diff options
| author | Leif Johansson <leifj@sunet.se> | 2017-01-13 16:10:46 +0100 |
|---|---|---|
| committer | Leif Johansson <leifj@sunet.se> | 2017-01-13 16:10:46 +0100 |
| commit | ccf712d0a7e6e497d0cfd9d6b1221270dd50f4ce (patch) | |
| tree | 5788841d71778363c7278b3f5915c289ac4a5844 | |
| parent | 6e199154f129d49c1f741b492581b874c6697fc5 (diff) | |
| parent | b51674489c567febcafe7533d8ad1f6c46ec9f23 (diff) | |
Merge branch 'master' of md-master.swamid.se:swamid-metadata
| -rw-r--r-- | swamid-2.0/dbh-prod.i.uhr.se-shibboleth.xml | 101 | ||||
| -rw-r--r-- | swamid-2.0/idp.sunet.se-idp.xml | 8 | ||||
| -rw-r--r-- | swamid-2.0/ladok3-jenkins.ladok.umu.se-jenkins-securityrealm-finishlogin.xml | 86 | ||||
| -rw-r--r-- | swamid-2.0/ladok3.ladok.umu.se-8443-jenkins-securityrealm-finishlogin.xml | 86 | ||||
| -rw-r--r-- | swamid-2.0/ladok3.ladok.umu.se-shibboleth.xml | 1 | ||||
| -rw-r--r-- | swamid-2.0/luvittest1.education.lu.se-shibboleth.xml | 1 | ||||
| -rw-r--r-- | swamid-2.0/luvittest2.ced.lu.se-shibboleth.xml | 1 | ||||
| -rw-r--r-- | swamid-2.0/test.account.hj.se-adfs-services-trust.xml | 785 | ||||
| -rw-r--r-- | swamid-2.0/video.nordu.net.xml | 39 | ||||
| -rw-r--r-- | swamid-2.0/www.scalable-learning.com.xml | 2 | ||||
| -rw-r--r-- | swamid-sp-2.0.mxml | 5 |
11 files changed, 1107 insertions, 8 deletions
diff --git a/swamid-2.0/dbh-prod.i.uhr.se-shibboleth.xml b/swamid-2.0/dbh-prod.i.uhr.se-shibboleth.xml new file mode 100644 index 00000000..71c3c1e5 --- /dev/null +++ b/swamid-2.0/dbh-prod.i.uhr.se-shibboleth.xml @@ -0,0 +1,101 @@ +<?xml version="1.0" encoding="UTF-8"?> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://dbh-prod.i.uhr.se/shibboleth"> + <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> + <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> + <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category"> + <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue> + <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue> + </samla:Attribute> + </mdattr:EntityAttributes> + </md:Extensions> + <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol"> + <md:Extensions> + <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> + <mdui:DisplayName xml:lang="sv">Test av ny produktionssite för Bedömningshandboken (kommer att få denna URL vid driftsättning: bedomningshandboken.uhr.se)</mdui:DisplayName> + <mdui:DisplayName xml:lang="en">Test of new production site for Bedömningshandboken (will get this URL when released: bedomningshandboken.uhr.se)</mdui:DisplayName> + <mdui:Description xml:lang="sv">Test av Bedömningshandboken</mdui:Description> + <mdui:Description xml:lang="en">Test of Bedömningshandboken</mdui:Description> + </mdui:UIInfo> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/Login"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/Login" index="1"/> + </md:Extensions> + <md:KeyDescriptor> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:KeyName>uhrepiweb02.i.uhr.se</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=uhrepiweb02.i.uhr.se</ds:X509SubjectName> + <ds:X509Certificate>MIIEAzCCAmugAwIBAgIJAOdBqacZ4/EFMA0GCSqGSIb3DQEBCwUAMB8xHTAbBgNV +BAMTFHVocmVwaXdlYjAyLmkudWhyLnNlMB4XDTE3MDExMTEyMTgyMloXDTI3MDEw +OTEyMTgyMlowHzEdMBsGA1UEAxMUdWhyZXBpd2ViMDIuaS51aHIuc2UwggGiMA0G +CSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDv6EgQw6o9Umqd16VMHb3PBMYw+bxy +2dGv2EPMYAFHjMpythOVvyTrXtA9dgB1Zww77yysuvE5s5+3bEuiZywKtlJ3pWPd +tn59T8dl85MOorrq0RzKHcXCDF6s7tMTdcV8M4sBC/H9aGmKnHgm0Y617rgfGv5P +muilDwvktEqafohLce08DZEMWGJBh9jUSEZ/S/Wn7PO1GBX2QA9oHotZAqevR06v +YaffEG0kEIrQt64uhF0bSBZCfhp0J+SBMk0Wvsma2ckpZ7eRUcET9h7LKn71KIJ8 +1sCocpbn+3JDzhD2uBiYyQaR15Ijfdq8iqfbkX+hmPm0D5/wU3gpuPKuG1UHsAmE +kEsDPifSFJSbgTLVw+vFFBXqKA+/hWidtLgP4XVNgFI1GB8J5Ly+fMn2bXfH8CwH +HpffzdGNznYiY0WeJX+lsw9dVFIaCrn5PTZiT0jC+kFvP856UE18QbkL1emi8WrJ +ptrarp52vCoklBE3zHyJ+rjaKR/zVUKZldUCAwEAAaNCMEAwHwYDVR0RBBgwFoIU +dWhyZXBpd2ViMDIuaS51aHIuc2UwHQYDVR0OBBYEFOfeY2rg/PgZ2fgEOk2v2x0w +VnSXMA0GCSqGSIb3DQEBCwUAA4IBgQAGwaIX03w9j4Zm0bIne3Elo/3WVCVdZOev +ZIX6tq2Fio3+YpnAH+L3sO0FROTRGuxUusJOUWnYJDcVIHOfgzUU0eTa9o/S+fdG +XNKSeNizrBhvYIRxqhY4tyXhQrp2gEQyUR6LT9rA+X5yYMlrajp2M/Kav1/2sfF4 +EKRAkrCY2eU0ZeI5JwaopzwMYiKxpyoqipUPqFu28xabijrGx6vgbzEfT42Bz7lg +Q3WUc+tUWPyL9fqGw0FZySSQwks95fXZlQezu1kKHDiptiX2u8lfW3aPbT2PC7ek +CwsF12e85+5pzfygrHWG9A+hKv49Dt6uTYnYrnv0aQRvAXOwUQ6ZIwKVy3/IISuM +PI0Bmb7LkjvTr24EPa24S6YMvD+utfgh+MjSnA5lHdDvTtZheoqyoI5haeQ5MMI5 +LKZPDKEVmUXoIJA24fs/pj0RL5nBDYiRobwK1TpM633Ae+NhPDqD0o1JdgPUV3Vg +GCB2r29GXIAUYaUyAdsWXNMFG6lb7IM= +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> + </md:KeyDescriptor> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/Artifact/SOAP" index="1"/> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/Artifact/SOAP" index="2"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SLO/SOAP"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SLO/Redirect"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SLO/POST"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SLO/Artifact"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SAML2/POST" index="1"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SAML2/Artifact" index="3"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SAML2/ECP" index="4"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SAML/POST" index="5"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SAML/Artifact" index="6"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SAML2/POST" index="7"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SAML2/Artifact" index="8"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SAML2/ECP" index="9"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SAML/POST" index="10"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SAML/Artifact" index="11"/> + </md:SPSSODescriptor> + <md:ContactPerson contactType="administrative"> + <md:GivenName>Erik</md:GivenName> + <md:SurName>Jonsson</md:SurName> + <md:EmailAddress>mailto:erik.jonsson@umu.se</md:EmailAddress> + </md:ContactPerson> +</md:EntityDescriptor> diff --git a/swamid-2.0/idp.sunet.se-idp.xml b/swamid-2.0/idp.sunet.se-idp.xml index 49c66711..c25da687 100644 --- a/swamid-2.0/idp.sunet.se-idp.xml +++ b/swamid-2.0/idp.sunet.se-idp.xml @@ -72,16 +72,16 @@ jiN2PVb/fS119Yu9s/jk86TcHIATZtmc/h6y5FkHzADUHGPPNum92l027dPIVqeT <saml:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.sunet.se/Saml2SP/sso/post"/> </saml:IDPSSODescriptor> <saml:Organization> - <saml:OrganizationName xml:lang="en">SUNET Staff Login</saml:OrganizationName> - <saml:OrganizationDisplayName xml:lang="en">SUNET Staff Login</saml:OrganizationDisplayName> + <saml:OrganizationName xml:lang="en">SUNET Employees</saml:OrganizationName> + <saml:OrganizationDisplayName xml:lang="en">SUNET Employees</saml:OrganizationDisplayName> <saml:OrganizationURL xml:lang="en">https://sunet.se</saml:OrganizationURL> </saml:Organization> <saml:ContactPerson contactType="technical"> <saml:GivenName>Technical</saml:GivenName> - <saml:EmailAddress>noc@sunet.se</saml:EmailAddress> + <saml:EmailAddress>mailto:noc@sunet.se</saml:EmailAddress> </saml:ContactPerson> <saml:ContactPerson contactType="support"> <saml:GivenName>Support</saml:GivenName> - <saml:EmailAddress>noc@sunet.se</saml:EmailAddress> + <saml:EmailAddress>mailto:noc@sunet.se</saml:EmailAddress> </saml:ContactPerson> </saml:EntityDescriptor> diff --git a/swamid-2.0/ladok3-jenkins.ladok.umu.se-jenkins-securityrealm-finishlogin.xml b/swamid-2.0/ladok3-jenkins.ladok.umu.se-jenkins-securityrealm-finishlogin.xml new file mode 100644 index 00000000..4b32257b --- /dev/null +++ b/swamid-2.0/ladok3-jenkins.ladok.umu.se-jenkins-securityrealm-finishlogin.xml @@ -0,0 +1,86 @@ +<?xml version="1.0" encoding="UTF-8"?> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://ladok3-jenkins.ladok.umu.se/jenkins/securityRealm/finishLogin"> + <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"> + <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> + <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category"> + <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue> + <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue> + <samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue> + </samla:Attribute> + </mdattr:EntityAttributes> + </md:Extensions> + <md:SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <md:Extensions> + <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> + <mdui:DisplayName xml:lang="sv">Inloggning Jenkins Ladok3</mdui:DisplayName> + <mdui:DisplayName xml:lang="en">Ladok3 Jenkins login</mdui:DisplayName> + <mdui:Description xml:lang="sv">Inloggning mot Ladok3:s Jenkins</mdui:Description> + <mdui:Description xml:lang="en">Login to Ladok3 Jenkins</mdui:Description> + </mdui:UIInfo> + </md:Extensions> + <md:KeyDescriptor use="signing"> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:X509Data> + <ds:X509Certificate>MIIDdzCCAl+gAwIBAgIEJudoaDANBgkqhkiG9w0BAQsFADBsMRAwDgYDVQQGEwdVbmtub3duMRAw +DgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRAwDgYDVQQKEwdVbmtub3duMRAwDgYD +VQQLEwdVbmtub3duMRAwDgYDVQQDEwdVbmtub3duMB4XDTE3MDExMzA5MjIzMVoXDTI3MDExMTA5 +MjIzMVowbDEQMA4GA1UEBhMHVW5rbm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5r +bm93bjEQMA4GA1UEChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93 +bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIP8E+1UWC6THFR8PvNo6enlD9/cDwge +DBcMZfSNExv6FsNAvForGr/P0WONMNHNgc6xl1FXxFubz4Ce0b6NyRsH5fIr59/ASc5t/jIS1z8z +S2NOQC1ltRaSKYJTnBsiXKDLJPqFR4XtqN7TsUjLF6KRVfmx7FUhU9ccVONJxDstymN8sF1oGq2s +LitZiVYb98ZPgILNFk0B064rhL2P65NQ0rZNzyvogp3uNexg+pxS2FyG26X136qbnmvAzJGbo5s/ +Rk2vW3CTEpPISvQW4kNlBDPz5S/epRa5bdJsGLHJkBJCKo0bTjzwg6/T19rSzrxdzt6tBD3vUzYX +mhdgLSsCAwEAAaMhMB8wHQYDVR0OBBYEFPj1pmO/WxXRBHNpAsolfuhenJV6MA0GCSqGSIb3DQEB +CwUAA4IBAQBRultcmx0OePrE+Q5m9bza3H9X9Nwn3vpfCQtg9VFhCfP1l4Kdy72cXXSKK+oRA1Zb ++221oO474dUxNQ8RlG9HaeNxGiUkyoYeHLfyIoU3zR+Sk1t1v9uEGvUG4ALmNdqJD5T0yNh+B029 +HkiecYTX5/KhlMSyQQyqd1TbssLdg/GM7hYmIWosanb1ueFkyv6gYyh6ZgZgza6tf63gjVvvYTog +bYrcg39YS/2EWWrboSpMu2+agRG+NebnTpJzKirx/I1dZldnmvxN+j4ZhMoMZq+qZ4XK3kNY1q76 ++8sPLliD3nUprmKNJKgFYAni7n4fEGA27w+s19nQittHAwzu</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </md:KeyDescriptor> + <md:KeyDescriptor use="encryption"> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:X509Data> + <ds:X509Certificate>MIIDdzCCAl+gAwIBAgIEJudoaDANBgkqhkiG9w0BAQsFADBsMRAwDgYDVQQGEwdVbmtub3duMRAw +DgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRAwDgYDVQQKEwdVbmtub3duMRAwDgYD +VQQLEwdVbmtub3duMRAwDgYDVQQDEwdVbmtub3duMB4XDTE3MDExMzA5MjIzMVoXDTI3MDExMTA5 +MjIzMVowbDEQMA4GA1UEBhMHVW5rbm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5r +bm93bjEQMA4GA1UEChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93 +bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIP8E+1UWC6THFR8PvNo6enlD9/cDwge +DBcMZfSNExv6FsNAvForGr/P0WONMNHNgc6xl1FXxFubz4Ce0b6NyRsH5fIr59/ASc5t/jIS1z8z +S2NOQC1ltRaSKYJTnBsiXKDLJPqFR4XtqN7TsUjLF6KRVfmx7FUhU9ccVONJxDstymN8sF1oGq2s +LitZiVYb98ZPgILNFk0B064rhL2P65NQ0rZNzyvogp3uNexg+pxS2FyG26X136qbnmvAzJGbo5s/ +Rk2vW3CTEpPISvQW4kNlBDPz5S/epRa5bdJsGLHJkBJCKo0bTjzwg6/T19rSzrxdzt6tBD3vUzYX +mhdgLSsCAwEAAaMhMB8wHQYDVR0OBBYEFPj1pmO/WxXRBHNpAsolfuhenJV6MA0GCSqGSIb3DQEB +CwUAA4IBAQBRultcmx0OePrE+Q5m9bza3H9X9Nwn3vpfCQtg9VFhCfP1l4Kdy72cXXSKK+oRA1Zb ++221oO474dUxNQ8RlG9HaeNxGiUkyoYeHLfyIoU3zR+Sk1t1v9uEGvUG4ALmNdqJD5T0yNh+B029 +HkiecYTX5/KhlMSyQQyqd1TbssLdg/GM7hYmIWosanb1ueFkyv6gYyh6ZgZgza6tf63gjVvvYTog +bYrcg39YS/2EWWrboSpMu2+agRG+NebnTpJzKirx/I1dZldnmvxN+j4ZhMoMZq+qZ4XK3kNY1q76 ++8sPLliD3nUprmKNJKgFYAni7n4fEGA27w+s19nQittHAwzu</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </md:KeyDescriptor> + <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat> + <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat> + <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat> + <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ladok3-jenkins.ladok.umu.se/jenkins/securityRealm/finishLogin" index="0"/> + </md:SPSSODescriptor> + <md:ContactPerson contactType="administrative"> + <md:Company>ITS, Umea universitet</md:Company> + <md:SurName>Fredrik Domeij</md:SurName> + <md:EmailAddress>fredrik.domeij@umu.se</md:EmailAddress> + </md:ContactPerson> + <md:ContactPerson contactType="technical"> + <md:Company>ITS, Umea universitet</md:Company> + <md:SurName>Fredrik Domeij</md:SurName> + <md:EmailAddress>fredrik.domeij@umu.se</md:EmailAddress> + </md:ContactPerson> + <md:ContactPerson contactType="support"> + <md:Company>ITS, Umea universitet</md:Company> + <md:SurName>Fredrik Domeij</md:SurName> + <md:EmailAddress>fredrik.domeij@umu.se</md:EmailAddress> + </md:ContactPerson> +</md:EntityDescriptor> diff --git a/swamid-2.0/ladok3.ladok.umu.se-8443-jenkins-securityrealm-finishlogin.xml b/swamid-2.0/ladok3.ladok.umu.se-8443-jenkins-securityrealm-finishlogin.xml new file mode 100644 index 00000000..d8111280 --- /dev/null +++ b/swamid-2.0/ladok3.ladok.umu.se-8443-jenkins-securityrealm-finishlogin.xml @@ -0,0 +1,86 @@ +<?xml version="1.0" encoding="UTF-8"?> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://ladok3.ladok.umu.se:8443/jenkins/securityRealm/finishLogin"> + <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"> + <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> + <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category"> + <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue> + <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue> + <samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue> + </samla:Attribute> + </mdattr:EntityAttributes> + </md:Extensions> + <md:SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <md:Extensions> + <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> + <mdui:DisplayName xml:lang="sv">Inloggning Jenkins Ladok3 (old)</mdui:DisplayName> + <mdui:DisplayName xml:lang="en">Ladok3 Jenkins login (old)</mdui:DisplayName> + <mdui:Description xml:lang="sv">Inloggning mot Ladok3:s Jenkins</mdui:Description> + <mdui:Description xml:lang="en">Login to Ladok3 Jenkins</mdui:Description> + </mdui:UIInfo> + </md:Extensions> + <md:KeyDescriptor use="signing"> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:X509Data> + <ds:X509Certificate>MIIDdzCCAl+gAwIBAgIERMR+4zANBgkqhkiG9w0BAQsFADBsMRAwDgYDVQQGEwdVbmtub3duMRAw +DgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRAwDgYDVQQKEwdVbmtub3duMRAwDgYD +VQQLEwdVbmtub3duMRAwDgYDVQQDEwdVbmtub3duMB4XDTE3MDExMzE0MDE1NVoXDTI3MDExMTE0 +MDE1NVowbDEQMA4GA1UEBhMHVW5rbm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5r +bm93bjEQMA4GA1UEChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93 +bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJuHjYqu6jUCbj6JVxVlnnTa2qEwTsTn +r5VUd5DT/++72+aCbx0RuzW7bR5hihEk91J+A3uA4NVTmZbKY8xqM1ALXHf3lyDDsA1eRyUk9Han +9/tct9VHwryDscQtUhJt672s85cq65oHVBRrPoCRBoGqcTMCUHBrUGDOOKW862NzlxxX9RH6JKhN +DqspuO5XYgYEaJfMagZSPQKdyko0Z18TIA3cKWautLIFkg/MbFn2C6sLutd6tLD0iBPd/fZ0j/wy +9QM300eRLHK5HuVsaphCeNuOPJuTMHLNTqJ6dRTLnAa2IQv8cszd3cuytMtgsU347IcyplK5uYNC +9Qz/El8CAwEAAaMhMB8wHQYDVR0OBBYEFICz8BXR9dOGx9j4DmL6qCSRh/dhMA0GCSqGSIb3DQEB +CwUAA4IBAQBl1nw8qeEE3otWHJY1hNwmJiebvNQQWjFq16woCo6MBJI+lxCOwaJ+V+yefMBt6PQq +x/hzgQMUoHaBjKFOsDUnf6DT27szdp3hkrOZsedBEKOkQLVxHGdHcvqkm2eQn3ZEJxyQJzViZNw3 +0xL/fZA8piBCzBp5sjdAK0xUk1PxIzXR/x/cn7KbnSwbL8utPCUYKkr5IXpGZbwFen9QhMW5Knbm +59dH7LfpOzv+ID4gZ/aew21ldb5PFTBXZuesVZW8VCW6ddLtbbLNaRCkMuvjDHYIPh7nigN2LhrQ +Zt9koo0LwqrO6JAc0XcB96E3f2td2FHdIzwOS/IbzLPX6lXA</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </md:KeyDescriptor> + <md:KeyDescriptor use="encryption"> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:X509Data> + <ds:X509Certificate>MIIDdzCCAl+gAwIBAgIERMR+4zANBgkqhkiG9w0BAQsFADBsMRAwDgYDVQQGEwdVbmtub3duMRAw +DgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRAwDgYDVQQKEwdVbmtub3duMRAwDgYD +VQQLEwdVbmtub3duMRAwDgYDVQQDEwdVbmtub3duMB4XDTE3MDExMzE0MDE1NVoXDTI3MDExMTE0 +MDE1NVowbDEQMA4GA1UEBhMHVW5rbm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5r +bm93bjEQMA4GA1UEChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93 +bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJuHjYqu6jUCbj6JVxVlnnTa2qEwTsTn +r5VUd5DT/++72+aCbx0RuzW7bR5hihEk91J+A3uA4NVTmZbKY8xqM1ALXHf3lyDDsA1eRyUk9Han +9/tct9VHwryDscQtUhJt672s85cq65oHVBRrPoCRBoGqcTMCUHBrUGDOOKW862NzlxxX9RH6JKhN +DqspuO5XYgYEaJfMagZSPQKdyko0Z18TIA3cKWautLIFkg/MbFn2C6sLutd6tLD0iBPd/fZ0j/wy +9QM300eRLHK5HuVsaphCeNuOPJuTMHLNTqJ6dRTLnAa2IQv8cszd3cuytMtgsU347IcyplK5uYNC +9Qz/El8CAwEAAaMhMB8wHQYDVR0OBBYEFICz8BXR9dOGx9j4DmL6qCSRh/dhMA0GCSqGSIb3DQEB +CwUAA4IBAQBl1nw8qeEE3otWHJY1hNwmJiebvNQQWjFq16woCo6MBJI+lxCOwaJ+V+yefMBt6PQq +x/hzgQMUoHaBjKFOsDUnf6DT27szdp3hkrOZsedBEKOkQLVxHGdHcvqkm2eQn3ZEJxyQJzViZNw3 +0xL/fZA8piBCzBp5sjdAK0xUk1PxIzXR/x/cn7KbnSwbL8utPCUYKkr5IXpGZbwFen9QhMW5Knbm +59dH7LfpOzv+ID4gZ/aew21ldb5PFTBXZuesVZW8VCW6ddLtbbLNaRCkMuvjDHYIPh7nigN2LhrQ +Zt9koo0LwqrO6JAc0XcB96E3f2td2FHdIzwOS/IbzLPX6lXA</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </md:KeyDescriptor> + <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat> + <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat> + <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat> + <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ladok3.ladok.umu.se:8443/jenkins/securityRealm/finishLogin" index="0"/> + </md:SPSSODescriptor> + <md:ContactPerson contactType="administrative"> + <md:Company>ITS, Umea universitet</md:Company> + <md:SurName>Fredrik Domeij</md:SurName> + <md:EmailAddress>fredrik.domeij@umu.se</md:EmailAddress> + </md:ContactPerson> + <md:ContactPerson contactType="technical"> + <md:Company>ITS, Umea universitet</md:Company> + <md:SurName>Fredrik Domeij</md:SurName> + <md:EmailAddress>fredrik.domeij@umu.se</md:EmailAddress> + </md:ContactPerson> + <md:ContactPerson contactType="support"> + <md:Company>ITS, Umea universitet</md:Company> + <md:SurName>Fredrik Domeij</md:SurName> + <md:EmailAddress>fredrik.domeij@umu.se</md:EmailAddress> + </md:ContactPerson> +</md:EntityDescriptor> diff --git a/swamid-2.0/ladok3.ladok.umu.se-shibboleth.xml b/swamid-2.0/ladok3.ladok.umu.se-shibboleth.xml index 9bfc1afd..747ff281 100644 --- a/swamid-2.0/ladok3.ladok.umu.se-shibboleth.xml +++ b/swamid-2.0/ladok3.ladok.umu.se-shibboleth.xml @@ -88,7 +88,6 @@ L8JKymQ3TDk/0a+t4y/ARC9bJ0ttOPY4K7WD21ddd0/xlz/AvA2g/f1Amlf0DC3T <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ladok3.ladok.umu.se/Shibboleth.sso/NIM/POST"/> <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ladok3.ladok.umu.se/Shibboleth.sso/NIM/Artifact"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ladok3.ladok.umu.se/Shibboleth.sso/SAML2/POST" index="1"/> - <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://ladok3.ladok.umu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ladok3.ladok.umu.se/Shibboleth.sso/SAML2/Artifact" index="3"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://ladok3.ladok.umu.se/Shibboleth.sso/SAML2/ECP" index="4"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ladok3.ladok.umu.se/Shibboleth.sso/SAML/POST" index="5"/> diff --git a/swamid-2.0/luvittest1.education.lu.se-shibboleth.xml b/swamid-2.0/luvittest1.education.lu.se-shibboleth.xml index eb7a6980..6bb5c3b9 100644 --- a/swamid-2.0/luvittest1.education.lu.se-shibboleth.xml +++ b/swamid-2.0/luvittest1.education.lu.se-shibboleth.xml @@ -79,7 +79,6 @@ V++yEkt5n8e8BoA3PHj5/MSgzEqPnlNRMhTX5QYW4TYy23uQaXVwybYPSw== <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://luvittest1.education.lu.se/Shibboleth.sso/NIM/POST"/> <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://luvittest1.education.lu.se/Shibboleth.sso/NIM/Artifact"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://luvittest1.education.lu.se/Shibboleth.sso/SAML2/POST" index="1"/> - <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://luvittest1.education.lu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://luvittest1.education.lu.se/Shibboleth.sso/SAML2/Artifact" index="3"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://luvittest1.education.lu.se/Shibboleth.sso/SAML2/ECP" index="4"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://luvittest1.education.lu.se/Shibboleth.sso/SAML/POST" index="5"/> diff --git a/swamid-2.0/luvittest2.ced.lu.se-shibboleth.xml b/swamid-2.0/luvittest2.ced.lu.se-shibboleth.xml index f6c55379..6254f6cb 100644 --- a/swamid-2.0/luvittest2.ced.lu.se-shibboleth.xml +++ b/swamid-2.0/luvittest2.ced.lu.se-shibboleth.xml @@ -79,7 +79,6 @@ V++yEkt5n8e8BoA3PHj5/MSgzEqPnlNRMhTX5QYW4TYy23uQaXVwybYPSw== <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://luvittest2.education.lu.se/Shibboleth.sso/NIM/POST"/> <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://luvittest2.education.lu.se/Shibboleth.sso/NIM/Artifact"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://luvittest2.education.lu.se/Shibboleth.sso/SAML2/POST" index="1"/> - <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://luvittest2.education.lu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://luvittest2.education.lu.se/Shibboleth.sso/SAML2/Artifact" index="3"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://luvittest2.education.lu.se/Shibboleth.sso/SAML2/ECP" index="4"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://luvittest2.education.lu.se/Shibboleth.sso/SAML/POST" index="5"/> diff --git a/swamid-2.0/test.account.hj.se-adfs-services-trust.xml b/swamid-2.0/test.account.hj.se-adfs-services-trust.xml new file mode 100644 index 00000000..281515cd --- /dev/null +++ b/swamid-2.0/test.account.hj.se-adfs-services-trust.xml @@ -0,0 +1,785 @@ +<?xml version="1.0" encoding="UTF-8"?> +<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://test.account.hj.se/adfs/services/trust"> + <Extensions> + <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> + <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category"> + <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue> + <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue> + <samla:AttributeValue>http://www.swamid.se/category/sfs-1993-1153</samla:AttributeValue> + </samla:Attribute> + </mdattr:EntityAttributes> + </Extensions> + <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="TEST - Jönköping University"> + <KeyDescriptor use="encryption"> + <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> + <X509Data> + <X509Certificate>MIIC5jCCAc6gAwIBAgIQJ6LjjqEWcpJFTvVMSkHi1DANBgkqhkiG9w0BAQsFADAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZXN0LmFjY291bnQuaGouc2UwHhcNMTYxMjA5MTQzMDMwWhcNMTkxMjA5MTQzMDMwWjAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZXN0LmFjY291bnQuaGouc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKeIg/zjQRwo2xTfCu1a+D51QeiD4FTJqsm0Avzhf/voxxhjbNWDa21QjezqpwgXEP7kVfXkEngzaW5wlraZdgZp44dkI0VnXAQ6U2XO0Rm3RX2ZOmYU5s23JwPeuYW5hHlSRpnLvSjiPahSZzeRR4Z2HuVwPOFaxQHxio2LM8YrjeJfUrznjipA4s8PaYoPs7wGe79FNRzVarAyIlmEJRFmNgYmaAJNVQUkQ+iappvq7vlkeXhGbxFOhhpvX7BMaNSDl+c4hATObtYENTPelA5Aiu5yZ3oAgt6fudkND9HNQQn7RMGMHVeRx6X13wzAetbhOMZQlx/I1jkcixiUiLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBADT+YOGXpr3WXIyZfZeQVZTaCFQcm05oxu4Uucc5rYfJTRxQSarYTc1KW94wemAbEFCOAJuwL8zxOcHnoghikBVZZ8uW1qG2Jw+Jo0uf6fbH1PljKMH2Xy2uZOUbyv262aLfZ0rTEr3rPL1SFCAUimcjhqE4Y2QcGol+gGYOk41wgKcW9zS0D7RnQLDBi6wInKjhHWiwVEnGgqwo3ieb0IWV070Aa2EhSWkprXgB6HmxK9uN/tAZcS8KqR3TQHEN8OuinSeGU9+37G9OC3GiAnYXk49S4FqlnY2HJt8CuN64eMYlvRRRtwQozVy/N2vGARRKP4uP5cKZJ2ELheMv38w=</X509Certificate> + </X509Data> + </KeyInfo> + </KeyDescriptor> + <fed:ClaimTypesRequested> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true"> + <auth:DisplayName>E-Mail Address</auth:DisplayName> + <auth:Description>The e-mail address of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true"> + <auth:DisplayName>Given Name</auth:DisplayName> + <auth:Description>The given name of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true"> + <auth:DisplayName>Name</auth:DisplayName> + <auth:Description>The unique name of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true"> + <auth:DisplayName>UPN</auth:DisplayName> + <auth:Description>The user principal name (UPN) of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true"> + <auth:DisplayName>Common Name</auth:DisplayName> + <auth:Description>The common name of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true"> + <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName> + <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true"> + <auth:DisplayName>Group</auth:DisplayName> + <auth:Description>A group that the user is a member of</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true"> + <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName> + <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true"> + <auth:DisplayName>Role</auth:DisplayName> + <auth:Description>A role that the user has</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true"> + <auth:DisplayName>Surname</auth:DisplayName> + <auth:Description>The surname of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true"> + <auth:DisplayName>PPID</auth:DisplayName> + <auth:Description>The private identifier of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true"> + <auth:DisplayName>Name ID</auth:DisplayName> + <auth:Description>The SAML name identifier of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true"> + <auth:DisplayName>Authentication time stamp</auth:DisplayName> + <auth:Description>Used to display the time and date that the user was authenticated</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true"> + <auth:DisplayName>Authentication method</auth:DisplayName> + <auth:Description>The method used to authenticate the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true"> + <auth:DisplayName>Deny only group SID</auth:DisplayName> + <auth:Description>The deny-only group SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true"> + <auth:DisplayName>Deny only primary SID</auth:DisplayName> + <auth:Description>The deny-only primary SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true"> + <auth:DisplayName>Deny only primary group SID</auth:DisplayName> + <auth:Description>The deny-only primary group SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true"> + <auth:DisplayName>Group SID</auth:DisplayName> + <auth:Description>The group SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true"> + <auth:DisplayName>Primary group SID</auth:DisplayName> + <auth:Description>The primary group SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true"> + <auth:DisplayName>Primary SID</auth:DisplayName> + <auth:Description>The primary SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true"> + <auth:DisplayName>Windows account name</auth:DisplayName> + <auth:Description>The domain account name of the user in the form of domain\user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true"> + <auth:DisplayName>Is Registered User</auth:DisplayName> + <auth:Description>User is registered to use this device</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true"> + <auth:DisplayName>Device Identifier</auth:DisplayName> + <auth:Description>Identifier of the device</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true"> + <auth:DisplayName>Device Registration Identifier</auth:DisplayName> + <auth:Description>Identifier for Device Registration</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true"> + <auth:DisplayName>Device Registration DisplayName</auth:DisplayName> + <auth:Description>Display name of Device Registration</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true"> + <auth:DisplayName>Device OS type</auth:DisplayName> + <auth:Description>OS type of the device</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true"> + <auth:DisplayName>Device OS Version</auth:DisplayName> + <auth:Description>OS version of the device</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true"> + <auth:DisplayName>Is Managed Device</auth:DisplayName> + <auth:Description>Device is managed by a management service</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true"> + <auth:DisplayName>Forwarded Client IP</auth:DisplayName> + <auth:Description>IP address of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true"> + <auth:DisplayName>Client Application</auth:DisplayName> + <auth:Description>Type of the Client Application</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true"> + <auth:DisplayName>Client User Agent</auth:DisplayName> + <auth:Description>Device type the client is using to access the application</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true"> + <auth:DisplayName>Client IP</auth:DisplayName> + <auth:Description>IP address of the client</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true"> + <auth:DisplayName>Endpoint Path</auth:DisplayName> + <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true"> + <auth:DisplayName>Proxy</auth:DisplayName> + <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true"> + <auth:DisplayName>Application Identifier</auth:DisplayName> + <auth:Description>Identifier for the Relying Party</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true"> + <auth:DisplayName>Application policies</auth:DisplayName> + <auth:Description>Application policies of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true"> + <auth:DisplayName>Authority Key Identifier</auth:DisplayName> + <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true"> + <auth:DisplayName>Basic Constraint</auth:DisplayName> + <auth:Description>One of the basic constraints of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true"> + <auth:DisplayName>Enhanced Key Usage</auth:DisplayName> + <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true"> + <auth:DisplayName>Issuer</auth:DisplayName> + <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true"> + <auth:DisplayName>Issuer Name</auth:DisplayName> + <auth:Description>The distinguished name of the certificate issuer</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true"> + <auth:DisplayName>Key Usage</auth:DisplayName> + <auth:Description>One of the key usages of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true"> + <auth:DisplayName>Not After</auth:DisplayName> + <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true"> + <auth:DisplayName>Not Before</auth:DisplayName> + <auth:Description>The date in local time on which a certificate becomes valid</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true"> + <auth:DisplayName>Certificate Policies</auth:DisplayName> + <auth:Description>The policies under which the certificate has been issued</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true"> + <auth:DisplayName>Public Key</auth:DisplayName> + <auth:Description>Public Key of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true"> + <auth:DisplayName>Certificate Raw Data</auth:DisplayName> + <auth:Description>The raw data of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true"> + <auth:DisplayName>Subject Alternative Name</auth:DisplayName> + <auth:Description>One of the alternative names of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true"> + <auth:DisplayName>Serial Number</auth:DisplayName> + <auth:Description>The serial number of a certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true"> + <auth:DisplayName>Signature Algorithm</auth:DisplayName> + <auth:Description>The algorithm used to create the signature of a certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true"> + <auth:DisplayName>Subject</auth:DisplayName> + <auth:Description>The subject from the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true"> + <auth:DisplayName>Subject Key Identifier</auth:DisplayName> + <auth:Description>Describes the subject key identifier of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true"> + <auth:DisplayName>Subject Name</auth:DisplayName> + <auth:Description>The subject distinguished name from a certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true"> + <auth:DisplayName>V2 Template Name</auth:DisplayName> + <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true"> + <auth:DisplayName>V1 Template Name</auth:DisplayName> + <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true"> + <auth:DisplayName>Thumbprint</auth:DisplayName> + <auth:Description>Thumbprint of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true"> + <auth:DisplayName>X.509 Version</auth:DisplayName> + <auth:Description>The X.509 format version of a certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true"> + <auth:DisplayName>Inside Corporate Network</auth:DisplayName> + <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true"> + <auth:DisplayName>Password Expiration Time</auth:DisplayName> + <auth:Description>Used to display the time when the password expires</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true"> + <auth:DisplayName>Password Expiration Days</auth:DisplayName> + <auth:Description>Used to display the number of days to password expiry</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true"> + <auth:DisplayName>Update Password URL</auth:DisplayName> + <auth:Description>Used to display the web address of update password service</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true"> + <auth:DisplayName>Authentication Methods References</auth:DisplayName> + <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true"> + <auth:DisplayName>Client Request ID</auth:DisplayName> + <auth:Description>Identifier for a user session</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.2.752.29.4.13" Optional="true"> + <auth:DisplayName>JU National civic registration number or code</auth:DisplayName> + <auth:Description>Swedish ”personnummer” or ”samordningsnummer” according to SKV 704 and SKV 707. 12 digits without hyphen.</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.2428.90.1.5" Optional="true"> + <auth:DisplayName>JU norEduPersonNIN</auth:DisplayName> + <auth:Description>SWAMID personnummer 12 tecken</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.42" Optional="true"> + <auth:DisplayName>JU givenName</auth:DisplayName> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.4" Optional="true"> + <auth:DisplayName>JU surName</auth:DisplayName> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oasis:names:tc:SAML:attribute:assurance-certification" Optional="true"> + <auth:DisplayName>JU Assurance-Certification</auth:DisplayName> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.16" Optional="true"> + <auth:DisplayName>JU orcid</auth:DisplayName> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" Optional="true"> + <auth:DisplayName>JU eduPersonAssurance</auth:DisplayName> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.16.840.1.113730.3.1.241" Optional="true"> + <auth:DisplayName>JU displayName</auth:DisplayName> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" Optional="true"> + <auth:DisplayName>JU eduPersonTargetedID</auth:DisplayName> + </auth:ClaimType> + </fed:ClaimTypesRequested> + <fed:TargetScopes> + <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> + <Address>https://test.account.hj.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address> + </EndpointReference> + <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> + <Address>https://test.account.hj.se/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256</Address> + </EndpointReference> + <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> + <Address>https://test.account.hj.se/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256</Address> + </EndpointReference> + <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> + <Address>https://test.account.hj.se/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256</Address> + </EndpointReference> + <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> + <Address>https://test.account.hj.se/adfs/ls/</Address> + </EndpointReference> + <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> + <Address>http://test.account.hj.se/adfs/services/trust</Address> + </EndpointReference> + </fed:TargetScopes> + <fed:ApplicationServiceEndpoint> + <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> + <Address>https://test.account.hj.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address> + </EndpointReference> + </fed:ApplicationServiceEndpoint> + <fed:PassiveRequestorEndpoint> + <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> + <Address>https://test.account.hj.se/adfs/ls/</Address> + </EndpointReference> + </fed:PassiveRequestorEndpoint> + </RoleDescriptor> + <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:SecurityTokenServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="TEST - Jönköping University"> + <KeyDescriptor use="signing"> + <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> + <X509Data> + <X509Certificate>MIIC4DCCAcigAwIBAgIQd01qp+Huh4lO3CS1QqGG4TANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZXN0LmFjY291bnQuaGouc2UwHhcNMTYxMjA5MTQzMDE3WhcNMTkxMjA5MTQzMDE3WjAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZXN0LmFjY291bnQuaGouc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1slHrM4Dwv7INShxBAIyO2SPMZ4j7Cj1349drtFYr0b5xW4OYXrbZlsjvFPoH/JiDkxFP6YuHCGFod+NKQ59Jcm5pSAq3W3gAeNpVnCLj4cvHWTn+IuRPGfNRlz4GLDT5NV+L16gYvZOvfTmaVv8WaB6morLyG7iACg2RaZ4I5WsoLdzHTtR667kXXnzols27ebMEqBVJ1UHEUXzN+KLyFN0m1kxXWnWsFlJRM+79+L2j6DPCTpV3akDlSRAL6hAi2Z2SkVXe3J5yTkD06f/TK7wzbyIPWyWcrTYYTjaCLdS/1pu2bgsjYnsfaYhatHaYW8HxmueXEcpVPrGAb/yjAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGmJUmIkyZlvSxVPiyo/3n+UqTX4WQM9VwQ7b3gk1xKqte4kqg4P8GkhMDlovIMd3Kmb1k9G6Qt0SpAgVoW9pjDx0dalT5S7mYAMqnhPLGWxxyfh/glUAj7s1enD7etuLhK+to6FVzCcljdtnh5pvzXxyKJ1Xt77S0aQONobOKkMc5WLGxiFEpeunYFAiP1EyD2mJBObwJmBjEC83Jhd34e0AbW39glUoOrRdNXYML8FbvhJlwoQnbnDDEGGLaKn6VgbJV7WZ7aerYoFrRvHS7izkmArvnPytk3V0ZiW8Z+jXEW7tss0hfezXFz7CtzS8NtK4UijcZMPFhXl5CLEghc=</X509Certificate> + </X509Data> + </KeyInfo> + </KeyDescriptor> + <fed:TokenTypesOffered> + <fed:TokenType Uri="urn:oasis:names:tc:SAML:2.0:assertion"/> + <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion"/> + </fed:TokenTypesOffered> + <fed:ClaimTypesOffered> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true"> + <auth:DisplayName>E-Mail Address</auth:DisplayName> + <auth:Description>The e-mail address of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true"> + <auth:DisplayName>Given Name</auth:DisplayName> + <auth:Description>The given name of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true"> + <auth:DisplayName>Name</auth:DisplayName> + <auth:Description>The unique name of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true"> + <auth:DisplayName>UPN</auth:DisplayName> + <auth:Description>The user principal name (UPN) of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true"> + <auth:DisplayName>Common Name</auth:DisplayName> + <auth:Description>The common name of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true"> + <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName> + <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true"> + <auth:DisplayName>Group</auth:DisplayName> + <auth:Description>A group that the user is a member of</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true"> + <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName> + <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true"> + <auth:DisplayName>Role</auth:DisplayName> + <auth:Description>A role that the user has</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true"> + <auth:DisplayName>Surname</auth:DisplayName> + <auth:Description>The surname of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true"> + <auth:DisplayName>PPID</auth:DisplayName> + <auth:Description>The private identifier of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true"> + <auth:DisplayName>Name ID</auth:DisplayName> + <auth:Description>The SAML name identifier of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true"> + <auth:DisplayName>Authentication time stamp</auth:DisplayName> + <auth:Description>Used to display the time and date that the user was authenticated</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true"> + <auth:DisplayName>Authentication method</auth:DisplayName> + <auth:Description>The method used to authenticate the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true"> + <auth:DisplayName>Deny only group SID</auth:DisplayName> + <auth:Description>The deny-only group SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true"> + <auth:DisplayName>Deny only primary SID</auth:DisplayName> + <auth:Description>The deny-only primary SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true"> + <auth:DisplayName>Deny only primary group SID</auth:DisplayName> + <auth:Description>The deny-only primary group SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true"> + <auth:DisplayName>Group SID</auth:DisplayName> + <auth:Description>The group SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true"> + <auth:DisplayName>Primary group SID</auth:DisplayName> + <auth:Description>The primary group SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true"> + <auth:DisplayName>Primary SID</auth:DisplayName> + <auth:Description>The primary SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true"> + <auth:DisplayName>Windows account name</auth:DisplayName> + <auth:Description>The domain account name of the user in the form of domain\user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true"> + <auth:DisplayName>Is Registered User</auth:DisplayName> + <auth:Description>User is registered to use this device</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true"> + <auth:DisplayName>Device Identifier</auth:DisplayName> + <auth:Description>Identifier of the device</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true"> + <auth:DisplayName>Device Registration Identifier</auth:DisplayName> + <auth:Description>Identifier for Device Registration</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true"> + <auth:DisplayName>Device Registration DisplayName</auth:DisplayName> + <auth:Description>Display name of Device Registration</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true"> + <auth:DisplayName>Device OS type</auth:DisplayName> + <auth:Description>OS type of the device</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true"> + <auth:DisplayName>Device OS Version</auth:DisplayName> + <auth:Description>OS version of the device</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true"> + <auth:DisplayName>Is Managed Device</auth:DisplayName> + <auth:Description>Device is managed by a management service</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true"> + <auth:DisplayName>Forwarded Client IP</auth:DisplayName> + <auth:Description>IP address of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true"> + <auth:DisplayName>Client Application</auth:DisplayName> + <auth:Description>Type of the Client Application</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true"> + <auth:DisplayName>Client User Agent</auth:DisplayName> + <auth:Description>Device type the client is using to access the application</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true"> + <auth:DisplayName>Client IP</auth:DisplayName> + <auth:Description>IP address of the client</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true"> + <auth:DisplayName>Endpoint Path</auth:DisplayName> + <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true"> + <auth:DisplayName>Proxy</auth:DisplayName> + <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true"> + <auth:DisplayName>Application Identifier</auth:DisplayName> + <auth:Description>Identifier for the Relying Party</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true"> + <auth:DisplayName>Application policies</auth:DisplayName> + <auth:Description>Application policies of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true"> + <auth:DisplayName>Authority Key Identifier</auth:DisplayName> + <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true"> + <auth:DisplayName>Basic Constraint</auth:DisplayName> + <auth:Description>One of the basic constraints of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true"> + <auth:DisplayName>Enhanced Key Usage</auth:DisplayName> + <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true"> + <auth:DisplayName>Issuer</auth:DisplayName> + <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true"> + <auth:DisplayName>Issuer Name</auth:DisplayName> + <auth:Description>The distinguished name of the certificate issuer</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true"> + <auth:DisplayName>Key Usage</auth:DisplayName> + <auth:Description>One of the key usages of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true"> + <auth:DisplayName>Not After</auth:DisplayName> + <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true"> + <auth:DisplayName>Not Before</auth:DisplayName> + <auth:Description>The date in local time on which a certificate becomes valid</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true"> + <auth:DisplayName>Certificate Policies</auth:DisplayName> + <auth:Description>The policies under which the certificate has been issued</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true"> + <auth:DisplayName>Public Key</auth:DisplayName> + <auth:Description>Public Key of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true"> + <auth:DisplayName>Certificate Raw Data</auth:DisplayName> + <auth:Description>The raw data of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true"> + <auth:DisplayName>Subject Alternative Name</auth:DisplayName> + <auth:Description>One of the alternative names of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true"> + <auth:DisplayName>Serial Number</auth:DisplayName> + <auth:Description>The serial number of a certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true"> + <auth:DisplayName>Signature Algorithm</auth:DisplayName> + <auth:Description>The algorithm used to create the signature of a certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true"> + <auth:DisplayName>Subject</auth:DisplayName> + <auth:Description>The subject from the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true"> + <auth:DisplayName>Subject Key Identifier</auth:DisplayName> + <auth:Description>Describes the subject key identifier of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true"> + <auth:DisplayName>Subject Name</auth:DisplayName> + <auth:Description>The subject distinguished name from a certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true"> + <auth:DisplayName>V2 Template Name</auth:DisplayName> + <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true"> + <auth:DisplayName>V1 Template Name</auth:DisplayName> + <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true"> + <auth:DisplayName>Thumbprint</auth:DisplayName> + <auth:Description>Thumbprint of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true"> + <auth:DisplayName>X.509 Version</auth:DisplayName> + <auth:Description>The X.509 format version of a certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true"> + <auth:DisplayName>Inside Corporate Network</auth:DisplayName> + <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true"> + <auth:DisplayName>Password Expiration Time</auth:DisplayName> + <auth:Description>Used to display the time when the password expires</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true"> + <auth:DisplayName>Password Expiration Days</auth:DisplayName> + <auth:Description>Used to display the number of days to password expiry</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true"> + <auth:DisplayName>Update Password URL</auth:DisplayName> + <auth:Description>Used to display the web address of update password service</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true"> + <auth:DisplayName>Authentication Methods References</auth:DisplayName> + <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true"> + <auth:DisplayName>Client Request ID</auth:DisplayName> + <auth:Description>Identifier for a user session</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.2.752.29.4.13" Optional="true"> + <auth:DisplayName>JU National civic registration number or code</auth:DisplayName> + <auth:Description>Swedish ”personnummer” or ”samordningsnummer” according to SKV 704 and SKV 707. 12 digits without hyphen.</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.2428.90.1.5" Optional="true"> + <auth:DisplayName>JU norEduPersonNIN</auth:DisplayName> + <auth:Description>SWAMID personnummer 12 tecken</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.42" Optional="true"> + <auth:DisplayName>JU givenName</auth:DisplayName> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.4" Optional="true"> + <auth:DisplayName>JU surName</auth:DisplayName> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oasis:names:tc:SAML:attribute:assurance-certification" Optional="true"> + <auth:DisplayName>JU Assurance-Certification</auth:DisplayName> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.16" Optional="true"> + <auth:DisplayName>JU orcid</auth:DisplayName> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" Optional="true"> + <auth:DisplayName>JU eduPersonAssurance</auth:DisplayName> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.16.840.1.113730.3.1.241" Optional="true"> + <auth:DisplayName>JU displayName</auth:DisplayName> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" Optional="true"> + <auth:DisplayName>JU eduPersonTargetedID</auth:DisplayName> + </auth:ClaimType> + </fed:ClaimTypesOffered> + <fed:SecurityTokenServiceEndpoint> + <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> + <Address>https://test.account.hj.se/adfs/services/trust/2005/certificatemixed</Address> + <Metadata> + <Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex"> + <wsx:MetadataSection xmlns="" Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex"> + <wsx:MetadataReference> + <Address xmlns="http://www.w3.org/2005/08/addressing">https://test.account.hj.se/adfs/services/trust/mex</Address> + </wsx:MetadataReference> + </wsx:MetadataSection> + </Metadata> + </Metadata> + </EndpointReference> + </fed:SecurityTokenServiceEndpoint> + <fed:PassiveRequestorEndpoint> + <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> + <Address>https://test.account.hj.se/adfs/ls/</Address> + </EndpointReference> + </fed:PassiveRequestorEndpoint> + </RoleDescriptor> + <SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <Extensions> + <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> + <mdui:DisplayName xml:lang="sv">Jönköping University - Test för kontohantering</mdui:DisplayName> + <mdui:DisplayName xml:lang="en">Jönköping University - Account management test</mdui:DisplayName> + <mdui:Description xml:lang="sv">Denna applikation används som test för kontohantering.</mdui:Description> + <mdui:Description xml:lang="en">This service is used for account management test.</mdui:Description> + <mdui:InformationURL xml:lang="sv">http://ju.se/it-helpdesk/faq---manualer/mitt-anvandarkonto.html</mdui:InformationURL> + <mdui:InformationURL xml:lang="en">http://ju.se/en/it-helpdesk/ju-faq---manuals/my-user-account.html</mdui:InformationURL> + <mdui:Logo height="21" width="187" xml:lang="sv">https://test.account.hj.se/logo.png</mdui:Logo> + <mdui:Logo height="21" width="187" xml:lang="en">https://test.account.hj.se/logo.png</mdui:Logo> + </mdui:UIInfo> + </Extensions> + <KeyDescriptor use="encryption"> + <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> + <X509Data> + <X509Certificate>MIIC5jCCAc6gAwIBAgIQJ6LjjqEWcpJFTvVMSkHi1DANBgkqhkiG9w0BAQsFADAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZXN0LmFjY291bnQuaGouc2UwHhcNMTYxMjA5MTQzMDMwWhcNMTkxMjA5MTQzMDMwWjAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZXN0LmFjY291bnQuaGouc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKeIg/zjQRwo2xTfCu1a+D51QeiD4FTJqsm0Avzhf/voxxhjbNWDa21QjezqpwgXEP7kVfXkEngzaW5wlraZdgZp44dkI0VnXAQ6U2XO0Rm3RX2ZOmYU5s23JwPeuYW5hHlSRpnLvSjiPahSZzeRR4Z2HuVwPOFaxQHxio2LM8YrjeJfUrznjipA4s8PaYoPs7wGe79FNRzVarAyIlmEJRFmNgYmaAJNVQUkQ+iappvq7vlkeXhGbxFOhhpvX7BMaNSDl+c4hATObtYENTPelA5Aiu5yZ3oAgt6fudkND9HNQQn7RMGMHVeRx6X13wzAetbhOMZQlx/I1jkcixiUiLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBADT+YOGXpr3WXIyZfZeQVZTaCFQcm05oxu4Uucc5rYfJTRxQSarYTc1KW94wemAbEFCOAJuwL8zxOcHnoghikBVZZ8uW1qG2Jw+Jo0uf6fbH1PljKMH2Xy2uZOUbyv262aLfZ0rTEr3rPL1SFCAUimcjhqE4Y2QcGol+gGYOk41wgKcW9zS0D7RnQLDBi6wInKjhHWiwVEnGgqwo3ieb0IWV070Aa2EhSWkprXgB6HmxK9uN/tAZcS8KqR3TQHEN8OuinSeGU9+37G9OC3GiAnYXk49S4FqlnY2HJt8CuN64eMYlvRRRtwQozVy/N2vGARRKP4uP5cKZJ2ELheMv38w=</X509Certificate> + </X509Data> + </KeyInfo> + </KeyDescriptor> + <KeyDescriptor use="signing"> + <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> + <X509Data> + <X509Certificate>MIIC4DCCAcigAwIBAgIQd01qp+Huh4lO3CS1QqGG4TANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZXN0LmFjY291bnQuaGouc2UwHhcNMTYxMjA5MTQzMDE3WhcNMTkxMjA5MTQzMDE3WjAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZXN0LmFjY291bnQuaGouc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1slHrM4Dwv7INShxBAIyO2SPMZ4j7Cj1349drtFYr0b5xW4OYXrbZlsjvFPoH/JiDkxFP6YuHCGFod+NKQ59Jcm5pSAq3W3gAeNpVnCLj4cvHWTn+IuRPGfNRlz4GLDT5NV+L16gYvZOvfTmaVv8WaB6morLyG7iACg2RaZ4I5WsoLdzHTtR667kXXnzols27ebMEqBVJ1UHEUXzN+KLyFN0m1kxXWnWsFlJRM+79+L2j6DPCTpV3akDlSRAL6hAi2Z2SkVXe3J5yTkD06f/TK7wzbyIPWyWcrTYYTjaCLdS/1pu2bgsjYnsfaYhatHaYW8HxmueXEcpVPrGAb/yjAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGmJUmIkyZlvSxVPiyo/3n+UqTX4WQM9VwQ7b3gk1xKqte4kqg4P8GkhMDlovIMd3Kmb1k9G6Qt0SpAgVoW9pjDx0dalT5S7mYAMqnhPLGWxxyfh/glUAj7s1enD7etuLhK+to6FVzCcljdtnh5pvzXxyKJ1Xt77S0aQONobOKkMc5WLGxiFEpeunYFAiP1EyD2mJBObwJmBjEC83Jhd34e0AbW39glUoOrRdNXYML8FbvhJlwoQnbnDDEGGLaKn6VgbJV7WZ7aerYoFrRvHS7izkmArvnPytk3V0ZiW8Z+jXEW7tss0hfezXFz7CtzS8NtK4UijcZMPFhXl5CLEghc=</X509Certificate> + </X509Data> + </KeyInfo> + </KeyDescriptor> + <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test.account.hj.se/adfs/ls/"/> + <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test.account.hj.se/adfs/ls/"/> + <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> + <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test.account.hj.se/adfs/ls/" index="0" isDefault="true"/> + <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://test.account.hj.se/adfs/ls/" index="1"/> + <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test.account.hj.se/adfs/ls/" index="2"/> + </SPSSODescriptor> + <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <KeyDescriptor use="encryption"> + <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> + <X509Data> + <X509Certificate>MIIC5jCCAc6gAwIBAgIQJ6LjjqEWcpJFTvVMSkHi1DANBgkqhkiG9w0BAQsFADAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZXN0LmFjY291bnQuaGouc2UwHhcNMTYxMjA5MTQzMDMwWhcNMTkxMjA5MTQzMDMwWjAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZXN0LmFjY291bnQuaGouc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKeIg/zjQRwo2xTfCu1a+D51QeiD4FTJqsm0Avzhf/voxxhjbNWDa21QjezqpwgXEP7kVfXkEngzaW5wlraZdgZp44dkI0VnXAQ6U2XO0Rm3RX2ZOmYU5s23JwPeuYW5hHlSRpnLvSjiPahSZzeRR4Z2HuVwPOFaxQHxio2LM8YrjeJfUrznjipA4s8PaYoPs7wGe79FNRzVarAyIlmEJRFmNgYmaAJNVQUkQ+iappvq7vlkeXhGbxFOhhpvX7BMaNSDl+c4hATObtYENTPelA5Aiu5yZ3oAgt6fudkND9HNQQn7RMGMHVeRx6X13wzAetbhOMZQlx/I1jkcixiUiLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBADT+YOGXpr3WXIyZfZeQVZTaCFQcm05oxu4Uucc5rYfJTRxQSarYTc1KW94wemAbEFCOAJuwL8zxOcHnoghikBVZZ8uW1qG2Jw+Jo0uf6fbH1PljKMH2Xy2uZOUbyv262aLfZ0rTEr3rPL1SFCAUimcjhqE4Y2QcGol+gGYOk41wgKcW9zS0D7RnQLDBi6wInKjhHWiwVEnGgqwo3ieb0IWV070Aa2EhSWkprXgB6HmxK9uN/tAZcS8KqR3TQHEN8OuinSeGU9+37G9OC3GiAnYXk49S4FqlnY2HJt8CuN64eMYlvRRRtwQozVy/N2vGARRKP4uP5cKZJ2ELheMv38w=</X509Certificate> + </X509Data> + </KeyInfo> + </KeyDescriptor> + <KeyDescriptor use="signing"> + <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> + <X509Data> + <X509Certificate>MIIC4DCCAcigAwIBAgIQd01qp+Huh4lO3CS1QqGG4TANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZXN0LmFjY291bnQuaGouc2UwHhcNMTYxMjA5MTQzMDE3WhcNMTkxMjA5MTQzMDE3WjAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZXN0LmFjY291bnQuaGouc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1slHrM4Dwv7INShxBAIyO2SPMZ4j7Cj1349drtFYr0b5xW4OYXrbZlsjvFPoH/JiDkxFP6YuHCGFod+NKQ59Jcm5pSAq3W3gAeNpVnCLj4cvHWTn+IuRPGfNRlz4GLDT5NV+L16gYvZOvfTmaVv8WaB6morLyG7iACg2RaZ4I5WsoLdzHTtR667kXXnzols27ebMEqBVJ1UHEUXzN+KLyFN0m1kxXWnWsFlJRM+79+L2j6DPCTpV3akDlSRAL6hAi2Z2SkVXe3J5yTkD06f/TK7wzbyIPWyWcrTYYTjaCLdS/1pu2bgsjYnsfaYhatHaYW8HxmueXEcpVPrGAb/yjAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGmJUmIkyZlvSxVPiyo/3n+UqTX4WQM9VwQ7b3gk1xKqte4kqg4P8GkhMDlovIMd3Kmb1k9G6Qt0SpAgVoW9pjDx0dalT5S7mYAMqnhPLGWxxyfh/glUAj7s1enD7etuLhK+to6FVzCcljdtnh5pvzXxyKJ1Xt77S0aQONobOKkMc5WLGxiFEpeunYFAiP1EyD2mJBObwJmBjEC83Jhd34e0AbW39glUoOrRdNXYML8FbvhJlwoQnbnDDEGGLaKn6VgbJV7WZ7aerYoFrRvHS7izkmArvnPytk3V0ZiW8Z+jXEW7tss0hfezXFz7CtzS8NtK4UijcZMPFhXl5CLEghc=</X509Certificate> + </X509Data> + </KeyInfo> + </KeyDescriptor> + <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test.account.hj.se/adfs/ls/"/> + <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test.account.hj.se/adfs/ls/"/> + <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> + <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test.account.hj.se/adfs/ls/"/> + <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test.account.hj.se/adfs/ls/"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Registered User"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Identifier"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration Identifier"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration DisplayName"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS type"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS Version"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Managed Device"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Forwarded Client IP"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Application"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client User Agent"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client IP"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Endpoint Path"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Proxy"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application Identifier"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application policies"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authority Key Identifier"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Basic Constraint"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Enhanced Key Usage"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer Name"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Key Usage"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not After"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not Before"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Policies"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Public Key"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Raw Data"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Alternative Name"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Serial Number"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Signature Algorithm"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Key Identifier"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Name"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V2 Template Name"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V1 Template Name"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Thumbprint"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="X.509 Version"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Inside Corporate Network"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Time"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Days"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Update Password URL"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication Methods References"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Request ID"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.2.752.29.4.13" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU National civic registration number or code"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.3.6.1.4.1.2428.90.1.5" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU norEduPersonNIN"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU givenName"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU surName"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU Assurance-Certification"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.16" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU orcid"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU eduPersonAssurance"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU displayName"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU eduPersonTargetedID"/> + </IDPSSODescriptor> + <ContactPerson contactType="technical"> + <GivenName>Joakim</GivenName> + <SurName>Danielsson</SurName> + <EmailAddress>joakim.danielsson@ju.se</EmailAddress> + </ContactPerson> +</EntityDescriptor> diff --git a/swamid-2.0/video.nordu.net.xml b/swamid-2.0/video.nordu.net.xml new file mode 100644 index 00000000..d7b19d20 --- /dev/null +++ b/swamid-2.0/video.nordu.net.xml @@ -0,0 +1,39 @@ +<?xml version="1.0" encoding="UTF-8"?> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://video.nordu.net"> + <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <md:Extensions> + <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> + <mdui:DisplayName xml:lang="sv">NORDUnet MediaSpace</mdui:DisplayName> + <mdui:DisplayName xml:lang="en">NORDUnet MediaSpace</mdui:DisplayName> + <mdui:Description xml:lang="sv">Tjänst för NORDUnet video</mdui:Description> + <mdui:Description xml:lang="en">Service for video.nordu.net</mdui:Description> + </mdui:UIInfo> + </md:Extensions> + <md:KeyDescriptor use="signing"> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate>MIIDkTCCAnmgAwIBAgIJAOK6B5mN4wdxMA0GCSqGSIb3DQEBCwUAMDkxCzAJBgNVBAYTAkRLMRMwEQYDVQQIEwpTb21lLVN0YXRlMRUwEwYDVQQKEwxOT1JEVW5ldCBBL1MwHhcNMTUwOTE0MTEyODE2WhcNMjUwOTEzMTEyODE2WjA5MQswCQYDVQQGEwJESzETMBEGA1UECBMKU29tZS1TdGF0ZTEVMBMGA1UEChMMTk9SRFVuZXQgQS9TMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPvotlyn9c6a/l16joFMoCBmoOjIBw9W+F/G8bug4Gn3M2UNJp27y/Wtj+FHs2xAjR2OsmiEukjjX/qAk/v089zKYOPdORYZB3Oq18EWf3w/JdA7pwiD+zGgqxkZ52NSD86c+6L/iIkQsxZR/U7o6V/m/Q8uvaWyYvcIh7gcmsMcvNn4IQU8fUEnPWVMFeZttu06y9/rz/px+OpwvNPJX4Q/ywE62XthOfkL+cUW8ew9JXKtmlNyxDssiUMvTqEdfHuQgwd6BtlAcL8qFw224YL/B5oZff7ZXy5XRkRNMPDCvee+1IVbkmXnpluNQlstm/NTmEwzQqFy+163mY7JewIDAQABo4GbMIGYMB0GA1UdDgQWBBRu5x77k1+Q2a63tohN2DMc+8tKJTBpBgNVHSMEYjBggBRu5x77k1+Q2a63tohN2DMc+8tKJaE9pDswOTELMAkGA1UEBhMCREsxEzARBgNVBAgTClNvbWUtU3RhdGUxFTATBgNVBAoTDE5PUkRVbmV0IEEvU4IJAOK6B5mN4wdxMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBALEtmyFQJvoaR1tu/cEch8bpzTSv04Wt38nk5sCHzz2ohwfUtHv/60jKVFkN1aDO4RiX7UhDo+mQ4prrKk3GWfOSz6R/e7oqgAkh27K4ZrDRlODiamuNmkTXcRLRG8mFuKGDw4ecZgShJEFfGDwoutn+Lk/A7aMDotISNTBYTPU4TseotinZW/rSZdjVmeC9mDFSQiwYvyjDae7ueaN19V1xm8qgfs5DgrtOkX36nvuwK/KUMGO78fJUTAxGSEPTMZwUg9vD9CBfPJGiDfTEkvTYdMQO3AgRvnulGtD88mLfhokHOXVZXLF8S1q+C40k6/kvHKcVooF5zkoIaCNFAOI=</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </md:KeyDescriptor> + <md:KeyDescriptor use="encryption"> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate>MIIDkTCCAnmgAwIBAgIJAOK6B5mN4wdxMA0GCSqGSIb3DQEBCwUAMDkxCzAJBgNVBAYTAkRLMRMwEQYDVQQIEwpTb21lLVN0YXRlMRUwEwYDVQQKEwxOT1JEVW5ldCBBL1MwHhcNMTUwOTE0MTEyODE2WhcNMjUwOTEzMTEyODE2WjA5MQswCQYDVQQGEwJESzETMBEGA1UECBMKU29tZS1TdGF0ZTEVMBMGA1UEChMMTk9SRFVuZXQgQS9TMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPvotlyn9c6a/l16joFMoCBmoOjIBw9W+F/G8bug4Gn3M2UNJp27y/Wtj+FHs2xAjR2OsmiEukjjX/qAk/v089zKYOPdORYZB3Oq18EWf3w/JdA7pwiD+zGgqxkZ52NSD86c+6L/iIkQsxZR/U7o6V/m/Q8uvaWyYvcIh7gcmsMcvNn4IQU8fUEnPWVMFeZttu06y9/rz/px+OpwvNPJX4Q/ywE62XthOfkL+cUW8ew9JXKtmlNyxDssiUMvTqEdfHuQgwd6BtlAcL8qFw224YL/B5oZff7ZXy5XRkRNMPDCvee+1IVbkmXnpluNQlstm/NTmEwzQqFy+163mY7JewIDAQABo4GbMIGYMB0GA1UdDgQWBBRu5x77k1+Q2a63tohN2DMc+8tKJTBpBgNVHSMEYjBggBRu5x77k1+Q2a63tohN2DMc+8tKJaE9pDswOTELMAkGA1UEBhMCREsxEzARBgNVBAgTClNvbWUtU3RhdGUxFTATBgNVBAoTDE5PUkRVbmV0IEEvU4IJAOK6B5mN4wdxMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBALEtmyFQJvoaR1tu/cEch8bpzTSv04Wt38nk5sCHzz2ohwfUtHv/60jKVFkN1aDO4RiX7UhDo+mQ4prrKk3GWfOSz6R/e7oqgAkh27K4ZrDRlODiamuNmkTXcRLRG8mFuKGDw4ecZgShJEFfGDwoutn+Lk/A7aMDotISNTBYTPU4TseotinZW/rSZdjVmeC9mDFSQiwYvyjDae7ueaN19V1xm8qgfs5DgrtOkX36nvuwK/KUMGO78fJUTAxGSEPTMZwUg9vD9CBfPJGiDfTEkvTYdMQO3AgRvnulGtD88mLfhokHOXVZXLF8S1q+C40k6/kvHKcVooF5zkoIaCNFAOI=</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </md:KeyDescriptor> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://video.nordu.net/user/logout"/> + <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://video.nordu.net/user/authenticate" index="0"/> + </md:SPSSODescriptor> + <md:Organization> + <md:OrganizationName xml:lang="en">NORDUnet MediaSpace</md:OrganizationName> + <md:OrganizationDisplayName xml:lang="en">NORDUnet MediaSpace</md:OrganizationDisplayName> + <md:OrganizationURL xml:lang="en">https://video.nordu.net</md:OrganizationURL> + </md:Organization> + <md:ContactPerson contactType="technical"> + <md:SurName>NORDUnet</md:SurName> + <md:EmailAddress>mailto:kaltura@nordu.net</md:EmailAddress> + </md:ContactPerson> +</md:EntityDescriptor> diff --git a/swamid-2.0/www.scalable-learning.com.xml b/swamid-2.0/www.scalable-learning.com.xml index 13ef698f..51bdba8b 100644 --- a/swamid-2.0/www.scalable-learning.com.xml +++ b/swamid-2.0/www.scalable-learning.com.xml @@ -17,7 +17,7 @@ <mdui:Description xml:lang="sv">Plattform för stöd av "flipped classroom" utbildning.</mdui:Description> <mdui:InformationURL xml:lang="en">http://www.scalable-learning.com/home/about</mdui:InformationURL> <mdui:PrivacyStatementURL xml:lang="en">https://www.scalable-learning.com/#/privacy</mdui:PrivacyStatementURL> - <mdui:Logo height="100" width="100">https://www.scalable-learning.com/assets/logo-a66e557f3f93b4d5195033ba1a1527a3.png</mdui:Logo> + <mdui:Logo xml:lang="en" height="100" width="100">https://www.scalable-learning.com/assets/logo-a66e557f3f93b4d5195033ba1a1527a3.png</mdui:Logo> </mdui:UIInfo> </md:Extensions> <md:KeyDescriptor> diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml index dfd43b0a..9575a644 100644 --- a/swamid-sp-2.0.mxml +++ b/swamid-sp-2.0.mxml @@ -629,4 +629,9 @@ <xi:include href="swamid-2.0/emrex-test.its.umu.se-shibboleth.xml"/> <xi:include href="swamid-2.0/medlem.linnestudenterna.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml"/> <xi:include href="swamid-2.0/ladok3.ladok.umu.se-shibboleth.xml"/> + <xi:include href="swamid-2.0/video.nordu.net.xml"/> + <xi:include href="swamid-2.0/ladok3.ladok.umu.se-8443-jenkins-securityrealm-finishlogin.xml"/> + <xi:include href="swamid-2.0/ladok3-jenkins.ladok.umu.se-jenkins-securityrealm-finishlogin.xml"/> + <xi:include href="swamid-2.0/test.account.hj.se-adfs-services-trust.xml"/> + <xi:include href="swamid-2.0/dbh-prod.i.uhr.se-shibboleth.xml"/> </md:EntitiesDescriptor> |