Resolves SWAMIDOPS-8505

author: Paul Scott <paul.scott@kau.se> 2017-03-08 16:16:00 +0100
committer: Paul Scott <paul.scott@kau.se> 2017-03-08 16:16:00 +0100
commit: 4927d3ba25cd58b12237b04b43c9366fea02ffe4 (patch)
tree: b6be0f06b4509a505724434166174642d179be88
parent: ce3a22ec52410f6fe9f4753132d68a7d28f963d1 (diff)
3 files changed, 56 insertions, 9 deletions
diff --git a/swamid-2.0/crowd.sunet.se-shibboleth.xml b/swamid-2.0/crowd.sunet.se-shibboleth.xml
index e5df7473..90588118 100644
--- a/swamid-2.0/crowd.sunet.se-shibboleth.xml
+++ b/swamid-2.0/crowd.sunet.se-shibboleth.xml
@@ -1,8 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
 <!--
 This is example metadata only. Do *NOT* supply it as is without review,
 and do *NOT* provide it in real time to your partners.
  -->
-<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_de64748103587c017bb8aa8717b535858760ac95" entityID="https://crowd.sunet.se/shibboleth">
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://crowd.sunet.se/shibboleth">
   <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
     <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
     <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
@@ -31,12 +32,12 @@ and do *NOT* provide it in real time to your partners.
     <md:Extensions>
       <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://crowd.sunet.se/Shibboleth.sso/Login"/>
       <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://crowd.sunet.se/Shibboleth.sso/Login" index="1"/>
-    <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
-      <mdui:DisplayName xml:lang="sv">Sunets Crowd-inloggningstjänst </mdui:DisplayName>
-      <mdui:DisplayName xml:lang="en">Sunet Crowd Identity Management</mdui:DisplayName>
-      <mdui:Description xml:lang="sv">Sunets Atlassian Crowd-tjänst som hjälper till med användarhantering för Sunets Jira och Confluence </mdui:Description>
-      <mdui:Description xml:lang="en">Sunet's Atlassian Crowd-service providing identity management for Sunet's Jira and Confluence</mdui:Description>
-    </mdui:UIInfo>
+      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+        <mdui:DisplayName xml:lang="sv">Sunets Crowd-inloggningstjänst </mdui:DisplayName>
+        <mdui:DisplayName xml:lang="en">Sunet Crowd Identity Management</mdui:DisplayName>
+        <mdui:Description xml:lang="sv">Sunets Atlassian Crowd-tjänst som hjälper till med användarhantering för Sunets Jira och Confluence </mdui:Description>
+        <mdui:Description xml:lang="en">Sunet's Atlassian Crowd-service providing identity management for Sunet's Jira and Confluence</mdui:Description>
+      </mdui:UIInfo>
     </md:Extensions>
     <md:KeyDescriptor>
       <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
@@ -83,11 +84,9 @@ og+StCZFRCgVG6Yoq6EYaJYK1DsUP+4hBlptoRNdLd4aYwdG52H3By9WhnAE8wQ=
     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://crowd.sunet.se/Shibboleth.sso/SLO/POST"/>
     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://crowd.sunet.se/Shibboleth.sso/SLO/Artifact"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://crowd.sunet.se/Shibboleth.sso/SAML2/POST" index="1"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://crowd.sunet.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://crowd.sunet.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://crowd.sunet.se/Shibboleth.sso/SAML2/ECP" index="4"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://crowd.sunet.se/Shibboleth.sso/SAML/POST" index="5"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://crowd.sunet.se/Shibboleth.sso/SAML/Artifact" index="6"/>
   </md:SPSSODescriptor>
-
 </md:EntityDescriptor>
diff --git a/swamid-2.0/play.chalmers.se.xml b/swamid-2.0/play.chalmers.se.xml
new file mode 100644
index 00000000..c56ca454
--- /dev/null
+++ b/swamid-2.0/play.chalmers.se.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://play.chalmers.se">
+  <md:Extensions>
+    <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+      <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+        <samla:AttributeValue>http://www.swamid.se/category/nren-service</samla:AttributeValue>
+        <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+      </samla:Attribute>
+    </mdattr:EntityAttributes>
+  </md:Extensions>
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <md:Extensions>
+      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+        <mdui:DisplayName xml:lang="sv">Chalmers Tekniska Högskolas Play tjänst</mdui:DisplayName>
+        <mdui:DisplayName xml:lang="en">Chalmers University of Technology's Play service</mdui:DisplayName>
+        <mdui:Description xml:lang="sv">Detta är Chalmers Tekniska Högskolas Play tjänst</mdui:Description>
+        <mdui:Description xml:lang="en">This is Chalmers University of Technology’s streaming service</mdui:Description>
+      </mdui:UIInfo>
+    </md:Extensions>
+    <md:KeyDescriptor use="signing">
+      <ds:KeyInfo>
+        <ds:X509Data>
+          <ds:X509Certificate>MIIECTCCAvGgAwIBAgIJAJcfrITADDmvMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UEBxMITmV3IFlvcmsxEDAOBgNVBAoTB0thbHR1cmExGTAXBgNVBAMTEHBsYXkuY2hhbG1lcnMuc2UwHhcNMTcwMzA4MTIyMjQ5WhcNMjcwMzA4MTIyMjQ5WjBgMQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRAwDgYDVQQKEwdLYWx0dXJhMRkwFwYDVQQDExBwbGF5LmNoYWxtZXJzLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv60o0thHM1HlLkORVd84BBp+O6pGlfbbBihToc/VkWrI7hD9ZAWCeAofsAhXQgWyfcPD/B00qunNOZ27WNcWIO7v2rRqxw15ysJeobiVJfSKvQz0fWNCuaWHQBw12SxsbY0hxHYOSAq1EkI2c1tiikWlcw8yEBvcLfOA4kGiZk7XxeCs29sDC78ZwNDD7Gvbe5rxSI001Q8DLL286+YoH7ZsVdXZtuxyiysduonVpbztdlbclrNdSLkmcdk3oE+a7L6Q7L5FMRkCpevq7mG1U9D98aKutyO12bGied5CffTNll//CpIZ7Q9HQK33vETDmIJUFaYPC2jNWNMWkccaPQIDAQABo4HFMIHCMB0GA1UdDgQWBBRivsK/ylKwp/Wglce7twJpjnH7GzCBkgYDVR0jBIGKMIGHgBRivsK/ylKwp/Wglce7twJpjnH7G6FkpGIwYDELMAkGA1UEBhMCVVMxETAPBgNVBAgTCE5ldyBZb3JrMREwDwYDVQQHEwhOZXcgWW9yazEQMA4GA1UEChMHS2FsdHVyYTEZMBcGA1UEAxMQcGxheS5jaGFsbWVycy5zZYIJAJcfrITADDmvMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAK9llJZsfKU6tjtHKVxlX8aaZCeICl8IHsdpi3hJDpLSgr3vIj+ZEABnCpKvcPVbX/A2lvC1EtbV4o3uNyp3A6V//YubIFqt9UPdogw6/MNFpWmHMRDBaMZVOyT4X2VikPFlJ5Ucfr+O7Sjag/mCq61Sjd5XkvZlGMRPL4Cg6Ea6VlnncW6Rpaj9QX/gMxIQ9NCttZ06RwIjj5eZAaiGRQazhd0GLhGNQRz9jnvRNbOJ7jGSx300QEk6p+mHP09mUnx5YOzJCE9nMByXhl4Ab9nTqvf4mCi+r6J/uodGyyovzdgCDX+4mHsGaBcy3IopnPBcItOQeBc1E8xkVIE29nk=</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+    </md:KeyDescriptor>
+    <md:KeyDescriptor use="encryption">
+      <ds:KeyInfo>
+        <ds:X509Data>
+          <ds:X509Certificate>MIIECTCCAvGgAwIBAgIJAJcfrITADDmvMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UEBxMITmV3IFlvcmsxEDAOBgNVBAoTB0thbHR1cmExGTAXBgNVBAMTEHBsYXkuY2hhbG1lcnMuc2UwHhcNMTcwMzA4MTIyMjQ5WhcNMjcwMzA4MTIyMjQ5WjBgMQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRAwDgYDVQQKEwdLYWx0dXJhMRkwFwYDVQQDExBwbGF5LmNoYWxtZXJzLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv60o0thHM1HlLkORVd84BBp+O6pGlfbbBihToc/VkWrI7hD9ZAWCeAofsAhXQgWyfcPD/B00qunNOZ27WNcWIO7v2rRqxw15ysJeobiVJfSKvQz0fWNCuaWHQBw12SxsbY0hxHYOSAq1EkI2c1tiikWlcw8yEBvcLfOA4kGiZk7XxeCs29sDC78ZwNDD7Gvbe5rxSI001Q8DLL286+YoH7ZsVdXZtuxyiysduonVpbztdlbclrNdSLkmcdk3oE+a7L6Q7L5FMRkCpevq7mG1U9D98aKutyO12bGied5CffTNll//CpIZ7Q9HQK33vETDmIJUFaYPC2jNWNMWkccaPQIDAQABo4HFMIHCMB0GA1UdDgQWBBRivsK/ylKwp/Wglce7twJpjnH7GzCBkgYDVR0jBIGKMIGHgBRivsK/ylKwp/Wglce7twJpjnH7G6FkpGIwYDELMAkGA1UEBhMCVVMxETAPBgNVBAgTCE5ldyBZb3JrMREwDwYDVQQHEwhOZXcgWW9yazEQMA4GA1UEChMHS2FsdHVyYTEZMBcGA1UEAxMQcGxheS5jaGFsbWVycy5zZYIJAJcfrITADDmvMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAK9llJZsfKU6tjtHKVxlX8aaZCeICl8IHsdpi3hJDpLSgr3vIj+ZEABnCpKvcPVbX/A2lvC1EtbV4o3uNyp3A6V//YubIFqt9UPdogw6/MNFpWmHMRDBaMZVOyT4X2VikPFlJ5Ucfr+O7Sjag/mCq61Sjd5XkvZlGMRPL4Cg6Ea6VlnncW6Rpaj9QX/gMxIQ9NCttZ06RwIjj5eZAaiGRQazhd0GLhGNQRz9jnvRNbOJ7jGSx300QEk6p+mHP09mUnx5YOzJCE9nMByXhl4Ab9nTqvf4mCi+r6J/uodGyyovzdgCDX+4mHsGaBcy3IopnPBcItOQeBc1E8xkVIE29nk=</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+    </md:KeyDescriptor>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://play.chalmers.se/user/logout"/>
+    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://play.chalmers.se/user/authenticate" index="0"/>
+  </md:SPSSODescriptor>
+  <md:Organization>
+    <md:OrganizationName xml:lang="en">Chalmers (PROD)</md:OrganizationName>
+    <md:OrganizationDisplayName xml:lang="en">Chalmers (PROD)</md:OrganizationDisplayName>
+    <md:OrganizationURL xml:lang="en">https://play.chalmers.se</md:OrganizationURL>
+  </md:Organization>
+  <md:ContactPerson contactType="technical">
+    <md:SurName>Administrator</md:SurName>
+    <md:EmailAddress>mailto:saml_admin@kaltura.com</md:EmailAddress>
+  </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml
index 1607d69e..d0d2da78 100644
--- a/swamid-sp-2.0.mxml
+++ b/swamid-sp-2.0.mxml
@@ -621,4 +621,5 @@
   <xi:include href="swamid-2.0/ladok3.ladok.umu.se-8443-jenkins-securityrealm-finishlogin.xml"/>
   <xi:include href="swamid-2.0/ladok3.ladok.umu.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/ladok3-jenkins.ladok.umu.se-securityrealm-finishlogin.xml"/>
+  <xi:include href="swamid-2.0/play.chalmers.se.xml"/>
 </md:EntitiesDescriptor>
author	Paul Scott <paul.scott@kau.se>	2017-03-08 16:16:00 +0100
committer	Paul Scott <paul.scott@kau.se>	2017-03-08 16:16:00 +0100
commit	4927d3ba25cd58b12237b04b43c9366fea02ffe4 (patch)
tree	b6be0f06b4509a505724434166174642d179be88
parent	ce3a22ec52410f6fe9f4753132d68a7d28f963d1 (diff)