anställda för återställning av eduroam lösenord</mdui:Description>
+        <mdui:Description xml:lang="en">This service allows KAU employees to reset their eduroam password</mdui:Description>
+      </mdui:UIInfo>
+    </md:Extensions>
+    <md:KeyDescriptor>
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:KeyName>eduroamkonto.kau.se</ds:KeyName>
+        <ds:X509Data>
+          <ds:X509SubjectName>CN=eduroamkonto.kau.se</ds:X509SubjectName>
+          <ds:X509Certificate>MIIEADCCAmigAwIBAgIJAM8tIubXd3gYMA0GCSqGSIb3DQEBCwUAMB4xHDAaBgNV
+BAMTE2VkdXJvYW1rb250by5rYXUuc2UwHhcNMTcwMzE1MTIzNjU4WhcNMjcwMzEz
+MTIzNjU4WjAeMRwwGgYDVQQDExNlZHVyb2Fta29udG8ua2F1LnNlMIIBojANBgkq
+hkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAx7rpQNMClyCqWSgr0/Cm0k6x8p5csVDh
+bcDQp4R4FntO7zOp4I7+0UzMIoxV7kZydYMm/0QDB/8/Xr6VEDSRXjcUK3YTpwm+
+kjZ+bSR/ZzgHH7tAAJ6pB+T4RRm0zfhRVOzHWfrJtOsH7LOh8Ie1LoSpe0yRaa4o
+MhSjTGKg4lSMtt/YGNvVluQMci9LZM+s5LeodsJ7DFSvE9BI7eLw70uyCugETTT3
+LpPvanUbzagAgBc8gSolRDM0ioQc4CgAug6JrRFdB8N3BdkAhZhsQM6AnLW17wKE
+WmzCP1Q8BQ/I0Ni6AVWd1BI92+5TmGbWxWh6zhVghcAJJw5EKQMy5xItwx4ua3ta
+JneutMxibH0CBlSE7kl2xY4YinrkCjh7UfMzTDY9ap/dYifzBUugQF46BI8UlR9Q
+ZoxR1VVkH9fD1s5jezdr28wPsSl8auT2pAbEJjhJPUJkdUB4kfptYKsw9v8xya/a
+ZkIVJrcM7tlPdT7z5v+e3uk7ZHJAk8DLAgMBAAGjQTA/MB4GA1UdEQQXMBWCE2Vk
+dXJvYW1rb250by5rYXUuc2UwHQYDVR0OBBYEFMnow17F7CuMpt/wY+9Se3MjYwXF
+MA0GCSqGSIb3DQEBCwUAA4IBgQA49Qo4cQdRR1g+j1xyS6ZLEr+yY2uPQLW8gTja
++p/3NmYVnxh6/411k3XY+rlJVR9JoogIkRXkCzwv18Ws87IbK/d+thSxGxrqnST7
+YSKW3G44Rcbo7/uaB3wRNiyWOJ7T2nyeX4TJ3RnFUAFmP5lOUXkOL/S1zIx+FDhZ
+sNY8w+FAj/AARgGfaXVmGjqv50xiJ89IhOGmRzvV92IG2kgwxE14IAbz+bS7fca9
+opdRQIH963X7qq6NLKPPv3qDz0oUAdnIjRX7Fr8vwbGN7hsGaaTnOkkucHVCx8te
+bKwPXqk/9I2Gy4oXpfrO933Q2z01WAdNurHWD9Hkbt7JryaB4D4j0fQOQ5FPAGmQ
+BwJvV7GTu/AZJT5WX/cc3FUivU+7WIk4BVBi0XVk6oeK60MPgSAaOqGVsbTgQxam
+i+98vFKqxYI0xD5CAicJMQtgzyGx5tnTDvABuqf6jgp5XhneS3441LXsRuTMur54
+MipqdDjyQEIn6175q9gOmemKMbk=
+</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </md:KeyDescriptor>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://eduroamkonto.kau.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://eduroamkonto.kau.se/Shibboleth.sso/Artifact/SOAP" index="2"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://eduroamkonto.kau.se/Shibboleth.sso/SLO/SOAP"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://eduroamkonto.kau.se/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://eduroamkonto.kau.se/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://eduroamkonto.kau.se/Shibboleth.sso/SLO/Artifact"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://eduroamkonto.kau.se/Shibboleth.sso/SAML2/POST" index="1"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://eduroamkonto.kau.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://eduroamkonto.kau.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://eduroamkonto.kau.se/Shibboleth.sso/SAML/POST" index="5"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://eduroamkonto.kau.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://eduroamkonto.kau.se/Shibboleth.sso/SAML2/POST" index="7"/>
+  </md:SPSSODescriptor>
+  <md:ContactPerson contactType="technical">
+    <md:GivenName>Erik</md:GivenName>
+    <md:SurName>Lundin</md:SurName>
+    <md:EmailAddress>mailto:erik.lundin@kau.se</md:EmailAddress>
+  </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/idp.his.se-idp-shibboleth.xml b/swamid-2.0/idp.his.se-idp-shibboleth.xml
index ed12731a..a8c29d40 100644
--- a/swamid-2.0/idp.his.se-idp-shibboleth.xml
+++ b/swamid-2.0/idp.his.se-idp-shibboleth.xml
@@ -1,11 +1,18 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" entityID="https://idp.his.se/idp/shibboleth">
+  <Extensions>
+    <attr:EntityAttributes xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute">
+      <saml:Attribute xmlns="" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+        <saml:AttributeValue>http://refeds.org/category/hide-from-discovery</saml:AttributeValue>
+      </saml:Attribute>
+    </attr:EntityAttributes>
+  </Extensions>
   <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
     <Extensions>
       <shibmd:Scope regexp="false">his.se</shibmd:Scope>
       <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
-        <mdui:DisplayName xml:lang="sv">Högskolan i Skövde</mdui:DisplayName>
-        <mdui:DisplayName xml:lang="en">University of Skövde</mdui:DisplayName>
+        <mdui:DisplayName xml:lang="sv">Högskolan i Skövde (gammal)</mdui:DisplayName>
+        <mdui:DisplayName xml:lang="en">University of Skövde (old)</mdui:DisplayName>
         <mdui:Description xml:lang="sv">Identity Provider för Högskolan i Skövde</mdui:Description>
         <mdui:Description xml:lang="en">Identity Provider for University of Skövde</mdui:Description>
         <mdui:InformationURL xml:lang="sv">http://www.his.se</mdui:InformationURL>
@@ -99,8 +106,8 @@ drVlFNv2EtdNX1C9u3EJYqslqtyXv2nZ
   </AttributeAuthorityDescriptor>
   <Organization>
     <OrganizationName xml:lang="en">HIS</OrganizationName>
-    <OrganizationDisplayName xml:lang="sv">Högskolan i Skövde</OrganizationDisplayName>
-    <OrganizationDisplayName xml:lang="en">University of Skövde</OrganizationDisplayName>
+    <OrganizationDisplayName xml:lang="sv">Högskolan i Skövde (gammal)</OrganizationDisplayName>
+    <OrganizationDisplayName xml:lang="en">University of Skövde (old)</OrganizationDisplayName>
     <OrganizationURL xml:lang="en">http://www.his.se</OrganizationURL>
   </Organization>
   <ContactPerson contactType="administrative">
diff --git a/swamid-2.0/idp2.his.se-idp-shibboleth.xml b/swamid-2.0/idp2.his.se-idp-shibboleth.xml
index 0d537a21..64d7f5c8 100644
--- a/swamid-2.0/idp2.his.se-idp-shibboleth.xml
+++ b/swamid-2.0/idp2.his.se-idp-shibboleth.xml
@@ -1,18 +1,11 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://idp2.his.se/idp/shibboleth">
-  <Extensions>
-    <attr:EntityAttributes xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute">
-      <saml:Attribute xmlns="" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
-        <saml:AttributeValue>http://refeds.org/category/hide-from-discovery</saml:AttributeValue>
-      </saml:Attribute>
-    </attr:EntityAttributes>
-  </Extensions>
   <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
     <Extensions>
       <shibmd:Scope regexp="false">his.se</shibmd:Scope>
       <mdui:UIInfo>
-        <mdui:DisplayName xml:lang="sv">Högskolan i Skövde (ny)</mdui:DisplayName>
-        <mdui:DisplayName xml:lang="en">University of Skövde (new)</mdui:DisplayName>
+        <mdui:DisplayName xml:lang="sv">Högskolan i Skövde</mdui:DisplayName>
+        <mdui:DisplayName xml:lang="en">University of Skövde</mdui:DisplayName>
         <mdui:Description xml:lang="sv">Identity Provider för Högskolan i Skövde</mdui:Description>
         <mdui:Description xml:lang="en">Identity Provider for University of Skövde</mdui:Description>
         <mdui:InformationURL xml:lang="sv">http://www.his.se</mdui:InformationURL>
@@ -200,8 +193,8 @@ lydgJ83mLCTu9Bueh30Fp3aQ64DAHbCABkgW
   </AttributeAuthorityDescriptor>
   <Organization>
     <OrganizationName xml:lang="en">HIS</OrganizationName>
-    <OrganizationDisplayName xml:lang="sv">Högskolan i Skövde (ny)</OrganizationDisplayName>
-    <OrganizationDisplayName xml:lang="en">University of Skövde (new)</OrganizationDisplayName>
+    <OrganizationDisplayName xml:lang="sv">Högskolan i Skövde</OrganizationDisplayName>
+    <OrganizationDisplayName xml:lang="en">University of Skövde</OrganizationDisplayName>
     <OrganizationURL xml:lang="en">http://www.his.se</OrganizationURL>
   </Organization>
   <ContactPerson contactType="administrative">
diff --git a/swamid-2.0/jira-test.its.umu.se-shibboleth.xml b/swamid-2.0/jira-test.its.umu.se-shibboleth.xml
new file mode 100644
index 00000000..3ff19eca
--- /dev/null
+++ b/swamid-2.0/jira-test.its.umu.se-shibboleth.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+This is example metadata only. Do *NOT* supply it as is without review,
+and do *NOT* provide it in real time to your partners.
+ -->
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://jira-test.its.umu.se/shibboleth">
+  <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+    <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+      <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+        <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
+        <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+      </samla:Attribute>
+    </mdattr:EntityAttributes>
+  </md:Extensions>
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+    <md:Extensions>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://jira-test.its.umu.se/Shibboleth.sso/DS/ds.swamid.se"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://jira-test.its.umu.se/Shibboleth.sso/DS/ds.swamid.se" index="1"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://jira-test.its.umu.se/Shibboleth.sso/Login"/>
+      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+        <mdui:DisplayName xml:lang="sv">Jira test, ITS, Umeå universitet</mdui:DisplayName>
+        <mdui:DisplayName xml:lang="en">Jira test, ITS, Umeå University</mdui:DisplayName>
+        <mdui:Description xml:lang="sv">Jira test, ITS, IT-stöd och systemutveckling, Umeå universitet</mdui:Description>
+        <mdui:Description xml:lang="en">Jira test, ITS, ICT Services and System Development, Umeå University</mdui:Description>
+      </mdui:UIInfo>
+    </md:Extensions>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://jira-test.its.umu.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://jira-test.its.umu.se/Shibboleth.sso/SLO/SOAP"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://jira-test.its.umu.se/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://jira-test.its.umu.se/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://jira-test.its.umu.se/Shibboleth.sso/SLO/Artifact"/>
+    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://jira-test.its.umu.se/Shibboleth.sso/NIM/SOAP"/>
+    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://jira-test.its.umu.se/Shibboleth.sso/NIM/Redirect"/>
+    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://jira-test.its.umu.se/Shibboleth.sso/NIM/POST"/>
+    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://jira-test.its.umu.se/Shibboleth.sso/NIM/Artifact"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://jira-test.its.umu.se/Shibboleth.sso/SAML2/POST" index="1"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://jira-test.its.umu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://jira-test.its.umu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://jira-test.its.umu.se/Shibboleth.sso/SAML/POST" index="5"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://jira-test.its.umu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+  </md:SPSSODescriptor>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/registry-test.swamid.se-saml2-metadata.xml b/swamid-2.0/registry-test.swamid.se-saml2-metadata.xml
index 878a97bb..29cdf197 100644
--- a/swamid-2.0/registry-test.swamid.se-saml2-metadata.xml
+++ b/swamid-2.0/registry-test.swamid.se-saml2-metadata.xml
@@ -70,12 +70,6 @@ oMzgMjdgVTXdBPqXjdsunjPAiOZnJesxtLgWYEmQ
     </md:KeyDescriptor>
     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://registry-test.swamid.se/saml2/ls/"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://registry-test.swamid.se/saml2/acs/" index="1"/>
-    <md:AttributeConsumingService index="1">
-      <md:ServiceName xml:lang="en">PEER SP</md:ServiceName>
-      <md:RequestedAttribute FriendlyName="mail" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
-      <md:RequestedAttribute Name="givenName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
-      <md:RequestedAttribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
-    </md:AttributeConsumingService>
   </md:SPSSODescriptor>
   <md:Organization>
     <md:OrganizationName xml:lang="en">SWAMID</md:OrganizationName>
diff --git a/swamid-2.0/weblogin.kau.se-idp-shibboleth.xml b/swamid-2.0/weblogin.kau.se-idp-shibboleth.xml
index 405550b3..6cc85f9c 100644
--- a/swamid-2.0/weblogin.kau.se-idp-shibboleth.xml
+++ b/swamid-2.0/weblogin.kau.se-idp-shibboleth.xml
@@ -1,5 +1,17 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://weblogin.kau.se/idp/shibboleth">
+  <Extensions>
+    <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+      <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+        <saml:AttributeValue>http://www.swamid.se/policy/assurance/al1</saml:AttributeValue>
+        <saml:AttributeValue>https://refeds.org/sirtfi</saml:AttributeValue>
+      </saml:Attribute>
+      <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category-support">
+        <samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue>
+        <samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue>
+      </samla:Attribute>
+    </mdattr:EntityAttributes>
+  </Extensions>
   <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
     <Extensions>
       <shibmd:Scope regexp="false">kau.se</shibmd:Scope>
@@ -218,4 +230,8 @@ cHgs7D1QiqGixbmFlSZyPcCPcIzPDzRaoXyb+yKQy31QP/VEt8VGXH5H2A==
     <EmailAddress>mailto:datasupport@kau.se</EmailAddress>
     <TelephoneNumber>+46 54 700 2525</TelephoneNumber>
   </ContactPerson>
+  <ContactPerson xmlns:remd="http://refeds.org/metadata" contactType="other" remd:contactType="http://refeds.org/metadata/contactType/security">
+    <GivenName>Incident Response Team</GivenName>
+    <EmailAddress>mailto:irt@kau.se</EmailAddress>
+  </ContactPerson>
 </EntityDescriptor>
diff --git a/swamid-edugain-idp-1.0.mxml b/swamid-edugain-idp-1.0.mxml
index ecc3b93d..b6919833 100644
--- a/swamid-edugain-idp-1.0.mxml
+++ b/swamid-edugain-idp-1.0.mxml
@@ -25,7 +25,6 @@
   <xi:include href="swamid-2.0/kiidp.ki.se-idp-shibboleth.xml"/>
   <xi:include href="swamid-2.0/swamid2.shh.se-idp-shibboleth.xml"/>
   <xi:include href="swamid-2.0/hbidp.hb.se-idp-shibboleth.xml"/>
-  <xi:include href="swamid-2.0/idp.his.se-idp-shibboleth.xml"/>
   <xi:include href="swamid-2.0/idp2.hv.se-idp-shibboleth.xml"/>
   <xi:include href="swamid-2.0/fs.liu.se-adfs-services-trust.xml"/>
   <xi:include href="swamid-2.0/weblogin.uu.se-idp-shibboleth.xml"/>
@@ -50,4 +49,5 @@
   <xi:include href="swamid-2.0/idp.ltu.se-idp-shibboleth.xml"/>
   <xi:include href="swamid-2.0/idp.hh.se-idp-shibboleth.xml"/>
   <xi:include href="swamid-2.0/idp01.gih.se-idp-shibboleth.xml"/>
+  <xi:include href="swamid-2.0/idp2.his.se-idp-shibboleth.xml"/>
 </md:EntitiesDescriptor>
diff --git a/swamid-idp-2.0.mxml b/swamid-idp-2.0.mxml
index 8e917c29..23ca493b 100644
--- a/swamid-idp-2.0.mxml
+++ b/swamid-idp-2.0.mxml
@@ -20,5 +20,5 @@
   <xi:include href="swamid-2.0/shibbo.ltu.se-idp-shibboleth.xml"/>
   <xi:include href="swamid-2.0/idp.sics.se-idp-shibboleth.xml"/>
   <xi:include href="swamid-2.0/gihidentity01.ihs.se-idp-shibboleth.xml"/>
-  <xi:include href="swamid-2.0/idp2.his.se-idp-shibboleth.xml"/>
+  <xi:include href="swamid-2.0/idp.his.se-idp-shibboleth.xml"/>
 </md:EntitiesDescriptor>
diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml
index 3a1b6ccd..962ad9a8 100644
--- a/swamid-sp-2.0.mxml
+++ b/swamid-sp-2.0.mxml
@@ -642,7 +642,8 @@
   <xi:include href="swamid-2.0/play.chalmers.se.xml"/>
   <xi:include href="swamid-2.0/crowd.sunet.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/play.rkh.se.xml"/>
-  <xi:include href="swamid-2.0/moodlebeta.omv.lu.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/student.utb2.ladok.se-student-sp.xml"/>
   <xi:include href="swamid-2.0/www.utb2.ladok.se-gui-sp.xml"/>
+  <xi:include href="swamid-2.0/eduroamkonto.kau.se.xml"/>
+  <xi:include href="swamid-2.0/jira-test.its.umu.se-shibboleth.xml"/>
 </md:EntitiesDescriptor>
author	Leif Johansson <leifj@sunet.se>	2017-03-17 11:07:43 +0100
committer	Leif Johansson <leifj@sunet.se>	2017-03-17 11:07:43 +0100
commit	fd23bc1a89d37659a3c9ef19a6df32603fc07d1d (patch)
tree	f23fb6a53294490f8fa5fec08f4875bb2bc4410d
parent	10e80ec290debb91e8bc8fa9510515e802dce2cd (diff)
parent	ee43e95506d0222198ce29d8c700cb47a5421777 (diff)