diff options
author | Paul Scott <paul.scott@kau.se> | 2015-04-21 13:14:48 +0200 |
---|---|---|
committer | Paul Scott <paul.scott@kau.se> | 2015-04-21 13:14:48 +0200 |
commit | 4c248feeafa5e058ba43593fc120694f6c079f48 (patch) | |
tree | 62b2fea615eb55f01f5ec660cf6efbd996a0559b | |
parent | 006e51cfdcad6c4f94c6bb6ecc0aa268aa3768f8 (diff) |
Resolves SWAMIDOPS-7643 and SWAMIDOPS-7646
-rw-r--r-- | swamid-2.0/idp-test.suni.se-adfs-services-trust.xml | 117 | ||||
-rw-r--r-- | swamid-2.0/idptest.hj.se-idp-shibboleth.xml | 189 | ||||
-rw-r--r-- | swamid-testing-idp-1.0.mxml | 2 |
3 files changed, 308 insertions, 0 deletions
diff --git a/swamid-2.0/idp-test.suni.se-adfs-services-trust.xml b/swamid-2.0/idp-test.suni.se-adfs-services-trust.xml new file mode 100644 index 00000000..6f8341e6 --- /dev/null +++ b/swamid-2.0/idp-test.suni.se-adfs-services-trust.xml @@ -0,0 +1,117 @@ +<?xml version="1.0" encoding="UTF-8"?> +<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://idp-test.suni.se/adfs/services/trust"> + <Extensions> + <shibmd:Scope regexp="false">suni.se</shibmd:Scope> + </Extensions> + <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <Extensions> + <shibmd:Scope regexp="false">suni.se</shibmd:Scope> + </Extensions> + <KeyDescriptor use="encryption"> + <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> + <X509Data> + <X509Certificate>MIIEmzCCA4OgAwIBAgIRAPk+SXniS3T2At3wrsquxWEwDQYJKoZIhvcNAQELBQAwZDELMAkGA1UEBhMCTkwxFjAUBgNVBAgTDU5vb3JkLUhvbGxhbmQxEjAQBgNVBAcTCUFtc3RlcmRhbTEPMA0GA1UEChMGVEVSRU5BMRgwFgYDVQQDEw9URVJFTkEgU1NMIENBIDIwHhcNMTUwNDIwMDAwMDAwWhcNMTgwNDE5MjM1OTU5WjA+MSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxGTAXBgNVBAMTEGlkcC10ZXN0LnN1bmkuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrrCK7qc2FuRKTeSb4sUoKHR6R/o7WLS7ZHbxmcwhm1Vpmx3ToxSYo+nzo6y2Cc/UnJ6Nbtgiuwg/mVZCp1Fxryjke9o+278k0ze1SZn+SIEgQ6QS8v21gYiBiqRz9tafG8DVS/rjmhMpzxhDc2sYs+h2sZeFETJquybByNk76zEiFuhKPuzzz33dF117wRGhUcnCUi9bqEcMfDfTeN9UurF0ZNFoLwqlgfZfR5FKF8GHcbtdkdAVECLlcepKK2EtkImUA+oQcHBkUahWULupRPE1HWK4RoQsrxnwl7TASKkktiWIYYynQDk5S/yV4POHnpbAB5cNuzsKlej8uAWhNAgMBAAGjggFsMIIBaDAfBgNVHSMEGDAWgBRb0IocmjJb4LXdllQb4YYosP22vTAdBgNVHQ4EFgQUkQuXiO/x19n+Qo2nP0vTSyaWvd0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAh0wCAYGZ4EMAQIBMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9URVJFTkFTU0xDQTIuY3JsMGwGCCsGAQUFBwEBBGAwXjA1BggrBgEFBQcwAoYpaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1RFUkVOQVNTTENBMi5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wGwYDVR0RBBQwEoIQaWRwLXRlc3Quc3VuaS5zZTANBgkqhkiG9w0BAQsFAAOCAQEAKl0eOcXaD8QEjMgjMJ/VbIFjQcZjGToKD7nEOwwR3qqVkNVtdcLofe6wmZM1ZaWtdRZ+HL6bJpAAn2EWtdAb0m6QNrkHF9dsSeNZUn3M+UZptfUxjDspnH070Crhghdq2Q1KPr3YC1VNBaN7bOJUwAhx1mEork3ZOYMlY8pnPUStDyi2p+LMgEVjDLjAEY+uuZL0fYUbdHuEMQ3c13APY7siDdOa8iGzk1NzxMINC5xpLSlWa+i6VtusuX4QumZVkB0n7Qm6JlU9D/Lp/MhzbvD5hKiy9Ii15XNrEJG4P0HY4GpTemNdx6fP5AeJ6NpahMiVbyTntNQJRpdPz28CDQ==</X509Certificate> + </X509Data> + </KeyInfo> + </KeyDescriptor> + <KeyDescriptor use="signing"> + <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> + <X509Data> + <X509Certificate>MIIEmzCCA4OgAwIBAgIRAPk+SXniS3T2At3wrsquxWEwDQYJKoZIhvcNAQELBQAwZDELMAkGA1UEBhMCTkwxFjAUBgNVBAgTDU5vb3JkLUhvbGxhbmQxEjAQBgNVBAcTCUFtc3RlcmRhbTEPMA0GA1UEChMGVEVSRU5BMRgwFgYDVQQDEw9URVJFTkEgU1NMIENBIDIwHhcNMTUwNDIwMDAwMDAwWhcNMTgwNDE5MjM1OTU5WjA+MSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxGTAXBgNVBAMTEGlkcC10ZXN0LnN1bmkuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrrCK7qc2FuRKTeSb4sUoKHR6R/o7WLS7ZHbxmcwhm1Vpmx3ToxSYo+nzo6y2Cc/UnJ6Nbtgiuwg/mVZCp1Fxryjke9o+278k0ze1SZn+SIEgQ6QS8v21gYiBiqRz9tafG8DVS/rjmhMpzxhDc2sYs+h2sZeFETJquybByNk76zEiFuhKPuzzz33dF117wRGhUcnCUi9bqEcMfDfTeN9UurF0ZNFoLwqlgfZfR5FKF8GHcbtdkdAVECLlcepKK2EtkImUA+oQcHBkUahWULupRPE1HWK4RoQsrxnwl7TASKkktiWIYYynQDk5S/yV4POHnpbAB5cNuzsKlej8uAWhNAgMBAAGjggFsMIIBaDAfBgNVHSMEGDAWgBRb0IocmjJb4LXdllQb4YYosP22vTAdBgNVHQ4EFgQUkQuXiO/x19n+Qo2nP0vTSyaWvd0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAh0wCAYGZ4EMAQIBMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9URVJFTkFTU0xDQTIuY3JsMGwGCCsGAQUFBwEBBGAwXjA1BggrBgEFBQcwAoYpaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1RFUkVOQVNTTENBMi5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wGwYDVR0RBBQwEoIQaWRwLXRlc3Quc3VuaS5zZTANBgkqhkiG9w0BAQsFAAOCAQEAKl0eOcXaD8QEjMgjMJ/VbIFjQcZjGToKD7nEOwwR3qqVkNVtdcLofe6wmZM1ZaWtdRZ+HL6bJpAAn2EWtdAb0m6QNrkHF9dsSeNZUn3M+UZptfUxjDspnH070Crhghdq2Q1KPr3YC1VNBaN7bOJUwAhx1mEork3ZOYMlY8pnPUStDyi2p+LMgEVjDLjAEY+uuZL0fYUbdHuEMQ3c13APY7siDdOa8iGzk1NzxMINC5xpLSlWa+i6VtusuX4QumZVkB0n7Qm6JlU9D/Lp/MhzbvD5hKiy9Ii15XNrEJG4P0HY4GpTemNdx6fP5AeJ6NpahMiVbyTntNQJRpdPz28CDQ==</X509Certificate> + </X509Data> + </KeyInfo> + </KeyDescriptor> + <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp-test.suni.se/adfs/services/trust/artifactresolution" index="0"/> + <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-test.suni.se/adfs/ls/"/> + <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-test.suni.se/adfs/ls/"/> + <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> + <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp-test.suni.se/adfs/ls/"/> + <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-test.suni.se/adfs/ls/"/> + <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-test.suni.se/adfs/ls/"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Registered User"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Identifier"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration Identifier"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration DisplayName"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS type"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS Version"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Managed Device"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Forwarded Client IP"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Application"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client User Agent"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client IP"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Endpoint Path"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Proxy"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application Identifier"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application policies"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authority Key Identifier"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Basic Constraint"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Enhanced Key Usage"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer Name"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Key Usage"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not After"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not Before"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Policies"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Public Key"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Raw Data"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Alternative Name"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Serial Number"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Signature Algorithm"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Key Identifier"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Name"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V2 Template Name"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V1 Template Name"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Thumbprint"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="X.509 Version"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Inside Corporate Network"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Time"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Days"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Update Password URL"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication Methods References"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Request ID"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2013/11/alternateloginid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Alternate Login ID"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/eduPersonScopedAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonScopedAffiliation"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/socialSecurityNumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="socialSecurityNumber"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/cn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="cn"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/eduPersonEntitlement" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonEntitlement"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Display Name"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/initials" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Initials"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/norEduPersonNIN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="norEduPersonNIN"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/socialSecurityNumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="socialSecurityNumberNotOld"/> + </IDPSSODescriptor> + <Organization> + <OrganizationName xml:lang="sv-SE">Södertörns högskola test</OrganizationName> + <OrganizationDisplayName xml:lang="sv-SE">Södertörns högskola test</OrganizationDisplayName> + <OrganizationURL xml:lang="sv-SE">http://www.sh.se/</OrganizationURL> + </Organization> + <ContactPerson contactType="support"> + <GivenName>Tomas</GivenName> + <SurName>Legat</SurName> + <EmailAddress>server@sh.se</EmailAddress> + <TelephoneNumber>08-6084000</TelephoneNumber> + </ContactPerson> +</EntityDescriptor> diff --git a/swamid-2.0/idptest.hj.se-idp-shibboleth.xml b/swamid-2.0/idptest.hj.se-idp-shibboleth.xml new file mode 100644 index 00000000..467dfccd --- /dev/null +++ b/swamid-2.0/idptest.hj.se-idp-shibboleth.xml @@ -0,0 +1,189 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + This is example metadata only. Do *NOT* supply it as is without review, + and do *NOT* provide it in real time to your partners. + + This metadata is not dynamic - it will not change as your configuration changes. +--> +<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://idptest.hj.se/idp/shibboleth"> + <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0"> + <Extensions> + <shibmd:Scope regexp="false">hj.se</shibmd:Scope> + <mdui:UIInfo> + <mdui:DisplayName xml:lang="en">Jönköping University - idptest.hj.se</mdui:DisplayName> + <mdui:Description xml:lang="en">The Jönköping University Test Identity Provider is used only for testing purpose.</mdui:Description> + <mdui:Logo height="77" width="630">https://hj.se/webdav/images/system/gfx/logotype/hj-sv.png</mdui:Logo> + </mdui:UIInfo> + </Extensions> + <KeyDescriptor use="signing"> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate> +MIIDIDCCAgigAwIBAgIVAKFIv7gVqTHNlULQ46qEKD58wzelMA0GCSqGSIb3DQEB +CwUAMBgxFjAUBgNVBAMMDWlkcHRlc3QuaGouc2UwHhcNMTUwNDE2MTIzNjIxWhcN +MzUwNDE2MTIzNjIxWjAYMRYwFAYDVQQDDA1pZHB0ZXN0LmhqLnNlMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0JcJL1Nug5T8UD8/Nb6k/LaUkAHfbQx +zZib5ZFzhVJzrC71NdplxqqjV0Uy5Lj/vOkeYyXgyNc2EFhj0pj0X/Sc2fznfIXH +3ke9NAv1r0MtZwoFXsVqGxc4kx0hy4QS/kzvHSQovZBxgyfyY06abgY+7D/txBjS +QG7SlLEfIZpzLdkxmUbnkTJyGgAiCxoe3gpJVq2d1vNuFgIwffqoP6ZkbSBBGOuG +m1nmpX6oSCmWA9LYaIC18rvg2vv76FNvK8nU87rg551NQhFTfF/bJ0ZSMPCpnpKu +8ZS+oYyn2rigXtgnSyW1TmT1ZPgMyVHfTLTx7bIw+VmVmeIh/Z8HSQIDAQABo2Ew +XzAdBgNVHQ4EFgQUQi/yV1jr1dK8GUlZTkPuskw/ScswPgYDVR0RBDcwNYINaWRw +dGVzdC5oai5zZYYkaHR0cHM6Ly9pZHB0ZXN0LmhqLnNlL2lkcC9zaGliYm9sZXRo +MA0GCSqGSIb3DQEBCwUAA4IBAQBCCoyJPTF+rktCgetDJcCH2ZHL1cg17BTSargD +GVRQcT43R6QtZkCeD4pr/gF6Iyo0TplAjOUZpLzN85u8igv1q1vaR2TfWLjQH+9P +nX13LjFqdcBghd/ygcdjAMIoPI2b0GOTW8rqwQkJG3J5dg6t+hU7nnqrCDwAIjY0 +es5fL7r15TdFgpglDgDuDdHr+wGyBj7NJtKwNIlwKdwLTfGuAlJMBikRPb7hXLeI +oSnwb0Y7P8GMDC7hOSUKZBsIgOScVzrKqsfxnIMryhBW1rFrrS1eDiF8j7lWq3Z9 ++Bnt4yQqMRjgHeLEVL5BcXpFNTzgMPOKxmIBjTDVdRamWisR + </ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </KeyDescriptor> + <KeyDescriptor use="signing"> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate> +MIIDIDCCAgigAwIBAgIVAKNEGfTEINJaenJtF9oWLLlzupllMA0GCSqGSIb3DQEB +CwUAMBgxFjAUBgNVBAMMDWlkcHRlc3QuaGouc2UwHhcNMTUwNDE2MTIzNjIwWhcN +MzUwNDE2MTIzNjIwWjAYMRYwFAYDVQQDDA1pZHB0ZXN0LmhqLnNlMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhfM4vMv+UFT14W3zBcN8UvqxbyWyczA +ovbK4OVPSm1X0B3pwScCRCYblQ5VGUMsUAdK827G2O4D946Y2WuyR5uwsFInESPT +B63Le+D3r5ihnLi+v/t0/pWSoiIuu2Mgx/wOhYM26MEFoCkXQ1f97gNppj/2gt2D +HbjFU6wFcvZZiz43BCNaWkE02cKnKHAUSAyXAlOjuz+T+pQBliiJ1qcRvYgoB/ng +Ma08zT4L25W5KbmGbzOVsiZBgH+sO3fktnWq6vWdpnaLGPIIXdsfxc+5uNhWbSNB +1viQszQjCXry99HeYfPtgxk7bhIB0wqc36SUktv0MIa2dKqJ+0AGuwIDAQABo2Ew +XzAdBgNVHQ4EFgQUG60Igc1R9kXrlbvi2CykDagzKYkwPgYDVR0RBDcwNYINaWRw +dGVzdC5oai5zZYYkaHR0cHM6Ly9pZHB0ZXN0LmhqLnNlL2lkcC9zaGliYm9sZXRo +MA0GCSqGSIb3DQEBCwUAA4IBAQBMzr0ZurlrLXV6QPdqT6LtkowgiN2IgiT8sDJh +AhcreW3XOsy9xQNYIhP6I8DdW9Pf2mAzpcxrUFKyoDINA9tRBgFSDeaCTXYvCBFC +SiKFGpd+udtwex+/xsc63GBqbuQGml1jf7tvIq0+xctHYF5AqQ7MYvoUYf/oIkdJ +MeRl+c2mK/fmXHZRI75/gl1vm4+nnknDmZ5ztvjQQ/wMpiOCKgLoFIaa1r03/8hB +ns0GCnxNxrNO2Lt5H8B1OD4zjBree1+CTOvcU9Ysuid6j9Cg7tpWmjce5J1tzD2V +itinoey/bFoYxyBLSwl08bW2opR2DYjuhnaF5F7/8RW4gsSK + </ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </KeyDescriptor> + <KeyDescriptor use="encryption"> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate> +MIIDIDCCAgigAwIBAgIVAIUL/EqjvMGZNtChQE84MYUlxJwzMA0GCSqGSIb3DQEB +CwUAMBgxFjAUBgNVBAMMDWlkcHRlc3QuaGouc2UwHhcNMTUwNDE2MTIzNjIxWhcN +MzUwNDE2MTIzNjIxWjAYMRYwFAYDVQQDDA1pZHB0ZXN0LmhqLnNlMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5v0+aejzn3dgUYJFuZy0ZekCc4FocMe +WqZbOVnSVCynBA9ZTT9rER1rSlQdyXrTqA63BQhXdKoW2XNKQYFKJt9RjMrkcDXk +ErJDHZgvXQcXrAt674yh+qB9MEpumlx5Nq0Sd8h+6Ox5gB6mJ5MZoikxvcRc3ItA +OCAnByelpu4to3paFWTe2VBnsv2irdkL//WXWJak7rj9E50wGkPXvBJ5cst/47Id +blGvA9Quve4BgaKVKgrw0iVSqlid8Yut9HzmQWWD48Yd1d6MSUoX/jGPPZ0NehFL +ug+KnZ9feyvQIsD4SLWoOpeofLdvNH+f+gAZ5F+71w5koiBZsx0uoQIDAQABo2Ew +XzAdBgNVHQ4EFgQU8fcjL1jDHLtJ2+PIIpI8hDOSD2IwPgYDVR0RBDcwNYINaWRw +dGVzdC5oai5zZYYkaHR0cHM6Ly9pZHB0ZXN0LmhqLnNlL2lkcC9zaGliYm9sZXRo +MA0GCSqGSIb3DQEBCwUAA4IBAQAszfhrL5sb0vZ722+bkywyKNR9KKU5gw6YWKpG +ew08pyP+N8KG5c+ZXlPMXJGIAhlL/Nj6/OPJSb4olQGuedUhx3ypJOi3/4zRpvdw +eYSDoIbuHf493UGBxvBX/546ODfzw4qoLToErPa1c1txjAcFg0n8B8TxjoWultNk +whJLHc+OZRI0wgiHjpMYCCHW4Ss/cW9fQse7biqV0logPliLkODDtoMGvo7jIebE +zSCKA8JHRGCGtdmzsBL18+rvZSkKNMLlgLRrPq0yGfs21cj5hlTcbf+v/lg6VDD+ +zsCvGvGHU2EK4J/5E7ZsmeCTJpIEV7omzhqn9oHee1PHKexJ + </ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </KeyDescriptor> + <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idptest.hj.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/> + <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idptest.hj.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/> + <!-- + <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idptest.hj.se/idp/profile/SAML2/Redirect/SLO"/> + <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idptest.hj.se/idp/profile/SAML2/POST/SLO"/> + <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idptest.hj.se:8443/idp/profile/SAML2/SOAP/SLO"/> + --> + <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> + <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idptest.hj.se/idp/profile/Shibboleth/SSO"/> + <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idptest.hj.se/idp/profile/SAML2/POST/SSO"/> + <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idptest.hj.se/idp/profile/SAML2/Redirect/SSO"/> + </IDPSSODescriptor> + <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol"> + <Extensions> + <shibmd:Scope regexp="false">hj.se</shibmd:Scope> + </Extensions> + <KeyDescriptor use="signing"> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate> +MIIDIDCCAgigAwIBAgIVAKFIv7gVqTHNlULQ46qEKD58wzelMA0GCSqGSIb3DQEB +CwUAMBgxFjAUBgNVBAMMDWlkcHRlc3QuaGouc2UwHhcNMTUwNDE2MTIzNjIxWhcN +MzUwNDE2MTIzNjIxWjAYMRYwFAYDVQQDDA1pZHB0ZXN0LmhqLnNlMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0JcJL1Nug5T8UD8/Nb6k/LaUkAHfbQx +zZib5ZFzhVJzrC71NdplxqqjV0Uy5Lj/vOkeYyXgyNc2EFhj0pj0X/Sc2fznfIXH +3ke9NAv1r0MtZwoFXsVqGxc4kx0hy4QS/kzvHSQovZBxgyfyY06abgY+7D/txBjS +QG7SlLEfIZpzLdkxmUbnkTJyGgAiCxoe3gpJVq2d1vNuFgIwffqoP6ZkbSBBGOuG +m1nmpX6oSCmWA9LYaIC18rvg2vv76FNvK8nU87rg551NQhFTfF/bJ0ZSMPCpnpKu +8ZS+oYyn2rigXtgnSyW1TmT1ZPgMyVHfTLTx7bIw+VmVmeIh/Z8HSQIDAQABo2Ew +XzAdBgNVHQ4EFgQUQi/yV1jr1dK8GUlZTkPuskw/ScswPgYDVR0RBDcwNYINaWRw +dGVzdC5oai5zZYYkaHR0cHM6Ly9pZHB0ZXN0LmhqLnNlL2lkcC9zaGliYm9sZXRo +MA0GCSqGSIb3DQEBCwUAA4IBAQBCCoyJPTF+rktCgetDJcCH2ZHL1cg17BTSargD +GVRQcT43R6QtZkCeD4pr/gF6Iyo0TplAjOUZpLzN85u8igv1q1vaR2TfWLjQH+9P +nX13LjFqdcBghd/ygcdjAMIoPI2b0GOTW8rqwQkJG3J5dg6t+hU7nnqrCDwAIjY0 +es5fL7r15TdFgpglDgDuDdHr+wGyBj7NJtKwNIlwKdwLTfGuAlJMBikRPb7hXLeI +oSnwb0Y7P8GMDC7hOSUKZBsIgOScVzrKqsfxnIMryhBW1rFrrS1eDiF8j7lWq3Z9 ++Bnt4yQqMRjgHeLEVL5BcXpFNTzgMPOKxmIBjTDVdRamWisR + </ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </KeyDescriptor> + <KeyDescriptor use="signing"> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate> +MIIDIDCCAgigAwIBAgIVAKNEGfTEINJaenJtF9oWLLlzupllMA0GCSqGSIb3DQEB +CwUAMBgxFjAUBgNVBAMMDWlkcHRlc3QuaGouc2UwHhcNMTUwNDE2MTIzNjIwWhcN +MzUwNDE2MTIzNjIwWjAYMRYwFAYDVQQDDA1pZHB0ZXN0LmhqLnNlMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhfM4vMv+UFT14W3zBcN8UvqxbyWyczA +ovbK4OVPSm1X0B3pwScCRCYblQ5VGUMsUAdK827G2O4D946Y2WuyR5uwsFInESPT +B63Le+D3r5ihnLi+v/t0/pWSoiIuu2Mgx/wOhYM26MEFoCkXQ1f97gNppj/2gt2D +HbjFU6wFcvZZiz43BCNaWkE02cKnKHAUSAyXAlOjuz+T+pQBliiJ1qcRvYgoB/ng +Ma08zT4L25W5KbmGbzOVsiZBgH+sO3fktnWq6vWdpnaLGPIIXdsfxc+5uNhWbSNB +1viQszQjCXry99HeYfPtgxk7bhIB0wqc36SUktv0MIa2dKqJ+0AGuwIDAQABo2Ew +XzAdBgNVHQ4EFgQUG60Igc1R9kXrlbvi2CykDagzKYkwPgYDVR0RBDcwNYINaWRw +dGVzdC5oai5zZYYkaHR0cHM6Ly9pZHB0ZXN0LmhqLnNlL2lkcC9zaGliYm9sZXRo +MA0GCSqGSIb3DQEBCwUAA4IBAQBMzr0ZurlrLXV6QPdqT6LtkowgiN2IgiT8sDJh +AhcreW3XOsy9xQNYIhP6I8DdW9Pf2mAzpcxrUFKyoDINA9tRBgFSDeaCTXYvCBFC +SiKFGpd+udtwex+/xsc63GBqbuQGml1jf7tvIq0+xctHYF5AqQ7MYvoUYf/oIkdJ +MeRl+c2mK/fmXHZRI75/gl1vm4+nnknDmZ5ztvjQQ/wMpiOCKgLoFIaa1r03/8hB +ns0GCnxNxrNO2Lt5H8B1OD4zjBree1+CTOvcU9Ysuid6j9Cg7tpWmjce5J1tzD2V +itinoey/bFoYxyBLSwl08bW2opR2DYjuhnaF5F7/8RW4gsSK + </ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </KeyDescriptor> + <KeyDescriptor use="encryption"> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate> +MIIDIDCCAgigAwIBAgIVAIUL/EqjvMGZNtChQE84MYUlxJwzMA0GCSqGSIb3DQEB +CwUAMBgxFjAUBgNVBAMMDWlkcHRlc3QuaGouc2UwHhcNMTUwNDE2MTIzNjIxWhcN +MzUwNDE2MTIzNjIxWjAYMRYwFAYDVQQDDA1pZHB0ZXN0LmhqLnNlMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5v0+aejzn3dgUYJFuZy0ZekCc4FocMe +WqZbOVnSVCynBA9ZTT9rER1rSlQdyXrTqA63BQhXdKoW2XNKQYFKJt9RjMrkcDXk +ErJDHZgvXQcXrAt674yh+qB9MEpumlx5Nq0Sd8h+6Ox5gB6mJ5MZoikxvcRc3ItA +OCAnByelpu4to3paFWTe2VBnsv2irdkL//WXWJak7rj9E50wGkPXvBJ5cst/47Id +blGvA9Quve4BgaKVKgrw0iVSqlid8Yut9HzmQWWD48Yd1d6MSUoX/jGPPZ0NehFL +ug+KnZ9feyvQIsD4SLWoOpeofLdvNH+f+gAZ5F+71w5koiBZsx0uoQIDAQABo2Ew +XzAdBgNVHQ4EFgQU8fcjL1jDHLtJ2+PIIpI8hDOSD2IwPgYDVR0RBDcwNYINaWRw +dGVzdC5oai5zZYYkaHR0cHM6Ly9pZHB0ZXN0LmhqLnNlL2lkcC9zaGliYm9sZXRo +MA0GCSqGSIb3DQEBCwUAA4IBAQAszfhrL5sb0vZ722+bkywyKNR9KKU5gw6YWKpG +ew08pyP+N8KG5c+ZXlPMXJGIAhlL/Nj6/OPJSb4olQGuedUhx3ypJOi3/4zRpvdw +eYSDoIbuHf493UGBxvBX/546ODfzw4qoLToErPa1c1txjAcFg0n8B8TxjoWultNk +whJLHc+OZRI0wgiHjpMYCCHW4Ss/cW9fQse7biqV0logPliLkODDtoMGvo7jIebE +zSCKA8JHRGCGtdmzsBL18+rvZSkKNMLlgLRrPq0yGfs21cj5hlTcbf+v/lg6VDD+ +zsCvGvGHU2EK4J/5E7ZsmeCTJpIEV7omzhqn9oHee1PHKexJ + </ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </KeyDescriptor> + <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idptest.hj.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/> + <!-- <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idptest.hj.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/> --> + <!-- If you uncomment the above you should add urn:oasis:names:tc:SAML:2.0:protocol to the protocolSupportEnumeration above --> + </AttributeAuthorityDescriptor> +</EntityDescriptor> diff --git a/swamid-testing-idp-1.0.mxml b/swamid-testing-idp-1.0.mxml index c3034e22..74cc7ba1 100644 --- a/swamid-testing-idp-1.0.mxml +++ b/swamid-testing-idp-1.0.mxml @@ -41,4 +41,6 @@ <xi:include href="swamid-2.0/dev.idp.eduid.se-idp.xml"/> <xi:include href="swamid-2.0/pilot.idp.eduid.se-idp.xml"/> <xi:include href="swamid-2.0/a0251.srv.lu.se-idp-shibboleth.xml"/> + <xi:include href="swamid-2.0/idp-test.suni.se-adfs-services-trust.xml"/> + <xi:include href="swamid-2.0/idptest.hj.se-idp-shibboleth.xml"/> </EntitiesDescriptor> |