summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLeif Johansson <leifj@sunet.se>2018-08-03 11:03:57 +0200
committerLeif Johansson <leifj@sunet.se>2018-08-03 11:03:57 +0200
commitf7f8475a7a202d354feba820e2fef13c29180964 (patch)
tree836ee5d343f78679d4f59b23f60d65d557893858
parenteaf45d80778e5363b6cd5145fbdc42ec21493c94 (diff)
parent3be53e9a2d853e9373809fa7b89806d2cda42fa7 (diff)
Merge branch 'master' of git.swamid.se:swamid-metadata
-rw-r--r--Makefile10
-rw-r--r--swamid-2.0/337-mediaspace.kaltura.nordu.net.xml47
-rw-r--r--swamid-2.0/acs-ra21.mnt.se-shibboleth.xml14
-rw-r--r--swamid-2.0/adfs.ju.se-adfs-services-trust.xml645
-rw-r--r--swamid-2.0/adfs.rkh.se-adfs-services-trust.xml665
-rw-r--r--swamid-2.0/adfs.tad.hv.se-adfs-services-trust.xml651
-rw-r--r--swamid-2.0/adfs.test.umu.se-adfs-services-trust.xml99
-rw-r--r--swamid-2.0/adfs.umu.se-adfs-services-trust.xml676
-rw-r--r--swamid-2.0/adfs01.fhs.se-adfs-services-trust.xml108
-rw-r--r--swamid-2.0/adfs2.gu.se-adfs-services-trust.xml642
-rw-r--r--swamid-2.0/app.sh.se.xml55
-rw-r--r--swamid-2.0/aqtest.port.se-shibboleth.xml17
-rw-r--r--swamid-2.0/auth.asiaportal.info.xml5
-rw-r--r--swamid-2.0/dev-us.cloudmore.com-shibboleth.xml2
-rw-r--r--swamid-2.0/dev.cloudmore.com-shibboleth.xml2
-rw-r--r--swamid-2.0/flax.nettst.chalmers.se-adfs-services-trust.xml288
-rw-r--r--swamid-2.0/graylog.nordu.net-shibboleth.xml10
-rw-r--r--swamid-2.0/hhs-se.zoom.us.xml59
-rw-r--r--swamid-2.0/hkrplay.hkr.se.xml50
-rw-r--r--swamid-2.0/id.statenssc.se-adfs-services-trust.xml647
-rw-r--r--swamid-2.0/idp-fre-1.eduid.se-idp.xml75
-rw-r--r--swamid-2.0/idp-test.it.su.se.xml120
-rw-r--r--swamid-2.0/idp-test.suni.se-adfs-services-trust.xml162
-rw-r--r--swamid-2.0/idp-v2.konstfack.se-adfs-services-trust.xml683
-rw-r--r--swamid-2.0/idp-v2.suni.se-adfs-services-trust.xml666
-rw-r--r--swamid-2.0/idp.chalmers.se-adfs-services-trust.xml301
-rw-r--r--swamid-2.0/idp.dev.eduid.se-idp.xml.xml14
-rw-r--r--swamid-2.0/idp.it.su.se-idp-shibboleth.xml4
-rw-r--r--swamid-2.0/idp2.it.gu.se-idp-shibboleth.xml8
-rw-r--r--swamid-2.0/indico.test.uu.se-shibboleth.xml120
-rw-r--r--swamid-2.0/itslearning.com.xml122
-rw-r--r--swamid-2.0/kantarainitiative.org-confluence-plugins-servlet-samlsso.xml12
-rw-r--r--swamid-2.0/kauplay.kau.se.xml48
-rw-r--r--swamid-2.0/local.cloudmore.com-shibboleth.xml2
-rw-r--r--swamid-2.0/login.temp1235.hhs.se-adfs-services-trust.xml660
-rw-r--r--swamid-2.0/login1.fhs.se-adfs-services-trust.xml29
-rw-r--r--swamid-2.0/lubcat.lub.lu.se-shibboleth.xml101
-rw-r--r--swamid-2.0/medlem.consensus.liu.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml45
-rw-r--r--swamid-2.0/medlem.gotastudentkar.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml45
-rw-r--r--swamid-2.0/medlem.lintek.liu.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml45
-rw-r--r--swamid-2.0/medlem.stuff.liu.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml45
-rw-r--r--swamid-2.0/openexam.bmc.uu.se-simplesaml.xml34
-rw-r--r--swamid-2.0/pilot.idp.eduid.se-idp.xml82
-rw-r--r--swamid-2.0/play.ju.se.xml50
-rw-r--r--swamid-2.0/play.kau.se.xml4
-rw-r--r--swamid-2.0/play.mau.se.xml47
-rw-r--r--swamid-2.0/play.sh.se.xml5
-rw-r--r--swamid-2.0/play.shh.se.xml48
-rw-r--r--swamid-2.0/prestaging.cloudmore.com-shibboleth.xml2
-rw-r--r--swamid-2.0/proquest-ra21.mnt.se-shibboleth.xml14
-rw-r--r--swamid-2.0/ra.se-leg.se-shibboleth.xml53
-rw-r--r--swamid-2.0/scalear-staging2.herokuapp.com.xml42
-rw-r--r--swamid-2.0/sciencedirect-ra21.mnt.se-shibboleth.xml14
-rw-r--r--swamid-2.0/secure.urkund.com-shibboleth.xml8
-rw-r--r--swamid-2.0/staging-us.cloudmore.com-shibboleth.xml2
-rw-r--r--swamid-2.0/staging.cloudmore.com-shibboleth.xml2
-rw-r--r--swamid-2.0/swamid-2.grandid.com-module.php-saml-sp-metadata.php-gu-swamid-draftit.xml43
-rw-r--r--swamid-2.0/te-id.statenssc.se-adfs-services-trust.xml614
-rw-r--r--swamid-2.0/test-lubcat.lub.lu.se-shibboleth.xml106
-rw-r--r--swamid-2.0/test.account.hj.se-adfs-services-trust.xml637
-rw-r--r--swamid-2.0/test.scalable-learning.com.xml39
-rw-r--r--swamid-2.0/testidpv3.lu.se-idp-shibboleth.xml130
-rw-r--r--swamid-2.0/tsidp1.test.bth.se-idp-shibboleth.xml234
-rw-r--r--swamid-2.0/us.cloudmore.com-shibboleth.xml2
-rw-r--r--swamid-2.0/weblogin.kau.se-idp-shibboleth.xml4
-rw-r--r--swamid-2.0/webproxysrv.uniarts.se-adfs-services-trust.xml692
-rw-r--r--swamid-2.0/www.itslearning.com-integrations-samlmetadata-saml2v2-extensions-1.xml134
-rw-r--r--swamid-2.0/www.mediafora.net-simplesaml-module.php-saml-sp-metadata.php-media-network-sp.xml5
-rw-r--r--swamid-2.0/www.scalable-learning.com.xml38
-rw-r--r--swamid-idp-2.0.mxml2
-rw-r--r--swamid-sp-2.0.mxml18
-rw-r--r--swamid-testing-idp-1.0.mxml8
-rw-r--r--swamid-testing-sp-1.0.mxml1
73 files changed, 1787 insertions, 9326 deletions
diff --git a/Makefile b/Makefile
index d8655da6..157dc05f 100644
--- a/Makefile
+++ b/Makefile
@@ -206,7 +206,7 @@ testEntCat:
@echo "Checking for wrong AttributeValue in EntityAttributes/Attribute http://www.swamid.se/assurance-requirement"
@for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l "http://www.swamid.se/assurance-requirement"` ; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath '/EntityDescriptor/Extensions/EntityAttributes/Attribute[attribute::Name="http://www.swamid.se/assurance-requirement"]' - 2>/dev/null | grep "AttributeValue" | egrep -v ">http://www.swamid.se/policy/assurance/al1<|>http://www.swamid.se/policy/assurance/al2<" ; then echo " $$x" | sed 's/.*/&/' ; fi ; done | grep . && exit 1 || true
@echo "Checking for wrong AttributeValue in EntityAttributes/Attribute urn:oasis:names:tc:SAML:attribute:assurance-certification"
- @for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l "urn:oasis:names:tc:SAML:attribute:assurance-certification"` ; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath '/EntityDescriptor/Extensions/EntityAttributes/Attribute[attribute::Name="urn:oasis:names:tc:SAML:attribute:assurance-certification"]' - 2>/dev/null | grep "AttributeValue" | egrep -v ">https://refeds.org/sirtfi<|>http://www.swamid.se/policy/assurance/al1<|>http://www.swamid.se/policy/assurance/al2<" ; then echo " $$x" | sed 's/.*/&/' ; fi ; done | grep . && exit 1 || true
+ @for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l "urn:oasis:names:tc:SAML:attribute:assurance-certification"` ; do if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath '/EntityDescriptor/Extensions/EntityAttributes/Attribute[attribute::Name="urn:oasis:names:tc:SAML:attribute:assurance-certification"]' - 2>/dev/null | grep "AttributeValue" | egrep -v ">https://refeds.org/sirtfi<|>http://www.swamid.se/policy/assurance/al1<|>http://www.swamid.se/policy/assurance/al2<|>http://www.swamid.se/policy/authentication/swamid-al2-mfa<|>http://www.swamid.se/policy/authentication/swamid-al2-mfa-hi<" ; then echo " $$x" | sed 's/.*/&/' ; fi ; done | grep . && exit 1 || true
testSimpleSign:
@echo "Check for new SP:s with SimpleSign (breaks ADFS IdP:s with Shib SP 2.5+)"
@@ -226,17 +226,17 @@ testRoleDescriptor:
@for x in `find $(SRCDIRS) -name \*.xml`; do \
grep -EH 'RoleDescriptor.*xsi:type="fed:(ApplicationServiceType|SecurityTokenServiceType)"' $$x | \
sed -e 's/^/ /' -e 's/xmlns.*xsi:type="fed:/xsi:type="fed:/' -e 's/ protocol.*>/>/' -e 's/.*/&/' ; \
- done | grep . && echo "Please remove"
+ done | grep . && exit 1 || exit 0
testAttributeInIdP:
@echo "Check for Attribute inside IDPSSODescriptor"
@for x in `find $(SRCDIRS) -name \*.xml`; do \
- if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/IDPSSODescriptor" - 2>/dev/null | grep -q " <Attribute" ; then \
+ if cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/IDPSSODescriptor" - 2>/dev/null | grep -q " <Attribute Name" ; then \
echo " $$x" | sed 's/.*/&/' ;\
fi;\
- done | grep . && echo "Please remove this Attributes"
+ done | grep . && exit 1 || exit 0
-test: syntaxtest testMDUI testOrgData testEntCat testSimpleSign testALlevel testEduGAINchecks testRefedsRnS testGeantCoCo testMetadataUsage testBadStrings testIdPinSP
+test: syntaxtest testMDUI testOrgData testEntCat testSimpleSign testALlevel testEduGAINchecks testRefedsRnS testGeantCoCo testMetadataUsage testBadStrings testIdPinSP testRoleDescriptor testAttributeInIdP
deeptest: test testMDUIreach
diff --git a/swamid-2.0/337-mediaspace.kaltura.nordu.net.xml b/swamid-2.0/337-mediaspace.kaltura.nordu.net.xml
new file mode 100644
index 00000000..f57b131d
--- /dev/null
+++ b/swamid-2.0/337-mediaspace.kaltura.nordu.net.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://337-mediaspace.kaltura.nordu.net">
+ <md:Extensions>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue>
+ </samla:Attribute>
+ </mdattr:EntityAttributes>
+ </md:Extensions>
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="en">Blekinge Institute of Technology’s Play service</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="sv">Blekinge Tekniska Högskolas Play tjänst</mdui:DisplayName>
+ <mdui:Description xml:lang="en">Blekinge Institute of Technology’s streaming service.</mdui:Description>
+ <mdui:Description xml:lang="sv">Blekinge Tekniska Högskolas play tjänst</mdui:Description>
+ </mdui:UIInfo>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIICMjCCAZugAwIBAgIUSNmSXuKOmQgtimtnumPU1gAM/PYwDQYJKoZIhvcNAQEFBQAwPTEpMCcGA1UEAwwgMzM3LW1lZGlhc3BhY2Uua2FsdHVyYS5ub3JkdS5uZXQxEDAOBgNVBAoMB2thbHR1cmEwHhcNMTgwNjI1MDkyMTE2WhcNMTkwNjI1MDkyMTE2WjA9MSkwJwYDVQQDDCAzMzctbWVkaWFzcGFjZS5rYWx0dXJhLm5vcmR1Lm5ldDEQMA4GA1UECgwHa2FsdHVyYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAu0jIT398Vd2YsyF9LUzYZy5eJlpo3UIdNeGOWUcLDfC6ixe6Z1DLjYHYpsld3zjAhO1+V9UuRaXAwlBf+DbOZFudtNa7gq7+Xh3zUOVb+9wIU/sw1lgi6bJ2xX7k9axM9yAUmquCYTrsP0l+OLSLh0tvKhs9RwPMkCDu90Id3qUCAwEAAaMvMC0wKwYDVR0RBCQwIoIgMzM3LW1lZGlhc3BhY2Uua2FsdHVyYS5ub3JkdS5uZXQwDQYJKoZIhvcNAQEFBQADgYEAeJ1744GzQ+UeeZZljO2yhEqBZIUXvdAQZXVGYcGEH8VVv6uXFGntgKqA8kqG5/KdlRz8wVuaAwlcnj7QEuEoWMv1V1q5laFqJApu5vguZruEoiRNUEmpGTG9LDE1w/4or4K06GqJCJePJnB5mesLHwi8KgFPXmzGu2O2Vs2x1eY=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIICMjCCAZugAwIBAgIUSNmSXuKOmQgtimtnumPU1gAM/PYwDQYJKoZIhvcNAQEFBQAwPTEpMCcGA1UEAwwgMzM3LW1lZGlhc3BhY2Uua2FsdHVyYS5ub3JkdS5uZXQxEDAOBgNVBAoMB2thbHR1cmEwHhcNMTgwNjI1MDkyMTE2WhcNMTkwNjI1MDkyMTE2WjA9MSkwJwYDVQQDDCAzMzctbWVkaWFzcGFjZS5rYWx0dXJhLm5vcmR1Lm5ldDEQMA4GA1UECgwHa2FsdHVyYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAu0jIT398Vd2YsyF9LUzYZy5eJlpo3UIdNeGOWUcLDfC6ixe6Z1DLjYHYpsld3zjAhO1+V9UuRaXAwlBf+DbOZFudtNa7gq7+Xh3zUOVb+9wIU/sw1lgi6bJ2xX7k9axM9yAUmquCYTrsP0l+OLSLh0tvKhs9RwPMkCDu90Id3qUCAwEAAaMvMC0wKwYDVR0RBCQwIoIgMzM3LW1lZGlhc3BhY2Uua2FsdHVyYS5ub3JkdS5uZXQwDQYJKoZIhvcNAQEFBQADgYEAeJ1744GzQ+UeeZZljO2yhEqBZIUXvdAQZXVGYcGEH8VVv6uXFGntgKqA8kqG5/KdlRz8wVuaAwlcnj7QEuEoWMv1V1q5laFqJApu5vguZruEoiRNUEmpGTG9LDE1w/4or4K06GqJCJePJnB5mesLHwi8KgFPXmzGu2O2Vs2x1eY=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://337-mediaspace.kaltura.nordu.net/user/logout"/>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://337-mediaspace.kaltura.nordu.net/user/authenticate" index="0"/>
+ </md:SPSSODescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">BTH</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="en">BTH</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">https://337-mediaspace.kaltura.nordu.net</md:OrganizationURL>
+ </md:Organization>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>NORDUnet</md:GivenName>
+ <md:SurName>SAML Admin</md:SurName>
+ <md:EmailAddress>saml@media.nordu.net</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/acs-ra21.mnt.se-shibboleth.xml b/swamid-2.0/acs-ra21.mnt.se-shibboleth.xml
index 60ca8f11..3255d577 100644
--- a/swamid-2.0/acs-ra21.mnt.se-shibboleth.xml
+++ b/swamid-2.0/acs-ra21.mnt.se-shibboleth.xml
@@ -1,8 +1,4 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!--
-This is example metadata only. Do *NOT* supply it as is without review,
-and do *NOT* provide it in real time to your partners.
- -->
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://acs-ra21.mnt.se/shibboleth">
<md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
@@ -77,4 +73,14 @@ PviupR4zrQB2Z3UicpQVJewfp9c8GK7wgU3HdGmqrl7DiD14XFHVVQ==
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://acs-ra21.mnt.se/Shibboleth.sso/SAML/POST" index="5"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://acs-ra21.mnt.se/Shibboleth.sso/SAML/Artifact" index="6"/>
</md:SPSSODescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">The RA21 Project</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="en">Resource Access for the 21st Century (RA21)</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">https://ra21.org</md:OrganizationURL>
+ </md:Organization>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>SWAMID</md:GivenName>
+ <md:SurName>Operations</md:SurName>
+ <md:EmailAddress>mailto:operations@swamid.se</md:EmailAddress>
+ </md:ContactPerson>
</md:EntityDescriptor>
diff --git a/swamid-2.0/adfs.ju.se-adfs-services-trust.xml b/swamid-2.0/adfs.ju.se-adfs-services-trust.xml
index d3f7f85a..b23e63b6 100644
--- a/swamid-2.0/adfs.ju.se-adfs-services-trust.xml
+++ b/swamid-2.0/adfs.ju.se-adfs-services-trust.xml
@@ -7,651 +7,6 @@
</samla:Attribute>
</mdattr:EntityAttributes>
</Extensions>
- <RoleDescriptor xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="Jönköping University">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC1jCCAb6gAwIBAgIQTyYeY+viq6VAnXNlpdWo9zANBgkqhkiG9w0BAQsFADAnMSUwIwYDVQQDExxBREZTIEVuY3J5cHRpb24gLSBhZGZzLmp1LnNlMB4XDTE3MDExOTEzMDc1NFoXDTI3MDExNzEzMDc1NFowJzElMCMGA1UEAxMcQURGUyBFbmNyeXB0aW9uIC0gYWRmcy5qdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKdGLVnbXSmzyWarNprPDDZ5WbD9Hq31kscc6OTLh6CsxQIs5xWODrMloC0o4T5hVGDRz8MONhd2kg8zJttlM82sn8gtZQ7oToQmINJFcLcqT3UJlwZMSWWdxTyJE82S38y/4td6AC8WFmzWM8fEfJoLLB9LMotEw/jZGQvLjb2IeF83TONyXwTnOqNR7mvtqKOagDY4Yw9pkFIjjqcS6ZmWn4LOQMCvVFnUSCAYMRYpCzjvyUN4cjq63WFhtRpuYEExQb6s8Hf4zZBD5B7Qm9CTaiUyWd9zl/IuFLmHIAvkyPpBOsOWQm/7WCNDuEf6OP+TGHrpWs7qz8zY2jadLLsCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAb74Nbfv4Uu09TEFdEvILRQK3favoN6qWf8Nm3GcigsL4aWm8h/rr6lwG9uW6rwTivrFFCNz6xm10+Wrk4Tdki9h5LqtOflb3pb/vDhO2Gtxc6VSSFgflAnnKpEaGgseS4hQH8Wv7rdta25tjjjekxzeJc+OpPWHov/4aMJYDJyAuFEWXgxzRP9oN9AeW7bYj5h8ujJ8iBs36w2eMrV9DjKY1OSkotkxMjb2sJvxe09HOjZxQxrsiupnoG6nzHs8uaGBrCcsJLv8wZrPP6y7gIxKs7UI2qBMs9tTQMy1gaTAX3g17lg9zZVE0LMOSJPllH9A36w6zVOE8HpPtRLIzGg==</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:ClaimTypesRequested>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2013/11/alternateloginid" Optional="true">
- <auth:DisplayName>Alternate Login ID</auth:DisplayName>
- <auth:Description>Alternate login ID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
- <auth:DisplayName>Endpoint Path</auth:DisplayName>
- <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
- <auth:DisplayName>Client IP</auth:DisplayName>
- <auth:Description>IP address of the client</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" Optional="true">
- <auth:DisplayName>JU eduPersonTargetedID</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.16.840.1.113730.3.1.241" Optional="true">
- <auth:DisplayName>JU displayName</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" Optional="true">
- <auth:DisplayName>JU eduPersonAssurance</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.16" Optional="true">
- <auth:DisplayName>JU orcid</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oasis:names:tc:SAML:attribute:assurance-certification" Optional="true">
- <auth:DisplayName>JU Assurance-Certification</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.4" Optional="true">
- <auth:DisplayName>JU surName</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.42" Optional="true">
- <auth:DisplayName>JU givenName</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.2428.90.1.5" Optional="true">
- <auth:DisplayName>JU norEduPersonNIN</auth:DisplayName>
- <auth:Description>SWAMID personnummer 12 tecken</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.2.752.29.4.13" Optional="true">
- <auth:DisplayName>JU personalIdentityNumber</auth:DisplayName>
- <auth:Description>Swedish ”personnummer” or ”samordningsnummer” according to SKV 704 and SKV 707. 12 digits without hyphen.</auth:Description>
- </auth:ClaimType>
- </fed:ClaimTypesRequested>
- <fed:TargetScopes>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.ju.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.ju.se/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.ju.se/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.ju.se/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.ju.se/adfs/ls/</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>http://adfs.ju.se/adfs/services/trust</Address>
- </EndpointReference>
- </fed:TargetScopes>
- <fed:ApplicationServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.ju.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- </fed:ApplicationServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.ju.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
- <RoleDescriptor xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="fed:SecurityTokenServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="Jönköping University">
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC0DCCAbigAwIBAgIQGbaE3+X1YYdHklQ4dW3+LTANBgkqhkiG9w0BAQsFADAkMSIwIAYDVQQDExlBREZTIFNpZ25pbmcgLSBhZGZzLmp1LnNlMB4XDTE3MDExOTEzMDc1NloXDTI3MDExNzEzMDc1NlowJDEiMCAGA1UEAxMZQURGUyBTaWduaW5nIC0gYWRmcy5qdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMnc6vqVRrc+t6WRVO+xjGbrfJEBF97ebTz/3miuHuzaWVsfzVsO+u+rd7sGXOOnZJ7mwFObfcvi63D07DPOjF++3/KygobjhT1yKeWK8HPj2iM75ceHKSciSY7caLwlW+O64gex410XQTmqBvcX1BpWNZkE2oFbdob3B27j+bDlrFo631FM8luO8faVAmvV0EudpzBkmuoSDkK94VN6AWzuUqWybCY3sEiydbh+JncFxyIH6grKs+Pc3DAplMo3HphB4RyY2WIeHyreCoKgb71PWu/BLM92t7h5S5DnhvUbZBv13gP6Uq6RJgj8jlNS3ZlNNZS8NLOV2TzR3cd5LJ8CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEARi0HtjfOnJeaAdAGcVY0KPulzHkGszVyvEs5QMDv5u0NI9D0U/FnEeMaqdEwGKma6YetcbQrCEoNm0cR3Z9FPs6qzahahj0uxjggX5NkP89w9PLeZnEm+prcwsCb9NVNq0dN7TtiInjOh3nA+pDzQD9E6rD4Q1zV68p8+zFa+7vW3/pUc72wN+GQD2x8LF89VbuAegGoLx1VIbcStV6s78G0HpZEWhraepBh1W2OFRZ1avKPO68wvHyhHZD2Uz6O7WIrD5nMhyuH+OUEeMX55qtD+TIIslc51+uGEeCwd9Yrbuu126oxt4duKBVpBan+P+BASVFtEMON41soGgmN/A==</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:TokenTypesOffered>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:2.0:assertion"/>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion"/>
- </fed:TokenTypesOffered>
- <fed:ClaimTypesOffered>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2013/11/alternateloginid" Optional="true">
- <auth:DisplayName>Alternate Login ID</auth:DisplayName>
- <auth:Description>Alternate login ID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
- <auth:DisplayName>Endpoint Path</auth:DisplayName>
- <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
- <auth:DisplayName>Client IP</auth:DisplayName>
- <auth:Description>IP address of the client</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" Optional="true">
- <auth:DisplayName>JU eduPersonTargetedID</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.16.840.1.113730.3.1.241" Optional="true">
- <auth:DisplayName>JU displayName</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" Optional="true">
- <auth:DisplayName>JU eduPersonAssurance</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.16" Optional="true">
- <auth:DisplayName>JU orcid</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oasis:names:tc:SAML:attribute:assurance-certification" Optional="true">
- <auth:DisplayName>JU Assurance-Certification</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.4" Optional="true">
- <auth:DisplayName>JU surName</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.42" Optional="true">
- <auth:DisplayName>JU givenName</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.2428.90.1.5" Optional="true">
- <auth:DisplayName>JU norEduPersonNIN</auth:DisplayName>
- <auth:Description>SWAMID personnummer 12 tecken</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.2.752.29.4.13" Optional="true">
- <auth:DisplayName>JU personalIdentityNumber</auth:DisplayName>
- <auth:Description>Swedish ”personnummer” or ”samordningsnummer” according to SKV 704 and SKV 707. 12 digits without hyphen.</auth:Description>
- </auth:ClaimType>
- </fed:ClaimTypesOffered>
- <fed:SecurityTokenServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.ju.se/adfs/services/trust/2005/certificatemixed</Address>
- <Metadata>
- <Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
- <wsx:MetadataSection xmlns="" Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataReference>
- <Address xmlns="http://www.w3.org/2005/08/addressing">https://adfs.ju.se/adfs/services/trust/mex</Address>
- </wsx:MetadataReference>
- </wsx:MetadataSection>
- </Metadata>
- </Metadata>
- </EndpointReference>
- </fed:SecurityTokenServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.ju.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
<SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<Extensions>
<mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
diff --git a/swamid-2.0/adfs.rkh.se-adfs-services-trust.xml b/swamid-2.0/adfs.rkh.se-adfs-services-trust.xml
index 5862a6d7..08c91918 100644
--- a/swamid-2.0/adfs.rkh.se-adfs-services-trust.xml
+++ b/swamid-2.0/adfs.rkh.se-adfs-services-trust.xml
@@ -1,607 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="http://adfs.rkh.se/adfs/services/trust">
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="adfs.rkh.se">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC2DCCAcCgAwIBAgIQGautI+pz9adEzsYcS8EfjjANBgkqhkiG9w0BAQsFADAoMSYwJAYDVQQDEx1BREZTIEVuY3J5cHRpb24gLSBhZGZzLnJraC5zZTAeFw0xODAzMjEwNzMwMzJaFw0xOTAzMjEwNzMwMzJaMCgxJjAkBgNVBAMTHUFERlMgRW5jcnlwdGlvbiAtIGFkZnMucmtoLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNEZS8D8pFyX4ZFo/+Vbsik653WMtnH6KdnMFHrKnuOXqDoxs5S4kR9PbLD1NSqOrTYR0SLRsa0NitMTiicM5ateieUn5xcnb3bu91YJ/+EoR4TqYY/+AZR4Mi6pTqiCGTvzOxTyXxpCWJIBlTBq7OvhVTel3tx6qfcLdhOmIcafL7qLVBV8csrwbIjcWNgItiDP7XMoogut5R/z4qyjA+KJTsKX/BI3DNIWTc5HuNJb54DEXnzE8Bawl4D0tUDNm5ogXpkGirTLT6N+hQ9L87/swlbK+Dj5qTdvtXHOhltLofI9FjS0/0q4XX7gHe9jm1/FzpRp1197DzW9K/ZvgwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAifuxnEGWhesWEtO7Gfn7M53GKM68i1A883NvmrtJ88MCYRU9p+sLVFDUpaevxu9uy7blr+cSeIDP6rhJn2xddMbfGj+zo/+KO4ZOoDLzcVmkLOg0utMVKzDgo/0lFPDabQNPsb6uccQrwFYNVb/gK/u6dNVc0Sh8CUU//uBOcCiVUqXCKXV+5AhVN3JUt2x8z9b8reHQDu+WqfvNGgaMrxU3/I6WEK5DGz9/hpjoD1z9VbPmbHlsyKf8MLLAP10LeXt2NJphHOIhRqoTndzNjDYjrOwGtqXO7UsO2qlc5xRla4gtx8hFrsDAuVFqRFR3CB7rjKGmZYzCM8PIUGH4h</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:ClaimTypesRequested>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
- <auth:DisplayName>Client IP</auth:DisplayName>
- <auth:Description>IP address of the client</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
- <auth:DisplayName>Endpoint Path</auth:DisplayName>
- <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- </fed:ClaimTypesRequested>
- <fed:TargetScopes>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.rkh.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.rkh.se/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.rkh.se/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.rkh.se/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.rkh.se/adfs/ls/</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>http://adfs.rkh.se/adfs/services/trust</Address>
- </EndpointReference>
- </fed:TargetScopes>
- <fed:ApplicationServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.rkh.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- </fed:ApplicationServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.rkh.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:SecurityTokenServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="adfs.rkh.se">
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC0jCCAbqgAwIBAgIQRNcBkwUH57FBO/0iKmJ2dzANBgkqhkiG9w0BAQsFADAlMSMwIQYDVQQDExpBREZTIFNpZ25pbmcgLSBhZGZzLnJraC5zZTAeFw0xODAzMjEwNzMwMzNaFw0xOTAzMjEwNzMwMzNaMCUxIzAhBgNVBAMTGkFERlMgU2lnbmluZyAtIGFkZnMucmtoLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PBujoU9dPCDLdMTlLCOkog78u1/3LQVYX2Y/daoIKFDCdhb4zMNjHUhy/4o+uM7fqXb8+ZQRjfC10DW8gBBUuTX1Du6hSitc6et+SePw7WTw3NxzLiFUmBrBwLN/WKjVLKTX6NXgaw15jD9uabI37DZDyu93e1RoLo0imiNLTRxyQs4QLpcDPR0GH2kqHusxbpZOMAsEfoJbKWFwFrSBUyznodb0f/ABxle5lXIvsfIg3uXCg61baBDoaHd6qEy+syfvlJYYqFk76JwgAqkMIWa7OWa9c2jzJJuYGmZI7u4erNtt/YYIli0x/Eoz4KJkl0Nt79JjvmyIGlI+yAObQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCJD/8kZuSUs3x7j9g4CCD33wSpjb6rRy9ghcM2i8LoaWZLtYOBzNPfRtLbN6UZRUHwWxxgT0go4QRbdoZt0z0phJ0zEqbTZO1ufGFX9f1Yd53WYYWGKmUvVSbNRm4eFOQK781aveoum/3VKz7cZZOcq/unQiBuBfXG6/SAnfHRjcXwXGLzr/RdRRbLpLkr5iPnJjtVPeGYGhK/emoIABRhtMkdIbZTHcutG0vjkG/SWxKWNt0krmLphVYItvjU/trIqcy9c0CfrnhpyNR3B4BTkF5EOH8PmMu1up0HTYZ2rCKTxeE4Rf+fNMvu8mGcuYQkmtok72zts03aa5Fnat/X</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:TokenTypesOffered>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:2.0:assertion"/>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion"/>
- </fed:TokenTypesOffered>
- <fed:ClaimTypesOffered>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
- <auth:DisplayName>Client IP</auth:DisplayName>
- <auth:Description>IP address of the client</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
- <auth:DisplayName>Endpoint Path</auth:DisplayName>
- <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- </fed:ClaimTypesOffered>
- <fed:SecurityTokenServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.rkh.se/adfs/services/trust/2005/certificatemixed</Address>
- <Metadata>
- <Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataSection xmlns="" Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataReference>
- <Address xmlns="http://www.w3.org/2005/08/addressing">https://adfs.rkh.se/adfs/services/trust/mex</Address>
- </wsx:MetadataReference>
- </wsx:MetadataSection>
- </Metadata>
- </Metadata>
- </EndpointReference>
- </fed:SecurityTokenServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.rkh.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
- <SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC2DCCAcCgAwIBAgIQGautI+pz9adEzsYcS8EfjjANBgkqhkiG9w0BAQsFADAoMSYwJAYDVQQDEx1BREZTIEVuY3J5cHRpb24gLSBhZGZzLnJraC5zZTAeFw0xODAzMjEwNzMwMzJaFw0xOTAzMjEwNzMwMzJaMCgxJjAkBgNVBAMTHUFERlMgRW5jcnlwdGlvbiAtIGFkZnMucmtoLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNEZS8D8pFyX4ZFo/+Vbsik653WMtnH6KdnMFHrKnuOXqDoxs5S4kR9PbLD1NSqOrTYR0SLRsa0NitMTiicM5ateieUn5xcnb3bu91YJ/+EoR4TqYY/+AZR4Mi6pTqiCGTvzOxTyXxpCWJIBlTBq7OvhVTel3tx6qfcLdhOmIcafL7qLVBV8csrwbIjcWNgItiDP7XMoogut5R/z4qyjA+KJTsKX/BI3DNIWTc5HuNJb54DEXnzE8Bawl4D0tUDNm5ogXpkGirTLT6N+hQ9L87/swlbK+Dj5qTdvtXHOhltLofI9FjS0/0q4XX7gHe9jm1/FzpRp1197DzW9K/ZvgwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAifuxnEGWhesWEtO7Gfn7M53GKM68i1A883NvmrtJ88MCYRU9p+sLVFDUpaevxu9uy7blr+cSeIDP6rhJn2xddMbfGj+zo/+KO4ZOoDLzcVmkLOg0utMVKzDgo/0lFPDabQNPsb6uccQrwFYNVb/gK/u6dNVc0Sh8CUU//uBOcCiVUqXCKXV+5AhVN3JUt2x8z9b8reHQDu+WqfvNGgaMrxU3/I6WEK5DGz9/hpjoD1z9VbPmbHlsyKf8MLLAP10LeXt2NJphHOIhRqoTndzNjDYjrOwGtqXO7UsO2qlc5xRla4gtx8hFrsDAuVFqRFR3CB7rjKGmZYzCM8PIUGH4h</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC0jCCAbqgAwIBAgIQRNcBkwUH57FBO/0iKmJ2dzANBgkqhkiG9w0BAQsFADAlMSMwIQYDVQQDExpBREZTIFNpZ25pbmcgLSBhZGZzLnJraC5zZTAeFw0xODAzMjEwNzMwMzNaFw0xOTAzMjEwNzMwMzNaMCUxIzAhBgNVBAMTGkFERlMgU2lnbmluZyAtIGFkZnMucmtoLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PBujoU9dPCDLdMTlLCOkog78u1/3LQVYX2Y/daoIKFDCdhb4zMNjHUhy/4o+uM7fqXb8+ZQRjfC10DW8gBBUuTX1Du6hSitc6et+SePw7WTw3NxzLiFUmBrBwLN/WKjVLKTX6NXgaw15jD9uabI37DZDyu93e1RoLo0imiNLTRxyQs4QLpcDPR0GH2kqHusxbpZOMAsEfoJbKWFwFrSBUyznodb0f/ABxle5lXIvsfIg3uXCg61baBDoaHd6qEy+syfvlJYYqFk76JwgAqkMIWa7OWa9c2jzJJuYGmZI7u4erNtt/YYIli0x/Eoz4KJkl0Nt79JjvmyIGlI+yAObQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCJD/8kZuSUs3x7j9g4CCD33wSpjb6rRy9ghcM2i8LoaWZLtYOBzNPfRtLbN6UZRUHwWxxgT0go4QRbdoZt0z0phJ0zEqbTZO1ufGFX9f1Yd53WYYWGKmUvVSbNRm4eFOQK781aveoum/3VKz7cZZOcq/unQiBuBfXG6/SAnfHRjcXwXGLzr/RdRRbLpLkr5iPnJjtVPeGYGhK/emoIABRhtMkdIbZTHcutG0vjkG/SWxKWNt0krmLphVYItvjU/trIqcy9c0CfrnhpyNR3B4BTkF5EOH8PmMu1up0HTYZ2rCKTxeE4Rf+fNMvu8mGcuYQkmtok72zts03aa5Fnat/X</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs.rkh.se/adfs/ls/"/>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs.rkh.se/adfs/ls/"/>
- <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
- <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs.rkh.se/adfs/ls/" index="0" isDefault="true"/>
- <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://adfs.rkh.se/adfs/ls/" index="1"/>
- </SPSSODescriptor>
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<Extensions>
<shibmd:Scope regexp="false">rkh.se</shibmd:Scope>
@@ -636,69 +34,6 @@
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs.rkh.se/adfs/ls/"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs.rkh.se/adfs/ls/"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Registered User"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration DisplayName"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS type"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS Version"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Managed Device"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Forwarded Client IP"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Application"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client User Agent"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client IP"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Endpoint Path"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Proxy"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application policies"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authority Key Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Basic Constraint"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Enhanced Key Usage"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Key Usage"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not After"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not Before"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Policies"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Public Key"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Raw Data"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Alternative Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Serial Number"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Signature Algorithm"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Key Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V2 Template Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V1 Template Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Thumbprint"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="X.509 Version"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Inside Corporate Network"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Time"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Days"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Update Password URL"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication Methods References"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Request ID"/>
</IDPSSODescriptor>
<Organization>
<OrganizationName xml:lang="sv">Röda Korsets Högskola</OrganizationName>
diff --git a/swamid-2.0/adfs.tad.hv.se-adfs-services-trust.xml b/swamid-2.0/adfs.tad.hv.se-adfs-services-trust.xml
index fbe8d40b..9024a6e7 100644
--- a/swamid-2.0/adfs.tad.hv.se-adfs-services-trust.xml
+++ b/swamid-2.0/adfs.tad.hv.se-adfs-services-trust.xml
@@ -1,592 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="http://adfs.tad.hv.se/adfs/services/trust">
- <RoleDescriptor xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ServiceDisplayName="University West" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:ApplicationServiceType">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC3jCCAcagAwIBAgIQJUPVHNhj+JtCSmkUzj+l+TANBgkqhkiG9w0BAQsFADArMSkwJwYDVQQDEyBBREZTIEVuY3J5cHRpb24gLSBhZGZzLnRhZC5odi5zZTAeFw0xNTEyMDIxMzUwMDNaFw0yMDEyMDIxMzUwMDNaMCsxKTAnBgNVBAMTIEFERlMgRW5jcnlwdGlvbiAtIGFkZnMudGFkLmh2LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseBegVuR4rWwDh+u/358+9uUCp3D4ByUTlu8pAXGkwjMmgid/VnWoWbezvTMD4j7v/lRFP+HbotD4WNNvHjtIJ1klI07GqINL+Sh+muuPVmARumB4yISRJyCrAg0Y9BUP4U10uTK4pUciqtOy3WWOGmcnNH3oeMz9mkyzbn+l30aKFgubeCZk5ni7VRCWTW7pHs+n4laMYBgBWIOUamgfn1jbpi8j4MUA3Vt/Z3IW5UPp8tXuCM3cw5peQydvw0NYynk+lAhNyWupPQ/ckGS33AZZor3eYMnqgrz/h5QpMstpkpb5LGGoXlbS5CezjVqlRdLw/fuiW8IL0uj15hU6QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAxz/0OiyG4GIHQjflw8fIXeZ6ciuKEC1gEwA4dyFnxNv/+F7hKD8l1aQwVVrYIjzUw1QjwlDsqXwEcxzFAE4xjcO7Luf0HpD3eR0edM4iDmR4yQPro0c7iguueaUWwpAL4Wxop+FsY8YLoz31qynXCQhZiEm45mwt73AzjW58rIyvLv52BgS5W1rw+3n4yjjxGXcNTcjXqTXNKKjGj/Q421hhTdqqlNQXNILZaeXi/qnI+8NE4Bfxo2NVMFUGN44CrcGqMXmgkpvmenwCCJ3uMiX1FLcfRiR49RcrtvnpcLh7z8u2ixbPDBzeXMv4qJddc4W6My6+nfSmtv3jYgijK</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:ClaimTypesRequested>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/CommonName">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/EmailAddress">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/Group">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/UPN">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip">
- <auth:DisplayName>Client IP</auth:DisplayName>
- <auth:Description>IP address of the client</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path">
- <auth:DisplayName>Endpoint Path</auth:DisplayName>
- <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2013/11/alternateloginid">
- <auth:DisplayName>Alternate Login ID</auth:DisplayName>
- <auth:Description>Alternate login ID of the user</auth:Description>
- </auth:ClaimType>
- </fed:ClaimTypesRequested>
- <fed:TargetScopes>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.tad.hv.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.tad.hv.se/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.tad.hv.se/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.tad.hv.se/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.tad.hv.se/adfs/ls/</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>http://adfs.tad.hv.se/adfs/services/trust</Address>
- </EndpointReference>
- </fed:TargetScopes>
- <fed:ApplicationServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.tad.hv.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- </fed:ApplicationServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.tad.hv.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
- <RoleDescriptor xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ServiceDisplayName="University West" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:SecurityTokenServiceType">
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC2DCCAcCgAwIBAgIQdJ+qhazgjLJDd3jeh9VkpzANBgkqhkiG9w0BAQsFADAoMSYwJAYDVQQDEx1BREZTIFNpZ25pbmcgLSBhZGZzLnRhZC5odi5zZTAeFw0xNTEyMDIxMzQ5NDhaFw0yMDEyMDIxMzQ5NDhaMCgxJjAkBgNVBAMTHUFERlMgU2lnbmluZyAtIGFkZnMudGFkLmh2LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvR12vhcEsB93mg6pgwyQxGhZqpS8aEcCzOQwXOApH28y6RlT0qE/mowxX0fOpdBYblbxOurih4vtwx1NTe5CrXsUrpzkHP/hsOAmMGrpC0N5ybOEUegJ/Hk6wTmt7wA7nSfcsMvTUsXQZvKA+xFhCA7AjSMpF8Vv7BeU2O1IZDELU4U7P5iBls1YuMsgdFJ2Eu5LHILhfGaqSi9xkL7loYYwH3iU8MZ52CbOJLEl9uG99E3njSPq3CJ4tWZj1OkBLYf3gBBgvW3tOyYrAJWq5d1LyAh05+PNQQAKTPKHaaV9iAtUgys6M1v5XCUi1rv0nCBwl0iNQuFIiXsegaG4UQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBratRK3aI/quHmQ5fEMOaySihHaQId/26Jq4RQH0yOOhzjsQ9DSGCwwYZOefgi5G7SzQw1m6PJ7WecqT9gRPPT+IPt+KO+dnWQUNgedOZzM5Z0HXSdIUX0h5pxxTbHqExqkj9CZzKHFbiQvZBld7VcJsZW9PB7bM8lg+NAeoGBNdJACx33M59jVa+vPd2pVT5STufgIHkLkDGCqedBEQMFmyAhidVHlJO2cgieqmTjCDiO38ZYdXbwarsYrs6uxmdqUMdRwT4IVkpgyqyeQh/tN+w3QolWu4PX1s76GSYLUKasyK6YZXZDBGlFZDbb0padi0Vasmmg+VvMhuKmRtIP</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:TokenTypesOffered>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:2.0:assertion"/>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion"/>
- </fed:TokenTypesOffered>
- <fed:ClaimTypesOffered>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/CommonName">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/EmailAddress">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/Group">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/UPN">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip">
- <auth:DisplayName>Client IP</auth:DisplayName>
- <auth:Description>IP address of the client</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path">
- <auth:DisplayName>Endpoint Path</auth:DisplayName>
- <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2013/11/alternateloginid">
- <auth:DisplayName>Alternate Login ID</auth:DisplayName>
- <auth:Description>Alternate login ID of the user</auth:Description>
- </auth:ClaimType>
- </fed:ClaimTypesOffered>
- <fed:SecurityTokenServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.tad.hv.se/adfs/services/trust/2005/certificatemixed</Address>
- <Metadata>
- <Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
- <wsx:MetadataSection xmlns="" Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataReference>
- <Address xmlns="http://www.w3.org/2005/08/addressing">https://adfs.tad.hv.se/adfs/services/trust/mex</Address>
- </wsx:MetadataReference>
- </wsx:MetadataSection>
- </Metadata>
- </Metadata>
- </EndpointReference>
- </fed:SecurityTokenServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.tad.hv.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
<SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<KeyDescriptor use="encryption">
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
@@ -636,70 +49,6 @@
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs.tad.hv.se/adfs/ls/"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs.tad.hv.se/adfs/ls/"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="E-Mail Address" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Given Name" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Name" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="UPN" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Common Name" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="AD FS 1.x E-Mail Address" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Group" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="AD FS 1.x UPN" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Role" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Surname" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="PPID" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Name ID" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Authentication time stamp" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Authentication method" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Deny only group SID" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Deny only primary SID" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Deny only primary group SID" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Group SID" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Primary group SID" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Primary SID" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Windows account name" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Is Registered User" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Device Identifier" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Device Registration Identifier" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Device Registration DisplayName" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Device OS type" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Device OS Version" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Is Managed Device" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Forwarded Client IP" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Client Application" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Client User Agent" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Client IP" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Endpoint Path" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Proxy" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Application Identifier" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Application policies" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Authority Key Identifier" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Basic Constraint" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Enhanced Key Usage" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Issuer" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Issuer Name" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Key Usage" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Not After" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Not Before" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Certificate Policies" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Public Key" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Certificate Raw Data" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Subject Alternative Name" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Serial Number" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Signature Algorithm" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Subject" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Subject Key Identifier" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Subject Name" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="V2 Template Name" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="V1 Template Name" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Thumbprint" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="X.509 Version" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Inside Corporate Network" Name="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Password Expiration Time" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Password Expiration Days" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Update Password URL" Name="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Authentication Methods References" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Client Request ID" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Alternate Login ID" Name="http://schemas.microsoft.com/ws/2013/11/alternateloginid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
</IDPSSODescriptor>
<ContactPerson contactType="technical">
<GivenName>Pär</GivenName>
diff --git a/swamid-2.0/adfs.test.umu.se-adfs-services-trust.xml b/swamid-2.0/adfs.test.umu.se-adfs-services-trust.xml
new file mode 100644
index 00000000..c30de0d2
--- /dev/null
+++ b/swamid-2.0/adfs.test.umu.se-adfs-services-trust.xml
@@ -0,0 +1,99 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://adfs.test.umu.se/adfs/services/trust">
+ <SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="sv">Umeå universitet</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Umeå University</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Umeå universitet</mdui:Description>
+ <mdui:Description xml:lang="en">Umeå University</mdui:Description>
+ <mdui:InformationURL xml:lang="sv">http://www.umu.se</mdui:InformationURL>
+ <mdui:InformationURL xml:lang="en">http://www.umu.se/english</mdui:InformationURL>
+ <mdui:PrivacyStatementURL xml:lang="sv">
+ https://www.aurora.umu.se/regler-och-riktlinjer/juridik/personuppgifter/
+ </mdui:PrivacyStatementURL>
+ <mdui:PrivacyStatementURL xml:lang="en">
+ https://www.aurora.umu.se/regler-och-riktlinjer/juridik/personuppgifter/
+ </mdui:PrivacyStatementURL>
+ </mdui:UIInfo>
+ </Extensions>
+ <KeyDescriptor use="encryption">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIFPzCCBCegAwIBAgIQCHbY9n83XT9xy1+U7v4YHDANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wgQ0EgMzAeFw0xNzA0MjEwMDAwMDBaFw0yMDA0MjkxMjAwMDBaMHUxCzAJBgNVBAYTAlNFMQ4wDAYDVQQIDAVVbWXDpTEOMAwGA1UEBwwFVW1lw6UxGjAYBgNVBAoMEVVtZcOlIFVuaXZlcnNpdGV0MSowKAYDVQQDEyF0b2tlbi1kZWNyeXB0aW5nLmZzLnRlc3RhZC51bXUuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1Q6T+plZVtok2jfpfM1DzAilo9zsO2sbUeIeqqFBv/S2FPhJ0PfQj18yNIG1WxSvlyv68BIKTmgYNox9/6Oh9N9s5kVl79XRr+XOwfuO2ZLjrzp7G8+qqxFDull/Gw9dwnzBS+k4EKv+sVx5IOBTvQjKLFwyQ4h9ZbV8K8Ij4XxXXIoi7xwB38SMVtYquhrEAVEfqR10/ncPB16gJKrAIYMwCD7d0tYnW5yYLDmn8vwFdpY4MWp47D5p4MAR5EatNFdmDbzG2rKhei3vp1c++27hPxJzgmgLiuFX/dmUyauNuP9KHc8LKYU2NXUjmxoaPQTYYweIPUXg2X/mFhFxXAgMBAAGjggHaMIIB1jAfBgNVHSMEGDAWgBRn/YggFCeYxwnSJRm76VERY3VQYjAdBgNVHQ4EFgQUcIDKMDgUpSjQ9zeUVdNpcL+r7XswLAYDVR0RBCUwI4IhdG9rZW4tZGVjcnlwdGluZy5mcy50ZXN0YWQudW11LnNlMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL1RFUkVOQVNTTENBMy5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xDQTMuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMG4GCCsGAQUFBwEBBGIwYDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMDgGCCsGAQUFBzAChixodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vVEVSRU5BU1NMQ0EzLmNydDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBgJj0XyQRDZ5oqghPfYsha/8aGBwwHuUSdIpItWZyvJq8h0Mgz8b3sGeuCLAMolOaKbKjzpu0nKQzXjNgZGQLaDY9iEmYiif9EixQ5zEId/XwV/SmA9HcQG5vAhMHbuhgjrG6kmxFrtFy3DL6X7T99zQdkZfmu0XMewN3t2x5IuNQUegNRQFSWqX9an7z8n1tHvefObR6+Q6s/uot7AqDeU0t1qV2P2oyKNlUlfh92j4Lj9R9iPNyd1xxSgBuLwpChNyhtsvOTKpPpuyOJrWRKMX9D0RyZu9HctiH0S/CAbKifmYOCHQDHxLLC77C4LJsYgcB0oSwi495OHQn6F2Sj</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIFOTCCBCGgAwIBAgIQBKWHLemKBpQxbT76jelBTzANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wgQ0EgMzAeFw0xNzA0MjEwMDAwMDBaFw0yMDA0MjkxMjAwMDBaMHIxCzAJBgNVBAYTAlNFMQ4wDAYDVQQIDAVVbWXDpTEOMAwGA1UEBwwFVW1lw6UxGjAYBgNVBAoMEVVtZcOlIFVuaXZlcnNpdGV0MScwJQYDVQQDEx50b2tlbi1zaWduaW5nLmZzLnRlc3RhZC51bXUuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKBaSbszGeXv44Dw+2sHPdq/aGRFOAf8vJJ4wbRYwJ7jnyHrukoZvwE30FE3mmh0QIXyWXmhYO4M0WhMiOeKy3qXW5xQsSRArYBF6Zwd3OY9dvpB/h4GedVJf1bamNvHioKkciEk4n6//2DyCpZzRC77ZxZOmt3bRRFFoler53GaQUcAMar4C75eqA14u5S7XY1UhOyEffIwbjacFR77UNlRYa8m5YRry0fVG96y7u83nQ89mzp9ZigvB4bP6lj4Na6RaqnrowUvJR2/oF2J0xiRivkpSQ8g4dx8PABduXw07OlYzdxJ/hq7PPjg8CHcnnIeb7apRMKdqeZ2C1mG+lAgMBAAGjggHXMIIB0zAfBgNVHSMEGDAWgBRn/YggFCeYxwnSJRm76VERY3VQYjAdBgNVHQ4EFgQUMr5/twZ9e2Kfe0f0X7R+V7LsjvAwKQYDVR0RBCIwIIIedG9rZW4tc2lnbmluZy5mcy50ZXN0YWQudW11LnNlMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL1RFUkVOQVNTTENBMy5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xDQTMuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMG4GCCsGAQUFBwEBBGIwYDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMDgGCCsGAQUFBzAChixodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vVEVSRU5BU1NMQ0EzLmNydDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBoDrOZDFN8DFPm4luIx6H1oPoFWvArthtFlwrVipLMWkzrEygCWNPFVNYzZqJPM1nojNwSl8t+vLSsmfFJOHg+DfY3s4AAgnNeqUX2CPGdxxVLaxIm557uTvEcHaophOX2Uzf01A7DbiqB4vHJ1KxnveqsaCn9JOza7mVoTkQJnXVcZ4Qv19vb9gIOSRgM+xILyr5w/r+XlQhG5b65Oexd2x9KqdeN23r+evjEhjFKiyBHttXfWbOciPAWecTLRrSWdFrslK2LfWzebDwYBJK/Ix9S2DbhJPvMA60E5cdCmDChUDr/K/woKsRK1kTemTvIhSz/Syc2zje7EF1SKSXB</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs.test.umu.se/adfs/ls/"/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs.test.umu.se/adfs/ls/"/>
+ <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs.test.umu.se/adfs/ls/" index="0" isDefault="true"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://adfs.test.umu.se/adfs/ls/" index="1"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs.test.umu.se/adfs/ls/" index="2"/>
+ </SPSSODescriptor>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions xmlns:shibmd="urn:mace:shibboleth:metadata:1.0">
+ <shibmd:Scope xmlns="" regexp="false">umu.se</shibmd:Scope>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="sv">Umeå universitet (TEST)</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Umeå University (TEST)</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">
+ Identitsutgivare för anställda och studenter vid Umeå universitet (TEST).
+ </mdui:Description>
+ <mdui:Description xml:lang="en">
+ Identity Provider for employees and students at Umeå University (TEST).
+ </mdui:Description>
+ <mdui:InformationURL xml:lang="sv">http://www.umu.se</mdui:InformationURL>
+ <mdui:InformationURL xml:lang="en">http://www.umu.se/english</mdui:InformationURL>
+ <mdui:Logo xml:lang="sv" height="63" width="358">https://www.umu.se/static/images/umu_logo.jpg</mdui:Logo>
+ <mdui:Logo xml:lang="en" height="63" width="350">https://www.umu.se/static/images/umu_logo_eng.jpg</mdui:Logo>
+ <mdui:Keywords xml:lang="sv">
+ umu umeå+universitet umea+universitet umea+university umeå+university umeå umea
+ </mdui:Keywords>
+ <mdui:Keywords xml:lang="en">
+ umu umeå+universitet umea+universitet umea+university umeå+university umeå umea
+ </mdui:Keywords>
+ </mdui:UIInfo>
+ <mdui:DiscoHints xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DomainHint>umu.se</mdui:DomainHint>
+ <mdui:IPHint>130.239.0.0/16</mdui:IPHint>
+ <mdui:GeolocationHint>geo:63.820554,20.305799</mdui:GeolocationHint>
+ </mdui:DiscoHints>
+ </Extensions>
+ <KeyDescriptor use="encryption">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIFPzCCBCegAwIBAgIQCHbY9n83XT9xy1+U7v4YHDANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wgQ0EgMzAeFw0xNzA0MjEwMDAwMDBaFw0yMDA0MjkxMjAwMDBaMHUxCzAJBgNVBAYTAlNFMQ4wDAYDVQQIDAVVbWXDpTEOMAwGA1UEBwwFVW1lw6UxGjAYBgNVBAoMEVVtZcOlIFVuaXZlcnNpdGV0MSowKAYDVQQDEyF0b2tlbi1kZWNyeXB0aW5nLmZzLnRlc3RhZC51bXUuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1Q6T+plZVtok2jfpfM1DzAilo9zsO2sbUeIeqqFBv/S2FPhJ0PfQj18yNIG1WxSvlyv68BIKTmgYNox9/6Oh9N9s5kVl79XRr+XOwfuO2ZLjrzp7G8+qqxFDull/Gw9dwnzBS+k4EKv+sVx5IOBTvQjKLFwyQ4h9ZbV8K8Ij4XxXXIoi7xwB38SMVtYquhrEAVEfqR10/ncPB16gJKrAIYMwCD7d0tYnW5yYLDmn8vwFdpY4MWp47D5p4MAR5EatNFdmDbzG2rKhei3vp1c++27hPxJzgmgLiuFX/dmUyauNuP9KHc8LKYU2NXUjmxoaPQTYYweIPUXg2X/mFhFxXAgMBAAGjggHaMIIB1jAfBgNVHSMEGDAWgBRn/YggFCeYxwnSJRm76VERY3VQYjAdBgNVHQ4EFgQUcIDKMDgUpSjQ9zeUVdNpcL+r7XswLAYDVR0RBCUwI4IhdG9rZW4tZGVjcnlwdGluZy5mcy50ZXN0YWQudW11LnNlMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL1RFUkVOQVNTTENBMy5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xDQTMuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMG4GCCsGAQUFBwEBBGIwYDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMDgGCCsGAQUFBzAChixodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vVEVSRU5BU1NMQ0EzLmNydDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBgJj0XyQRDZ5oqghPfYsha/8aGBwwHuUSdIpItWZyvJq8h0Mgz8b3sGeuCLAMolOaKbKjzpu0nKQzXjNgZGQLaDY9iEmYiif9EixQ5zEId/XwV/SmA9HcQG5vAhMHbuhgjrG6kmxFrtFy3DL6X7T99zQdkZfmu0XMewN3t2x5IuNQUegNRQFSWqX9an7z8n1tHvefObR6+Q6s/uot7AqDeU0t1qV2P2oyKNlUlfh92j4Lj9R9iPNyd1xxSgBuLwpChNyhtsvOTKpPpuyOJrWRKMX9D0RyZu9HctiH0S/CAbKifmYOCHQDHxLLC77C4LJsYgcB0oSwi495OHQn6F2Sj</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIFOTCCBCGgAwIBAgIQBKWHLemKBpQxbT76jelBTzANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wgQ0EgMzAeFw0xNzA0MjEwMDAwMDBaFw0yMDA0MjkxMjAwMDBaMHIxCzAJBgNVBAYTAlNFMQ4wDAYDVQQIDAVVbWXDpTEOMAwGA1UEBwwFVW1lw6UxGjAYBgNVBAoMEVVtZcOlIFVuaXZlcnNpdGV0MScwJQYDVQQDEx50b2tlbi1zaWduaW5nLmZzLnRlc3RhZC51bXUuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKBaSbszGeXv44Dw+2sHPdq/aGRFOAf8vJJ4wbRYwJ7jnyHrukoZvwE30FE3mmh0QIXyWXmhYO4M0WhMiOeKy3qXW5xQsSRArYBF6Zwd3OY9dvpB/h4GedVJf1bamNvHioKkciEk4n6//2DyCpZzRC77ZxZOmt3bRRFFoler53GaQUcAMar4C75eqA14u5S7XY1UhOyEffIwbjacFR77UNlRYa8m5YRry0fVG96y7u83nQ89mzp9ZigvB4bP6lj4Na6RaqnrowUvJR2/oF2J0xiRivkpSQ8g4dx8PABduXw07OlYzdxJ/hq7PPjg8CHcnnIeb7apRMKdqeZ2C1mG+lAgMBAAGjggHXMIIB0zAfBgNVHSMEGDAWgBRn/YggFCeYxwnSJRm76VERY3VQYjAdBgNVHQ4EFgQUMr5/twZ9e2Kfe0f0X7R+V7LsjvAwKQYDVR0RBCIwIIIedG9rZW4tc2lnbmluZy5mcy50ZXN0YWQudW11LnNlMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL1RFUkVOQVNTTENBMy5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xDQTMuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMG4GCCsGAQUFBwEBBGIwYDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMDgGCCsGAQUFBzAChixodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vVEVSRU5BU1NMQ0EzLmNydDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBoDrOZDFN8DFPm4luIx6H1oPoFWvArthtFlwrVipLMWkzrEygCWNPFVNYzZqJPM1nojNwSl8t+vLSsmfFJOHg+DfY3s4AAgnNeqUX2CPGdxxVLaxIm557uTvEcHaophOX2Uzf01A7DbiqB4vHJ1KxnveqsaCn9JOza7mVoTkQJnXVcZ4Qv19vb9gIOSRgM+xILyr5w/r+XlQhG5b65Oexd2x9KqdeN23r+evjEhjFKiyBHttXfWbOciPAWecTLRrSWdFrslK2LfWzebDwYBJK/Ix9S2DbhJPvMA60E5cdCmDChUDr/K/woKsRK1kTemTvIhSz/Syc2zje7EF1SKSXB</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://adfs.test.umu.se/adfs/services/trust/artifactresolution" index="0"/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs.test.umu.se/adfs/ls/"/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs.test.umu.se/adfs/ls/"/>
+ <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs.test.umu.se/adfs/ls/"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs.test.umu.se/adfs/ls/"/>
+ </IDPSSODescriptor>
+ <ContactPerson contactType="support">
+ <EmailAddress/>
+ <TelephoneNumber/>
+ </ContactPerson>
+</EntityDescriptor>
diff --git a/swamid-2.0/adfs.umu.se-adfs-services-trust.xml b/swamid-2.0/adfs.umu.se-adfs-services-trust.xml
index 767716b9..cadd2208 100644
--- a/swamid-2.0/adfs.umu.se-adfs-services-trust.xml
+++ b/swamid-2.0/adfs.umu.se-adfs-services-trust.xml
@@ -8,615 +8,6 @@
</saml:Attribute>
</attr:EntityAttributes>
</Extensions>
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="Umeå Universitet">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIFNTCCBB2gAwIBAgIQCzf9ZHgJcF7mpwWknUXpMDANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wgQ0EgMzAeFw0xNzA0MjEwMDAwMDBaFw0yMDA0MjkxMjAwMDBaMHAxCzAJBgNVBAYTAlNFMQ4wDAYDVQQIDAVVbWXDpTEOMAwGA1UEBwwFVW1lw6UxGjAYBgNVBAoMEVVtZcOlIFVuaXZlcnNpdGV0MSUwIwYDVQQDExx0b2tlbi1kZWNyeXB0aW5nLmFkZnMudW11LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHj2v6UyLyh+BEkvunK7hOd/UTXTZisraY8aZF6QJVofJ5lEalf79JIjt/g54gHTyrPKQ6j9UzgAkirHZg1KAAPphNOwS/dQPmmm6JBQeWck/Z2S+3eib20BmCw1KPGDNah4DIR9RSl+PQsmlLv8b6S07S63umPAsDW+itLtBn9qHhSkAAH8Ial6NXllZrYiXwSfMjeZ31u9zJlvJAxGOfhgx3g/lZNmK9XfbWHmvqa0IV3GlHRx9GWEZoBv2G8YfZgPGhfFDnby1RRRfCvpAwfXnJielULLGuHrekLXPLBMo08MZazdCe1OYK1Fc4whGCgVWijNua0t5gADFZv22wIDAQABo4IB1TCCAdEwHwYDVR0jBBgwFoAUZ/2IIBQnmMcJ0iUZu+lREWN1UGIwHQYDVR0OBBYEFEmS0NRPSeqHKeED/5IKQaCL+LFzMCcGA1UdEQQgMB6CHHRva2VuLWRlY3J5cHRpbmcuYWRmcy51bXUuc2UwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vVEVSRU5BU1NMQ0EzLmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1RFUkVOQVNTTENBMy5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwbgYIKwYBBQUHAQEEYjBgMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOAYIKwYBBQUHMAKGLGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xDQTMuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBACRze/2X3y8TbHKlz43oFYibuHF+GPcIOAWaDqfWLEBDjbmsGfNYGfpSgoLV3Nk2Jd49t2Ql35lnh74QBi6knYL3/Xt6YP+DG3tJ9Q1/fYo/TrYmE4dBIpdpWhrXa7eLmligAbSErW8mal4BA1A97Pivi/RGn6P5a9P23NH1qV7KaXbINtWf5LZqicz6VBNe0UA9axYBP0iafWH1HiBr3qIwUOBY0GyquuLq40Ick/6BgGi2dV53ZjPJL/IXaU9BOSLQF1n3kI2UeE4+6rEpSiN23T7eBRz4/Cue/SIENZKYh1ZPXsSRgb68gcCjlsR9Oju1GAgwVaButtEzfXFlhhc=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:ClaimTypesRequested>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
- <auth:DisplayName>Client IP</auth:DisplayName>
- <auth:Description>IP address of the client</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
- <auth:DisplayName>Endpoint Path</auth:DisplayName>
- <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2013/11/alternateloginid" Optional="true">
- <auth:DisplayName>Alternate Login ID</auth:DisplayName>
- <auth:Description>Alternate login ID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://umu.se/schemas/claims/telephonenumber" Optional="true">
- <auth:DisplayName>Telephone Number</auth:DisplayName>
- <auth:Description>Telefonnummer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://umu.se/schemas/claims/DistinguishedName" Optional="true">
- <auth:DisplayName>DistinguishedName</auth:DisplayName>
- <auth:Description>DistinguishedName ldap attributed. Definierad av Erik Jonsson primärt för att avgöra om en person är dold</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://umu.se/schemas/claims/thumbnailphoto" Optional="true">
- <auth:DisplayName>thumbnailPhoto</auth:DisplayName>
- </auth:ClaimType>
- </fed:ClaimTypesRequested>
- <fed:TargetScopes>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.umu.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.umu.se/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.umu.se/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.umu.se/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.umu.se/adfs/ls/</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>http://adfs.umu.se/adfs/services/trust</Address>
- </EndpointReference>
- </fed:TargetScopes>
- <fed:ApplicationServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.umu.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- </fed:ApplicationServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.umu.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:SecurityTokenServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="Umeå Universitet">
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIFLzCCBBegAwIBAgIQAfTYranwbnd8TM7tB8paNTANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wgQ0EgMzAeFw0xNzA0MjEwMDAwMDBaFw0yMDA0MjkxMjAwMDBaMG0xCzAJBgNVBAYTAlNFMQ4wDAYDVQQIDAVVbWXDpTEOMAwGA1UEBwwFVW1lw6UxGjAYBgNVBAoMEVVtZcOlIFVuaXZlcnNpdGV0MSIwIAYDVQQDExl0b2tlbi1zaWduaW5nLmFkZnMudW11LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGw6PELjzKfWRNIdhOJ9YDC+JMCv2d64FjzALVTpUVmb3bjgC/Gyzmn/mjZx5tgZayIq+F/f7zs6Hhe4StbAshScwosH0O82iEoHYAKck9QL2bmjQeQ4sbv5TcUIAZv4/VRVQFGUCcOVEJGpGebUGk0WJac9p2swOEE3djURIMuAuDNsnX/gn00DBUbCOjLVU7S977EbZbx7BpNXQveheaxoFFVOo/TjPJJKsxaW7aUGrSq12SJh4EvnIdxel5nzsHUMVstyvsGfM9a2HTE5/BH66nQdP2xhEFg7QuJzPqAqHqs+C37JlxRLwFk4LWFk4OxvEWQmROJgezC27Qx+lwIDAQABo4IB0jCCAc4wHwYDVR0jBBgwFoAUZ/2IIBQnmMcJ0iUZu+lREWN1UGIwHQYDVR0OBBYEFI/AJm2doFUDKNT2wl6IKlW9lu32MCQGA1UdEQQdMBuCGXRva2VuLXNpZ25pbmcuYWRmcy51bXUuc2UwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vVEVSRU5BU1NMQ0EzLmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1RFUkVOQVNTTENBMy5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwbgYIKwYBBQUHAQEEYjBgMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOAYIKwYBBQUHMAKGLGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xDQTMuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBAKVVQLj7DotlFWf0v4hajVuDwxKCT65CB41MJeIdsHDtmHheRXJ/mLV7XNaLRnNDsk+a+pXbwINHzBiZvjBR1YhvzuwX3IPbajv3YMxG8/KlHmNFtfMmj9l1fsXXKCpO2YFy0dOq39qnUbcJZbDDOLriSxH3Zf7lt3BL3W80ZHQdgkBpu4NA+N/Y5Md2BkG9epHByro7RgElamqdV4HtmTtci92tBK6D9ppm6xku9GAUKikZdXDurGB+ueB/Zm+J8tWRSEQeNe498HkFmLM1AzU6tQJQhcLJYcp0x+FwW8wh2sCRWC2e7r2TN/WtFfQAQEo2k9CLM3jk+UGy5thdAGg=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:TokenTypesOffered>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:2.0:assertion"/>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion"/>
- </fed:TokenTypesOffered>
- <fed:ClaimTypesOffered>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
- <auth:DisplayName>Client IP</auth:DisplayName>
- <auth:Description>IP address of the client</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
- <auth:DisplayName>Endpoint Path</auth:DisplayName>
- <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2013/11/alternateloginid" Optional="true">
- <auth:DisplayName>Alternate Login ID</auth:DisplayName>
- <auth:Description>Alternate login ID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://umu.se/schemas/claims/telephonenumber" Optional="true">
- <auth:DisplayName>Telephone Number</auth:DisplayName>
- <auth:Description>Telefonnummer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://umu.se/schemas/claims/DistinguishedName" Optional="true">
- <auth:DisplayName>DistinguishedName</auth:DisplayName>
- <auth:Description>DistinguishedName ldap attributed. Definierad av Erik Jonsson primärt för att avgöra om en person är dold</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://umu.se/schemas/claims/thumbnailphoto" Optional="true">
- <auth:DisplayName>thumbnailPhoto</auth:DisplayName>
- </auth:ClaimType>
- </fed:ClaimTypesOffered>
- <fed:SecurityTokenServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.umu.se/adfs/services/trust/2005/certificatemixed</Address>
- <Metadata>
- <Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataSection xmlns="" Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataReference>
- <Address xmlns="http://www.w3.org/2005/08/addressing">https://adfs.umu.se/adfs/services/trust/mex</Address>
- </wsx:MetadataReference>
- </wsx:MetadataSection>
- </Metadata>
- </Metadata>
- </EndpointReference>
- </fed:SecurityTokenServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs.umu.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<Extensions xmlns:shibmd="urn:mace:shibboleth:metadata:1.0">
<shibmd:Scope xmlns="" regexp="false">umu.se</shibmd:Scope>
@@ -660,73 +51,6 @@
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs.umu.se/adfs/ls/"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs.umu.se/adfs/ls/"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Registered User"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration DisplayName"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS type"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS Version"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Managed Device"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Forwarded Client IP"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Application"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client User Agent"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client IP"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Endpoint Path"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Proxy"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application policies"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authority Key Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Basic Constraint"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Enhanced Key Usage"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Key Usage"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not After"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not Before"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Policies"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Public Key"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Raw Data"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Alternative Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Serial Number"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Signature Algorithm"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Key Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V2 Template Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V1 Template Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Thumbprint"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="X.509 Version"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Inside Corporate Network"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Time"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Days"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Update Password URL"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication Methods References"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Request ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2013/11/alternateloginid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Alternate Login ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://umu.se/schemas/claims/telephonenumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Telephone Number"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://umu.se/schemas/claims/DistinguishedName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="DistinguishedName"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://umu.se/schemas/claims/thumbnailphoto" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="thumbnailPhoto"/>
</IDPSSODescriptor>
<Organization>
<OrganizationName xml:lang="sv">Umeå universitet</OrganizationName>
diff --git a/swamid-2.0/adfs01.fhs.se-adfs-services-trust.xml b/swamid-2.0/adfs01.fhs.se-adfs-services-trust.xml
deleted file mode 100644
index cb1130e4..00000000
--- a/swamid-2.0/adfs01.fhs.se-adfs-services-trust.xml
+++ /dev/null
@@ -1,108 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="http://adfs01.fhs.se/adfs/services/trust">
- <Extensions>
- <attr:EntityAttributes xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute">
- <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
- <saml:AttributeValue>http://refeds.org/category/hide-from-discovery</saml:AttributeValue>
- </saml:Attribute>
- </attr:EntityAttributes>
- </Extensions>
- <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
- <Extensions>
- <shibmd:Scope regexp="false">fhs.se</shibmd:Scope>
- <shibmd:Scope regexp="false">student.fhs.se</shibmd:Scope>
- <shibmd:Scope regexp="false">op.fhs.se</shibmd:Scope>
- <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
- <mdui:DisplayName xml:lang="sv">Försvarshögskolan (gammal)</mdui:DisplayName>
- <mdui:DisplayName xml:lang="en">Swedish National Defence College (old)</mdui:DisplayName>
- <mdui:Description xml:lang="sv">Identity Provider för Försvarshögskolan</mdui:Description>
- <mdui:Description xml:lang="en">Identity Provider for Swedish National Defence College</mdui:Description>
- <mdui:InformationURL xml:lang="sv">http://www.fhs.se</mdui:InformationURL>
- <mdui:InformationURL xml:lang="en">http://www.fhs.se/en/</mdui:InformationURL>
- <mdui:Logo xml:lang="sv" height="118" width="106">https://www.fhs.se/files/sidhuvud/logotyp-sv.jpg</mdui:Logo>
- <mdui:Logo xml:lang="en" height="116" width="103">https://www.fhs.se/files/sidhuvud/logotyp-en.jpg</mdui:Logo>
- <mdui:Keywords xml:lang="sv">fhs</mdui:Keywords>
- <mdui:Keywords xml:lang="en">fhs</mdui:Keywords>
- </mdui:UIInfo>
- <mdui:DiscoHints xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
- <mdui:DomainHint>fhs.se</mdui:DomainHint>
- </mdui:DiscoHints>
- </Extensions>
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC3DCCAcSgAwIBAgIQO7k5W9bEBJdDpzGopgV4OzANBgkqhkiG9w0BAQsFADAqMSgwJgYDVQQDEx9BREZTIEVuY3J5cHRpb24gLSBhZGZzMDEuZmhzLnNlMB4XDTE1MTIwNDAwMTgxN1oXDTE2MTIwMzAwMTgxN1owKjEoMCYGA1UEAxMfQURGUyBFbmNyeXB0aW9uIC0gYWRmczAxLmZocy5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALfykzr9WnvSwX4yhG6rLbTwvvAXcvMWyUcbV5usDITt2FpdPyD7eMOJVoefIimvQGQ3JKlnoKwsTBMNZGJIaKXNRX06rYjOr2Isip0f7BLxiHXAJcif80MLqeuXRGELa0Z5en3irAscOGOWtpxYebslAAhZZqjOUbU4BlvutwCPa/FIqPhLhWoWkfXy8/Bs1VYnSCWCAO5UTRFzRi3K8glKy/1NFiP90LapP+/V1U+Zr3/rGg+2usWFjADPEFjFj7bnFC2pmxuEQf0F0XFC6s8mbXOOcsHGqvKrsQdgeqfBJMHofhh0hkTA9Gsl8TP4yRT5NQ80EA8ry6Zko6TmcC8CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEANAq63e5sekNfz1PnSG1dLGa9xpMCz3Nk5IyPb5ED7hrPXHXZG2FXRJDXHm2ux0yIOhS0uLkoApAupXiE87pga/6aPod2fSGbBgihRIBNRuAr7g7HjL5w5N0gZPEzby3fYqFR0L4qRxALWbnYfFAjPbY+KfRs86TVgSBFoSY6N5+MYGtcoAL7wl0TRO3aua8uHsTZp8pZ4/CxSmLL1tC1abVuoqD7EcwWJq0tRdrI7UM1vjAWiLMvsp3XS+7LHvZXVXnYnp/rVpSnkA8C7ApthhV7s4ms2ecUYUO1t8AHBgYRQ/kme0Twd7SddHyAwN/PZVGwu3bPIPbUgg374YP69g==</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC1jCCAb6gAwIBAgIQYSuOi8k52qFDiHIcmLzhUzANBgkqhkiG9w0BAQsFADAnMSUwIwYDVQQDExxBREZTIFNpZ25pbmcgLSBhZGZzMDEuZmhzLnNlMB4XDTE0MTIyMzIxNDgxMVoXDTE1MTIyMzIxNDgxMVowJzElMCMGA1UEAxMcQURGUyBTaWduaW5nIC0gYWRmczAxLmZocy5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKeZpLVFfRtz3BFIEKaCOcf0w3041Vna4JAhxKT9hkhMW5TSh2S7hcgBiRm6Q2olmBtc+KMN9ReJT1ZJzQUa27qaGRepO/M+isJk4QqL9zOX/BpYFEWTRYMLlqqukZBhtwdtluIMCJlAClccRSikCx+bGN+fcPwfrv3T2y+C+MMp8GIN/QWJf97GEP5XR9VooItR8+nkUm1FOkvKMr5xFwZfilXQTzDer3Z42yMYRpr8rw7QdMJP11A7v7NIZTYRQIU+Qi0uPsvRI5FI7IG3NWyepslS1vwjU/dpKeBUYLQwwRxvV09YX+ULSKpClm2oZ7LuE/vt7Bok6vnPa3TG+i0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAktHUw5HNOOH/ETVIeAgdi5FXq5e8maX8Qe5vFsWRWPTP9MygRwNajY07XpXQmw2CKbAzY6ZD2RoA7g9swBpCcNYuJmAnA3LtyFiRrog/+XzWeRt7tbqDjiYZiBdVD84JbfVMD3q0Pi4iLn+KPAmYajYAzftf1vKr/fvwFt2D2eR+sXefEmcwNPSFFma0umEgSajxiN4gdTA3ZMTNV1J5tv1cwb9TYx0mDHP+FCwsEE2bHsDk5CDBWpgFVvEiQwfra1amz+BIPWG5Nln9bedfE0BjdGH5OK424DBwBTygzBV8OM9jB7dOcaA+0K0/UduM+ka42XxP7WFrq3VKmGfCbg==</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC1jCCAb6gAwIBAgIQMXP1/ezaSIZIOp/pjOiCgDANBgkqhkiG9w0BAQsFADAnMSUwIwYDVQQDExxBREZTIFNpZ25pbmcgLSBhZGZzMDEuZmhzLnNlMB4XDTE1MTIwNDAwMTgyMloXDTE2MTIwMzAwMTgyMlowJzElMCMGA1UEAxMcQURGUyBTaWduaW5nIC0gYWRmczAxLmZocy5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALdO7kcKNsClDGcJNKysS7MxE6iNlMAYxIkoJju5qvxjazuHxKmOzScYv1x83pw0VhJRg3psmus52tynauQ0Rvsba8F7Ngk6W9e21MbPjpMdF68k2x0zWnNpg+fMDoEWTds5S6QNUzsKp3eaI2tkMny8Ng33ZD2XvjkG/T7BDkIeH1aZvA1COBqNPx0WS7usc9LYtdNghdn24H7ZlcPCokZJbeDnbuUNS7c/mjQLXKKExUFcoEKduEeUF3zeT2D531TSLNwiJ9iQJ9rRFWK7hrgr2oP+sdojvoeI8cwP/TSGWfvDoU1sRZ9qTlSN+b0W/MnSkdKBzRjTCMpRa/ABvWkCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAo9sQIrRQ3uEENG/oyrmV65NUb3Ta9fd28VHq1Rk/M5UUeqzsO6Agyt3YBAdaeRgGw8l6NBG+XFyNjLsGY9gND64gQF+65zSrEwdbwqEFciR0ZNVw1E3Bqq7W4MjeH4EtG5eTplvR3A77vfKy/vFXn13draGgZOX7e2mJ/CNK4drUYNvMorf2+ZcP1FjvypV91bY8g168+0lZYHGYrmy4ajVBvFZ82LJuW2OCZ4KPLIY51qpNiMeikePzUNc6/CKJ0zLq4bRRSy2kCyj0Pq2dwV+N0WAVGFJ8uxDRZx7AFG5+JcajSyDYHVVjUIzzqS8UDVV7/XWAQmWcEU4eNid1Hg==</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://adfs01.fhs.se/adfs/services/trust/artifactresolution" index="0"/>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs01.fhs.se/adfs/ls/"/>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs01.fhs.se/adfs/ls/"/>
- <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
- <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://adfs01.fhs.se/adfs/ls/"/>
- <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs01.fhs.se/adfs/ls/"/>
- <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs01.fhs.se/adfs/ls/"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/eduPersonScopedAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonScopedAffiliation"/>
- </IDPSSODescriptor>
- <Organization>
- <OrganizationName xml:lang="sv">Försvarshögskolan (gammal)</OrganizationName>
- <OrganizationDisplayName xml:lang="sv">Försvarshögskolan (gammal)</OrganizationDisplayName>
- <OrganizationDisplayName xml:lang="en">Swedish National Defence College (old)</OrganizationDisplayName>
- <OrganizationURL xml:lang="sv">http://www.fhs.se/</OrganizationURL>
- </Organization>
- <ContactPerson contactType="administrative">
- <Company>Swedish Defence University</Company>
- <SurName>FHS IT Helpdesk</SurName>
- <EmailAddress>mailto:helpdesk@fhs.se</EmailAddress>
- <TelephoneNumber>+46 8 55342545</TelephoneNumber>
- </ContactPerson>
- <ContactPerson contactType="technical">
- <Company>Swedish Defence University</Company>
- <SurName>FHS IT Helpdesk</SurName>
- <EmailAddress>mailto:helpdesk@fhs.se</EmailAddress>
- <TelephoneNumber>+46 8 55342545</TelephoneNumber>
- </ContactPerson>
- <ContactPerson contactType="support">
- <Company>Swedish Defence University</Company>
- <SurName>FHS IT Helpdesk</SurName>
- <EmailAddress>mailto:helpdesk@fhs.se</EmailAddress>
- <TelephoneNumber>+46 08 55342545</TelephoneNumber>
- </ContactPerson>
-</EntityDescriptor>
diff --git a/swamid-2.0/adfs2.gu.se-adfs-services-trust.xml b/swamid-2.0/adfs2.gu.se-adfs-services-trust.xml
index 5ee0236e..e58ea3a7 100644
--- a/swamid-2.0/adfs2.gu.se-adfs-services-trust.xml
+++ b/swamid-2.0/adfs2.gu.se-adfs-services-trust.xml
@@ -7,585 +7,6 @@
</saml:Attribute>
</mdattr:EntityAttributes>
</Extensions>
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="University of Gothenburg">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC2DCCAcCgAwIBAgIQM06GzTwZGKBOy3O+UkukDTANBgkqhkiG9w0BAQsFADAoMSYwJAYDVQQDEx1BREZTIEVuY3J5cHRpb24gLSBBREZTMi5ndS5zZTAeFw0xNzEyMDcwOTUyMDZaFw0yMjEyMDgwOTUyMDZaMCgxJjAkBgNVBAMTHUFERlMgRW5jcnlwdGlvbiAtIEFERlMyLmd1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JAY9DJKYcs81xFYsMK8OKDUvH65G96QBgLphPniK5USaRHm9WJiqDNlN4mqWTxZ0KWmL+msOeET4w8QFc9RMT8roGwTuJjxjfOSq7qqQawdyCk6BXbWx9t2gXJpyI6MLGu+hLlBBZG8EXx7deFiGWq0XAauSC9a4TYpPuAmFdHouP9MTAZPgRnrYtRgzpKx9VV1Hxx8g2uIhKB5tcJuN/TunafzffvAYL7u4zK1OgnHuc/JP2zG66QmMcAujA8TRn/CMwgVzCZn+Wqutb/VJ8ieMXKCTCE+V1bG6/SD2ahZiPKp/5yrDqCmOHPUrxzfGhjeTFQxeE+QLg2fUJqBTQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAn/Z/dissmo6rg5oesZFt+IoPQIC1n5sGXuXJOgxowErjuRFKtuuQZaSqs53KYmYkhgCdG0dt7oirB2yLae17V7z+3eU4gOJmQmMqE7QVxrxQa7tHAjCNHNIo4rMtoZ7p6/6lLqcbcsuqh35m/Zp5Kbd8dvkJbBw6yP+mIuU0HbeMdegigmiOXpXlEm/n9vKOcy8F0dwoN1OV9yKrkhAmbzaEG05zjzILieWtpnQTPJRgFxePRlA9mGxfwRMai4EGYIowq17r9Xmvy/sIC7oUmq4hA59tXt7DGT9LxAzz5qPWNQ2yy3UZ8LIu6+sq4JHTsziIHmBIeT+HT+mnjnbLC</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:ClaimTypesRequested>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
- <auth:DisplayName>Client IP</auth:DisplayName>
- <auth:Description>IP address of the client</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
- <auth:DisplayName>Endpoint Path</auth:DisplayName>
- <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- </fed:ClaimTypesRequested>
- <fed:TargetScopes>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs2.gu.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs2.gu.se/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs2.gu.se/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs2.gu.se/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs2.gu.se/adfs/ls/</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>http://adfs2.gu.se/adfs/services/trust</Address>
- </EndpointReference>
- </fed:TargetScopes>
- <fed:ApplicationServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs2.gu.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- </fed:ApplicationServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs2.gu.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:SecurityTokenServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="University of Gothenburg">
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC0jCCAbqgAwIBAgIQPMl2RnOtP6xBlIJBZ/C1yjANBgkqhkiG9w0BAQsFADAlMSMwIQYDVQQDExpBREZTIFNpZ25pbmcgLSBBREZTMi5ndS5zZTAeFw0xNzEyMDcwOTUyMDdaFw0yMjEyMDgwOTUyMDdaMCUxIzAhBgNVBAMTGkFERlMgU2lnbmluZyAtIEFERlMyLmd1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaWV/pBJYm/6adoiGM3jFvLui4FQemawNYeXKm9CHKeWYKIQPVLyMCAptjXIvAbOBROPlK+6sJ2uhPamPEI99Xsd0PQ+CTutnEGbK38bK5+TgkHNGLeiBMXySCDRohDsFDEFX2Jiwajy7g/JxagH68GuSwKGQ2M7NCBpcfHWVC8nSiCdnzjBVdPwN0Fq3NY0BOqp0bFcr8GEhgJibWO3mfP9r2GUnGDovkpVPNfwaIpyAAl3s4Cy3DP+V7WHgpcaDWeIld9RnGm9x9XvAv6icP00WV8TanK0oZo1XHAxHSW1yc0mcI35FQRQ+GjIhJVYGDx4cNVD1gwA9kN1p+UP9QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCgWPSNaE0wg6dEF8xpcNZdSPjLWGMtk7N8U7OwvE2Hxfz9p/Pk97c2G3ei56kiF9Lu91N/yjQXw0I3/bDqkNFe6BODFHb1drQBaQwQ/xWh5bizpCWJkSYS672yQgu4xQReT8TEE+OG1r3stt3d01UPIEJGSj3i8qWWPwWZSxkIhRP6lOgOSLevJnqVRaeWsUmocHNdJxfFTHPEA9Bx6wplufdJGtL9cxUOif2xcYDGG+9vVgDeeApseFQ9a22RLnJkMcC/XmBYBSZrmk8r37uOipUvM/AuCTOHekQseaIEu+TiHw1bVnehSEGAZPGTFWa41TbzacRnaQrZiKthVeeO</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:TokenTypesOffered>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:2.0:assertion"/>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion"/>
- </fed:TokenTypesOffered>
- <fed:ClaimTypesOffered>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
- <auth:DisplayName>Client IP</auth:DisplayName>
- <auth:Description>IP address of the client</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
- <auth:DisplayName>Endpoint Path</auth:DisplayName>
- <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- </fed:ClaimTypesOffered>
- <fed:SecurityTokenServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs2.gu.se/adfs/services/trust/2005/certificatemixed</Address>
- <Metadata>
- <Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataSection xmlns="" Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataReference>
- <Address xmlns="http://www.w3.org/2005/08/addressing">https://adfs2.gu.se/adfs/services/trust/mex</Address>
- </wsx:MetadataReference>
- </wsx:MetadataSection>
- </Metadata>
- </Metadata>
- </EndpointReference>
- </fed:SecurityTokenServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://adfs2.gu.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<KeyDescriptor use="encryption">
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
@@ -608,69 +29,6 @@
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs2.gu.se/adfs/ls/"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs2.gu.se/adfs/ls/"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Registered User"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration DisplayName"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS type"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS Version"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Managed Device"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Forwarded Client IP"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Application"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client User Agent"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client IP"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Endpoint Path"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Proxy"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application policies"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authority Key Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Basic Constraint"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Enhanced Key Usage"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Key Usage"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not After"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not Before"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Policies"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Public Key"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Raw Data"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Alternative Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Serial Number"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Signature Algorithm"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Key Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V2 Template Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V1 Template Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Thumbprint"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="X.509 Version"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Inside Corporate Network"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Time"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Days"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Update Password URL"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication Methods References"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Request ID"/>
</IDPSSODescriptor>
<Organization>
<OrganizationName xml:lang="sv">Göteborgs universitet</OrganizationName>
diff --git a/swamid-2.0/app.sh.se.xml b/swamid-2.0/app.sh.se.xml
new file mode 100644
index 00000000..7e245de1
--- /dev/null
+++ b/swamid-2.0/app.sh.se.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://app.sh.se">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <samla:AttributeValue>http://www.swamid.se/category/sfs-1993-1153</samla:AttributeValue>
+ </samla:Attribute>
+ </mdattr:EntityAttributes>
+ </md:Extensions>
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="en">Sodertorn University AL2 authentication service</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="sv">Södertörns Högskolas AL2 autentiseringsservice</mdui:DisplayName>
+ <mdui:Description xml:lang="en">To ensure student SWAMID/SUNET AL2-compliance</mdui:Description>
+ <mdui:Description xml:lang="sv">Säkerställande av students identitet enligt SWAMID/SUNET AL2-standard</mdui:Description>
+ <mdui:Logo xml:lang="en" height="116" width="350">https://app.sh.se/spinfo/logo_en.png</mdui:Logo>
+ <mdui:Logo xml:lang="sv" height="116" width="350">https://app.sh.se/spinfo/logo_sv.png</mdui:Logo>
+ <mdui:InformationURL xml:lang="en">https://app.sh.se/spinfo/index_en.html</mdui:InformationURL>
+ <mdui:InformationURL xml:lang="sv">https://app.sh.se/spinfo/index_sv.html</mdui:InformationURL>
+ </mdui:UIInfo>
+ </Extensions>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDajCCAlICCQDAdpOPJpYObTANBgkqhkiG9w0BAQsFADB3MQswCQYDVQQGEwJT
+RTESMBAGA1UECBMJU29kZXJ0b3JuMRUwEwYDVQQHEwxGbGVtaW5nc2JlcmcxHDAa
+BgNVBAoTE1NvZGVydG9ybnMgSG9nc2tvbGExCzAJBgNVBAsTAml0MRIwEAYDVQQD
+EwlhcHAuc2guc2UwHhcNMTgwNjAxMDcyOTUwWhcNMTkwNjAxMDcyOTUwWjB3MQsw
+CQYDVQQGEwJTRTESMBAGA1UECBMJU29kZXJ0b3JuMRUwEwYDVQQHEwxGbGVtaW5n
+c2JlcmcxHDAaBgNVBAoTE1NvZGVydG9ybnMgSG9nc2tvbGExCzAJBgNVBAsTAml0
+MRIwEAYDVQQDEwlhcHAuc2guc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQDA5k31L//yMNaSBMtnM8jhYvjGYvcsAJKGwejRACoUlozke6WBGTfR3Rvk
+mrKY9FrlKfA4yxBSuemKan68EjCEdq6kKhcx96BAmheRgbGL8o/RbImhk+7WGXGc
+mq0DYcMGEb5n0tJ6jCgOQM+xjqAxyrLdaEHZytWLhAvV7Gi/5RjsXgUmFdWEl1Eb
+oHnCExQm0STFWBPz9b3FsXQr3l0knMUSStx8swH+BcTYN+y0Kxjt+jEoYOl0ylTw
+cOu+jmBIiQqf6R0QdzLRgaxm8Wtuqou2Sp4AFUk3HKtzlme/P5UF5DpZ8utj3B+M
+2g1c9l5Uf2F+kV54qL3YfyMxR8BhAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAFJC
+aOOHaSTSzfJZWeEOUU9WncMTTTBb7TIxX/P7e9HwettXz6dl8mi77mPNcUvTXyGR
+E7eR/wAFIYv/KO2Azb5AAA8FInNhXrkDdZ2Pg2rit6qo4xL7X9Kj43rqR6y/ueY7
+frxKhGdkjgj/kKJEQjn5qmJ5oy9CbEC4PeDVkN3cw6eIjKhpOx7SosMkTDCiqwWO
+c+39hicQnAwDP2Umuz1Nkl/puI8iX1Nba5Aw9Ku/n7ax2bx7j8YWU5TOLNMwL6Oo
+9gw/BbLEX5wo0TUiO4JjHXxcMtLoXnPTOAdh5juTJ4hQdPTCNDHAZIJK1qnxJnVq
+/II8hoYmxH6/aSTCcjo=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService index="1" isDefault="true" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://app.sh.se/auth/callback"/>
+ </SPSSODescriptor>
+</EntityDescriptor>
diff --git a/swamid-2.0/aqtest.port.se-shibboleth.xml b/swamid-2.0/aqtest.port.se-shibboleth.xml
index 0347155a..6481d884 100644
--- a/swamid-2.0/aqtest.port.se-shibboleth.xml
+++ b/swamid-2.0/aqtest.port.se-shibboleth.xml
@@ -1,8 +1,4 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!--
-This is example metadata only. Do *NOT* supply it as is without review,
-and do *NOT* provide it in real time to your partners.
- -->
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://aqtest.port.se/shibboleth">
<md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
@@ -24,13 +20,14 @@ and do *NOT* provide it in real time to your partners.
</md:Extensions>
<md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
<md:Extensions>
- <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://aqtest.port.se/Shibboleth.sso/Login"/>
- <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://aqtest.port.se/Shibboleth.sso/Login" index="1"/>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://aqtest.port.se/Shibboleth.sso/Login-ltv"/>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://aqtest.port.se/Shibboleth.sso/Login-lu"/>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://aqtest.port.se/Shibboleth.sso/Login-ki"/>
<mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
<mdui:DisplayName xml:lang="sv">Klara</mdui:DisplayName>
<mdui:DisplayName xml:lang="en">Klara</mdui:DisplayName>
- <mdui:Description xml:lang="sv">Kemikaliehanteringssystem för Uppsala universitet.</mdui:Description>
- <mdui:Description xml:lang="en">Chemical information system for Uppsala university.</mdui:Description>
+ <mdui:Description xml:lang="sv">Kemikaliehanteringssystem för tester</mdui:Description>
+ <mdui:Description xml:lang="en">Chemical information system for tests</mdui:Description>
<mdui:InformationURL xml:lang="en">https://www.example.se/info/about.html</mdui:InformationURL>
<mdui:PrivacyStatementURL xml:lang="sv">https://www.example.se/info/integritet.html</mdui:PrivacyStatementURL>
<mdui:PrivacyStatementURL xml:lang="en">https://www.example.se/info/privacy.html</mdui:PrivacyStatementURL>
@@ -77,6 +74,10 @@ bfjFoe6/viT7p/XJQPt6Zgga/NNt7mvOy+4i9FZ32dZu30DJx323OTFY03eTPmb2
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://aqtest.port.se/Shibboleth.sso/SLO/Redirect"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aqtest.port.se/Shibboleth.sso/SLO/POST"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://aqtest.port.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aqtest.port.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://aqtest.port.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aqtest.port.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://aqtest.port.se/Shibboleth.sso/NIM/Artifact"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aqtest.port.se/Shibboleth.sso/SAML2/POST" index="1"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://aqtest.port.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://aqtest.port.se/Shibboleth.sso/SAML2/ECP" index="4"/>
diff --git a/swamid-2.0/auth.asiaportal.info.xml b/swamid-2.0/auth.asiaportal.info.xml
index 99b738c9..665fce8a 100644
--- a/swamid-2.0/auth.asiaportal.info.xml
+++ b/swamid-2.0/auth.asiaportal.info.xml
@@ -41,6 +41,11 @@
<md:RequestedAttribute FriendlyName="eduPersonTargetedID" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
</md:AttributeConsumingService>
</md:SPSSODescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">Nordic Institute of Asian Studies</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="en">NIAS - Nordic Institute of Asian Studies</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">http://www.nias.ku.dk</md:OrganizationURL>
+ </md:Organization>
<md:ContactPerson contactType="technical">
<md:GivenName>Administrator</md:GivenName>
<md:EmailAddress>mailto:bib@nias.ku.dk</md:EmailAddress>
diff --git a/swamid-2.0/dev-us.cloudmore.com-shibboleth.xml b/swamid-2.0/dev-us.cloudmore.com-shibboleth.xml
index b0da9209..f42f4e6d 100644
--- a/swamid-2.0/dev-us.cloudmore.com-shibboleth.xml
+++ b/swamid-2.0/dev-us.cloudmore.com-shibboleth.xml
@@ -30,7 +30,7 @@
<mdui:Description xml:lang="en">Cloud Brokerage Platform for IT, Business and Public Sector</mdui:Description>
<mdui:InformationURL xml:lang="en">http://web.cloudmore.com/</mdui:InformationURL>
<mdui:Logo xml:lang="en" height="300" width="300">https://us.cloudmore.com/Files/Uploads/Shibboleth/Cloudmore-green-icon.png</mdui:Logo>
- <mdui:PrivacyStatementURL xml:lang="en">https://web.cloudmore.com/hubfs/terms/Cloudmore%20Privacy%20Policy%20v2017-04.pdf</mdui:PrivacyStatementURL>
+ <mdui:PrivacyStatementURL xml:lang="en">http://web.cloudmore.com/privacy/cloudmore-data-processing-terms</mdui:PrivacyStatementURL>
</mdui:UIInfo>
<init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://dev-us.cloudmore.com/Shibboleth.sso/Login"/>
</md:Extensions>
diff --git a/swamid-2.0/dev.cloudmore.com-shibboleth.xml b/swamid-2.0/dev.cloudmore.com-shibboleth.xml
index 103fad4a..5a64e410 100644
--- a/swamid-2.0/dev.cloudmore.com-shibboleth.xml
+++ b/swamid-2.0/dev.cloudmore.com-shibboleth.xml
@@ -32,7 +32,7 @@
<mdui:Description xml:lang="en">Cloud Brokerage Platform for IT, Business and Public Sector</mdui:Description>
<mdui:InformationURL xml:lang="en">http://web.cloudmore.com/</mdui:InformationURL>
<mdui:Logo xml:lang="en" height="300" width="300">https://cloudmore.com/Files/Uploads/Shibboleth/Cloudmore-green-icon.png</mdui:Logo>
- <mdui:PrivacyStatementURL xml:lang="en">https://web.cloudmore.com/hubfs/terms/Cloudmore%20Privacy%20Policy%20v2017-04.pdf</mdui:PrivacyStatementURL>
+ <mdui:PrivacyStatementURL xml:lang="en">http://web.cloudmore.com/privacy/cloudmore-data-processing-terms</mdui:PrivacyStatementURL>
</mdui:UIInfo>
</md:Extensions>
<md:KeyDescriptor>
diff --git a/swamid-2.0/flax.nettst.chalmers.se-adfs-services-trust.xml b/swamid-2.0/flax.nettst.chalmers.se-adfs-services-trust.xml
index 4cb077b4..c6c643f9 100644
--- a/swamid-2.0/flax.nettst.chalmers.se-adfs-services-trust.xml
+++ b/swamid-2.0/flax.nettst.chalmers.se-adfs-services-trust.xml
@@ -1,272 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="http://flax.nettst.chalmers.se/adfs/services/trust">
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="flax.nettst.chalmers.se">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC8jCCAdqgAwIBAgIQEgxsWVI5MItMDSw3vtRQPzANBgkqhkiG9w0BAQUFADAiMSAwHgYDVQQDExdmbGF4Lm5ldHRzdC5jaGFsbWVycy5zZTAeFw0xMzAxMTUwODMwMjdaFw0xNDAxMTUwMDAwMDBaMCIxIDAeBgNVBAMTF2ZsYXgubmV0dHN0LmNoYWxtZXJzLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBoO28F8VHPDFxcpDb/936530RM//0xFM/bfxC5AIZn7btoteg0OX7Z4p0FPFlbu/Nb+BRZSElKfp5VIRnZUHORIwtkKWfJU/do1hs80aNXnXzlqCIvIHkB9yuyOEqRAJ3OaccSrr6zi2YoSBEhUeFEbGHo6ItCol+kKZvtofW7IPvmlEm8DZNt/Rs8jbORJuLZ3CMOJsJnLEzQ+tDfj8cf+6dHffMh8kPJWINwMEDa2fWl461ft9AD3MSyzELKmmCY4NFnlDWFZQ4FRz91YAAStHQGdbprCVJ3GS/FOVfLwXn7rbJ9KQZBOpTnQ6FwKrk73fJvrbFsP/uC0wj/LSQIDAQABoyQwIjALBgNVHQ8EBAMCBDAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQEFBQADggEBAEhg3NsqmIK1VBJezXFi1hrLt9oz011OzDBblbnAjnUkskwkFcIN8n9RSAYlxBm9FJ61zWhWrVxVGMIlNIVO95JqsfY4AGcpmP2295aPIYgh0B9N+jZGotCEUKtAuYxZZxZtk63Zd1KG2FVRHIolKg9beewBMOZ7U/112GaATyrCdKoz1Isd2LycSi5HjI0s5Qil7CkIVmvYOOZeatNSdhvJl4Hn2CxP2vczjZQn+zWmVaAt5fqsj5QDv8AKCi6oLJXGdxhxn7mJEE9St4yz3uEove+graDBwnkh+O4lrEPceE0yWd7sXIbheQOjEIRLbmEs4/6jYN6VUoXyScMi9bI=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:ClaimTypesRequested>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or ADFS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or ADFS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of &lt;domain&gt;\&lt;user&gt;</auth:Description>
- </auth:ClaimType>
- </fed:ClaimTypesRequested>
- <fed:TargetScopes>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://flax.nettst.chalmers.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://flax.nettst.chalmers.se/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://flax.nettst.chalmers.se/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://flax.nettst.chalmers.se/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://flax.nettst.chalmers.se/adfs/ls/</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>http://flax.nettst.chalmers.se/adfs/services/trust</Address>
- </EndpointReference>
- </fed:TargetScopes>
- <fed:ApplicationServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://flax.nettst.chalmers.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- </fed:ApplicationServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://flax.nettst.chalmers.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:SecurityTokenServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="flax.nettst.chalmers.se">
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIIuzCCB6OgAwIBAgIQAXC8B/ZOfBG1va+rAIliqzANBgkqhkiG9w0BAQsFADBzMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExJzAlBgNVBAMTHlRFUkVOQSBTU0wgSGlnaCBBc3N1cmFuY2UgQ0EgMzAeFw0xNzAxMTAwMDAwMDBaFw0xOTAxMTUxMjAwMDBaMIIBEDEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCU0UxFDASBgNVBAUTCzU1NjQ3OS01NTk4MRowGAYDVQQJExFDaGFsbWVyc3BsYXRzZW4gNDESMBAGA1UEERMJU0UtNDEyIDk2MQswCQYDVQQGEwJTRTEaMBgGA1UECAwRVsOkc3RyYSBHw7Z0YWxhbmQxEjAQBgNVBAcMCUfDtnRlYm9yZzEnMCUGA1UECgweQ2hhbG1lcnMgVGVrbmlza2EgSMO2Z3Nrb2xhIEFCMQwwCgYDVQQLEwNJVEExIDAeBgNVBAMTF2ZsYXgubmV0dHN0LmNoYWxtZXJzLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFtnfoBrTYoVGtGp67ciG/CVWhPmkX9vSEGIsQXlFq5FOC//hwnuvoqktXR2E1gGyd06Jz18l8v9NZUCPWRM1ngZI6OXmo0z997gN1ER1VSQic3RXt64F03R3J8XgBrNTf89Egb66fKzCEg424hH/V6yt6x59jlWS7qzt9AxIkEKXNSztQvi2ZqQXdmjkKVqSeic0r2Af8mRE0nxjhgjyAg0ZYM80ahsCmL/miAHeeXcjiKiRuGi8sW955wYxvQ3uh4Inhqv+EA7nibdyZW6lJ/TN3hU4D074ZQjNXYdDr96I4rsukA+xs4R1i68eax5hZb3pR1hkMdMW5umncAx/wIDAQABo4IEqjCCBKYwHwYDVR0jBBgwFoAUwriF1+G5E73RSLz9Xtx9kEJ6iqkwHQYDVR0OBBYEFLILQVavoUrbaWbGCbrsxzMr83gCMCIGA1UdEQQbMBmCF2ZsYXgubmV0dHN0LmNoYWxtZXJzLnNlMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwgYUGA1UdHwR+MHwwPKA6oDiGNmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xIaWdoQXNzdXJhbmNlQ0EzLmNybDA8oDqgOIY2aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1RFUkVOQVNTTEhpZ2hBc3N1cmFuY2VDQTMuY3JsMEsGA1UdIAREMEIwNwYJYIZIAYb9bAIBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwBwYFZ4EMAQEwewYIKwYBBQUHAQEEbzBtMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRQYIKwYBBQUHMAKGOWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xIaWdoQXNzdXJhbmNlQ0EzLmNydDAMBgNVHRMBAf8EAjAAMIICrwYKKwYBBAHWeQIEAgSCAp8EggKbApkAdQCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAVmIF/toAAAEAwBGMEQCIBWo2rxvgLXMwnF9U94vhcuN8U+zy84KqJx6nym9xEviAiAU5m6BkF/e/SsR9+OOWwxCqWkbg/F1NOSZ1FAtB2qwqAEvAKw7mu1/qWdHVxWebX1XVnL52YEAlB6b3v/soTE7dXgtAAABWYgX+4oAAAQBAQBaoaM4uzSwfI7vYX2xP2VBBAn0imied+GpgLgWYZJ+I5TmsAed0KvgpIKZxo0zE2O0Ps8hMp3m+VIJuydZgHfpT5jnVV+ig8GUXCYyjDcwWU/EhQzU69X/Ax9LeUhfobXmbzV7fNyfNpzdBxGesZgWNhi7fwTtVS3Mkmd+/TPzXQ4OKsd2MaudUACc5/o6nA9WPmr8wt5eJMYA5O2a3mJTaQR4gE3nEl+mluT8/yODJHkC+Ln+qoGR64IhvyX62qTw+97PackcZ1EwB8SpdlteLhzqtuUZfEjwb/U9uKLM8uhy3bbgGi7e4ZnweW8HH3VealY/QT+nWjzmcf4e9W8xAHcAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ0N0AAAFZiBf8rAAABAMASDBGAiEArucDHojFeftqx0sWwDP7FwVWM3nBPJey0fT3TQuq3M0CIQDUJzOPNVaAgXO9X+NJxeoemATU6anBuuSgIis1Rc3zjgB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABWYgX/CcAAAQDAEcwRQIhAIN9ofFPDi8KvD7mdTJHpA1bP5FKhjmTQg3VrTi4z/7aAiAIj34uMyED3blarakNI/hqozglffzfFFsKHWg8gaGt0TANBgkqhkiG9w0BAQsFAAOCAQEAZ6pn5hkqAxN2kpll3BWfwWKYbQCdUFHGn/05AAe10st+k+iI3ueZi/zqkjfJjGADcJHOV5jXzm2K8eIhEKOgODNBR/TfaMnH6JK4s+zFNmLKMQRcRICRWMr/SjWmVa2vGnpIr0DsHVUU2cq8GmqpbuLHqY7Z3CuypZ+Uk7OP361KDDIMcpTgu5eNi54nc6/jSgxa3/x9Aw+OSIcF73KMPmWJ8usaK8TtnIjIkyHlQIgfAHzt/8jOBN1N5mznegYFVVtziC0i25jyBVMbbDmYFfif6mqn+GDV0txinD3ssaXUiDJsJTbNTbnlVTRYs5CQJmoY3J/411K87TbeshxlBg==</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:TokenTypesOffered>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:2.0:assertion"/>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion"/>
- </fed:TokenTypesOffered>
- <fed:ClaimTypesOffered>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or ADFS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or ADFS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of &lt;domain&gt;\&lt;user&gt;</auth:Description>
- </auth:ClaimType>
- </fed:ClaimTypesOffered>
- <fed:SecurityTokenServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://flax.nettst.chalmers.se/adfs/services/trust/2005/certificatemixed</Address>
- <Metadata>
- <Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataSection xmlns="" Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataReference>
- <Address xmlns="http://www.w3.org/2005/08/addressing">https://flax.nettst.chalmers.se/adfs/services/trust/mex</Address>
- </wsx:MetadataReference>
- </wsx:MetadataSection>
- </Metadata>
- </Metadata>
- </EndpointReference>
- </fed:SecurityTokenServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://flax.nettst.chalmers.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
- <SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIIuzCCB6OgAwIBAgIQAXC8B/ZOfBG1va+rAIliqzANBgkqhkiG9w0BAQsFADBzMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExJzAlBgNVBAMTHlRFUkVOQSBTU0wgSGlnaCBBc3N1cmFuY2UgQ0EgMzAeFw0xNzAxMTAwMDAwMDBaFw0xOTAxMTUxMjAwMDBaMIIBEDEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCU0UxFDASBgNVBAUTCzU1NjQ3OS01NTk4MRowGAYDVQQJExFDaGFsbWVyc3BsYXRzZW4gNDESMBAGA1UEERMJU0UtNDEyIDk2MQswCQYDVQQGEwJTRTEaMBgGA1UECAwRVsOkc3RyYSBHw7Z0YWxhbmQxEjAQBgNVBAcMCUfDtnRlYm9yZzEnMCUGA1UECgweQ2hhbG1lcnMgVGVrbmlza2EgSMO2Z3Nrb2xhIEFCMQwwCgYDVQQLEwNJVEExIDAeBgNVBAMTF2ZsYXgubmV0dHN0LmNoYWxtZXJzLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFtnfoBrTYoVGtGp67ciG/CVWhPmkX9vSEGIsQXlFq5FOC//hwnuvoqktXR2E1gGyd06Jz18l8v9NZUCPWRM1ngZI6OXmo0z997gN1ER1VSQic3RXt64F03R3J8XgBrNTf89Egb66fKzCEg424hH/V6yt6x59jlWS7qzt9AxIkEKXNSztQvi2ZqQXdmjkKVqSeic0r2Af8mRE0nxjhgjyAg0ZYM80ahsCmL/miAHeeXcjiKiRuGi8sW955wYxvQ3uh4Inhqv+EA7nibdyZW6lJ/TN3hU4D074ZQjNXYdDr96I4rsukA+xs4R1i68eax5hZb3pR1hkMdMW5umncAx/wIDAQABo4IEqjCCBKYwHwYDVR0jBBgwFoAUwriF1+G5E73RSLz9Xtx9kEJ6iqkwHQYDVR0OBBYEFLILQVavoUrbaWbGCbrsxzMr83gCMCIGA1UdEQQbMBmCF2ZsYXgubmV0dHN0LmNoYWxtZXJzLnNlMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwgYUGA1UdHwR+MHwwPKA6oDiGNmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xIaWdoQXNzdXJhbmNlQ0EzLmNybDA8oDqgOIY2aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1RFUkVOQVNTTEhpZ2hBc3N1cmFuY2VDQTMuY3JsMEsGA1UdIAREMEIwNwYJYIZIAYb9bAIBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwBwYFZ4EMAQEwewYIKwYBBQUHAQEEbzBtMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRQYIKwYBBQUHMAKGOWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xIaWdoQXNzdXJhbmNlQ0EzLmNydDAMBgNVHRMBAf8EAjAAMIICrwYKKwYBBAHWeQIEAgSCAp8EggKbApkAdQCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAVmIF/toAAAEAwBGMEQCIBWo2rxvgLXMwnF9U94vhcuN8U+zy84KqJx6nym9xEviAiAU5m6BkF/e/SsR9+OOWwxCqWkbg/F1NOSZ1FAtB2qwqAEvAKw7mu1/qWdHVxWebX1XVnL52YEAlB6b3v/soTE7dXgtAAABWYgX+4oAAAQBAQBaoaM4uzSwfI7vYX2xP2VBBAn0imied+GpgLgWYZJ+I5TmsAed0KvgpIKZxo0zE2O0Ps8hMp3m+VIJuydZgHfpT5jnVV+ig8GUXCYyjDcwWU/EhQzU69X/Ax9LeUhfobXmbzV7fNyfNpzdBxGesZgWNhi7fwTtVS3Mkmd+/TPzXQ4OKsd2MaudUACc5/o6nA9WPmr8wt5eJMYA5O2a3mJTaQR4gE3nEl+mluT8/yODJHkC+Ln+qoGR64IhvyX62qTw+97PackcZ1EwB8SpdlteLhzqtuUZfEjwb/U9uKLM8uhy3bbgGi7e4ZnweW8HH3VealY/QT+nWjzmcf4e9W8xAHcAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ0N0AAAFZiBf8rAAABAMASDBGAiEArucDHojFeftqx0sWwDP7FwVWM3nBPJey0fT3TQuq3M0CIQDUJzOPNVaAgXO9X+NJxeoemATU6anBuuSgIis1Rc3zjgB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABWYgX/CcAAAQDAEcwRQIhAIN9ofFPDi8KvD7mdTJHpA1bP5FKhjmTQg3VrTi4z/7aAiAIj34uMyED3blarakNI/hqozglffzfFFsKHWg8gaGt0TANBgkqhkiG9w0BAQsFAAOCAQEAZ6pn5hkqAxN2kpll3BWfwWKYbQCdUFHGn/05AAe10st+k+iI3ueZi/zqkjfJjGADcJHOV5jXzm2K8eIhEKOgODNBR/TfaMnH6JK4s+zFNmLKMQRcRICRWMr/SjWmVa2vGnpIr0DsHVUU2cq8GmqpbuLHqY7Z3CuypZ+Uk7OP361KDDIMcpTgu5eNi54nc6/jSgxa3/x9Aw+OSIcF73KMPmWJ8usaK8TtnIjIkyHlQIgfAHzt/8jOBN1N5mznegYFVVtziC0i25jyBVMbbDmYFfif6mqn+GDV0txinD3ssaXUiDJsJTbNTbnlVTRYs5CQJmoY3J/411K87TbeshxlBg==</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIIuzCCB6OgAwIBAgIQAXC8B/ZOfBG1va+rAIliqzANBgkqhkiG9w0BAQsFADBzMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExJzAlBgNVBAMTHlRFUkVOQSBTU0wgSGlnaCBBc3N1cmFuY2UgQ0EgMzAeFw0xNzAxMTAwMDAwMDBaFw0xOTAxMTUxMjAwMDBaMIIBEDEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCU0UxFDASBgNVBAUTCzU1NjQ3OS01NTk4MRowGAYDVQQJExFDaGFsbWVyc3BsYXRzZW4gNDESMBAGA1UEERMJU0UtNDEyIDk2MQswCQYDVQQGEwJTRTEaMBgGA1UECAwRVsOkc3RyYSBHw7Z0YWxhbmQxEjAQBgNVBAcMCUfDtnRlYm9yZzEnMCUGA1UECgweQ2hhbG1lcnMgVGVrbmlza2EgSMO2Z3Nrb2xhIEFCMQwwCgYDVQQLEwNJVEExIDAeBgNVBAMTF2ZsYXgubmV0dHN0LmNoYWxtZXJzLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFtnfoBrTYoVGtGp67ciG/CVWhPmkX9vSEGIsQXlFq5FOC//hwnuvoqktXR2E1gGyd06Jz18l8v9NZUCPWRM1ngZI6OXmo0z997gN1ER1VSQic3RXt64F03R3J8XgBrNTf89Egb66fKzCEg424hH/V6yt6x59jlWS7qzt9AxIkEKXNSztQvi2ZqQXdmjkKVqSeic0r2Af8mRE0nxjhgjyAg0ZYM80ahsCmL/miAHeeXcjiKiRuGi8sW955wYxvQ3uh4Inhqv+EA7nibdyZW6lJ/TN3hU4D074ZQjNXYdDr96I4rsukA+xs4R1i68eax5hZb3pR1hkMdMW5umncAx/wIDAQABo4IEqjCCBKYwHwYDVR0jBBgwFoAUwriF1+G5E73RSLz9Xtx9kEJ6iqkwHQYDVR0OBBYEFLILQVavoUrbaWbGCbrsxzMr83gCMCIGA1UdEQQbMBmCF2ZsYXgubmV0dHN0LmNoYWxtZXJzLnNlMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwgYUGA1UdHwR+MHwwPKA6oDiGNmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xIaWdoQXNzdXJhbmNlQ0EzLmNybDA8oDqgOIY2aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1RFUkVOQVNTTEhpZ2hBc3N1cmFuY2VDQTMuY3JsMEsGA1UdIAREMEIwNwYJYIZIAYb9bAIBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwBwYFZ4EMAQEwewYIKwYBBQUHAQEEbzBtMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRQYIKwYBBQUHMAKGOWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xIaWdoQXNzdXJhbmNlQ0EzLmNydDAMBgNVHRMBAf8EAjAAMIICrwYKKwYBBAHWeQIEAgSCAp8EggKbApkAdQCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAVmIF/toAAAEAwBGMEQCIBWo2rxvgLXMwnF9U94vhcuN8U+zy84KqJx6nym9xEviAiAU5m6BkF/e/SsR9+OOWwxCqWkbg/F1NOSZ1FAtB2qwqAEvAKw7mu1/qWdHVxWebX1XVnL52YEAlB6b3v/soTE7dXgtAAABWYgX+4oAAAQBAQBaoaM4uzSwfI7vYX2xP2VBBAn0imied+GpgLgWYZJ+I5TmsAed0KvgpIKZxo0zE2O0Ps8hMp3m+VIJuydZgHfpT5jnVV+ig8GUXCYyjDcwWU/EhQzU69X/Ax9LeUhfobXmbzV7fNyfNpzdBxGesZgWNhi7fwTtVS3Mkmd+/TPzXQ4OKsd2MaudUACc5/o6nA9WPmr8wt5eJMYA5O2a3mJTaQR4gE3nEl+mluT8/yODJHkC+Ln+qoGR64IhvyX62qTw+97PackcZ1EwB8SpdlteLhzqtuUZfEjwb/U9uKLM8uhy3bbgGi7e4ZnweW8HH3VealY/QT+nWjzmcf4e9W8xAHcAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ0N0AAAFZiBf8rAAABAMASDBGAiEArucDHojFeftqx0sWwDP7FwVWM3nBPJey0fT3TQuq3M0CIQDUJzOPNVaAgXO9X+NJxeoemATU6anBuuSgIis1Rc3zjgB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABWYgX/CcAAAQDAEcwRQIhAIN9ofFPDi8KvD7mdTJHpA1bP5FKhjmTQg3VrTi4z/7aAiAIj34uMyED3blarakNI/hqozglffzfFFsKHWg8gaGt0TANBgkqhkiG9w0BAQsFAAOCAQEAZ6pn5hkqAxN2kpll3BWfwWKYbQCdUFHGn/05AAe10st+k+iI3ueZi/zqkjfJjGADcJHOV5jXzm2K8eIhEKOgODNBR/TfaMnH6JK4s+zFNmLKMQRcRICRWMr/SjWmVa2vGnpIr0DsHVUU2cq8GmqpbuLHqY7Z3CuypZ+Uk7OP361KDDIMcpTgu5eNi54nc6/jSgxa3/x9Aw+OSIcF73KMPmWJ8usaK8TtnIjIkyHlQIgfAHzt/8jOBN1N5mznegYFVVtziC0i25jyBVMbbDmYFfif6mqn+GDV0txinD3ssaXUiDJsJTbNTbnlVTRYs5CQJmoY3J/411K87TbeshxlBg==</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://flax.nettst.chalmers.se/adfs/ls/"/>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://flax.nettst.chalmers.se/adfs/ls/"/>
- <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
- <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://flax.nettst.chalmers.se/adfs/ls/" index="0" isDefault="true"/>
- <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://flax.nettst.chalmers.se/adfs/ls/" index="1"/>
- <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://flax.nettst.chalmers.se/adfs/ls/" index="2"/>
- </SPSSODescriptor>
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<Extensions>
<shibmd:Scope regexp="false">nettst.chalmers.se</shibmd:Scope>
@@ -293,27 +26,6 @@
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://flax.nettst.chalmers.se/adfs/ls/"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://flax.nettst.chalmers.se/adfs/ls/"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
</IDPSSODescriptor>
<Organization>
<OrganizationName xml:lang="en">CHALMERSTest</OrganizationName>
diff --git a/swamid-2.0/graylog.nordu.net-shibboleth.xml b/swamid-2.0/graylog.nordu.net-shibboleth.xml
index 7f8a4d55..16f55032 100644
--- a/swamid-2.0/graylog.nordu.net-shibboleth.xml
+++ b/swamid-2.0/graylog.nordu.net-shibboleth.xml
@@ -81,6 +81,16 @@ pc0/wSWsXlCKKdvcilYf9uc4RGpsdIHYHlCIBveUNMaqK3Ce2niYAgSGVH3vejoq
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://graylog.nordu.net/Shibboleth.sso/SAML/POST" index="4"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://graylog.nordu.net/Shibboleth.sso/SAML/Artifact" index="5"/>
</md:SPSSODescriptor>
+ <md:ContactPerson contactType="support">
+ <md:GivenName>Sunet</md:GivenName>
+ <md:SurName>NOC</md:SurName>
+ <md:EmailAddress>mailto:noc@sunet.se</md:EmailAddress>
+ </md:ContactPerson>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>Sunet</md:GivenName>
+ <md:SurName>NOC</md:SurName>
+ <md:EmailAddress>mailto:noc@sunet.se</md:EmailAddress>
+ </md:ContactPerson>
<md:ContactPerson contactType="administrative">
<md:GivenName>Fredrik</md:GivenName>
<md:SurName>Pettai</md:SurName>
diff --git a/swamid-2.0/hhs-se.zoom.us.xml b/swamid-2.0/hhs-se.zoom.us.xml
index 557e7536..6736d316 100644
--- a/swamid-2.0/hhs-se.zoom.us.xml
+++ b/swamid-2.0/hhs-se.zoom.us.xml
@@ -21,29 +21,42 @@
<md:KeyDescriptor use="encryption">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
- <ds:X509Certificate>MIIFFzCCA/+gAwIBAgIHBFgs/vQRuzANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCVVMxEDAO
-BgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoTEUdvRGFkZHkuY29t
-LCBJbmMuMS0wKwYDVQQLEyRodHRwOi8vY2VydHMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS8xMzAx
-BgNVBAMTKkdvIERhZGR5IFNlY3VyZSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjAeFw0xNDA0
-MTEwMDQ4MDVaFw0xODA4MDMyMzM2NDJaMDcxITAfBgNVBAsTGERvbWFpbiBDb250cm9sIFZhbGlk
-YXRlZDESMBAGA1UEAwwJKi56b29tLnVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
-okFee4Mpg9uh8LOOYygGRyhxXwsfvnh7FvtJT67CRryvMEHftbeD4b9xa7CSxrU5XfP6ICLxFplv
-+4sntZy4o3h6ryBrV9BvMAkG1DavujorcSEbk+O0Rk9GpQFGOXvTZQN71mzv66ITuQn83t9+1vx9
-JTqapWmi/LtC1nTvkqNCjdfbTkIqoLjcUN+awRT+4WnDYp2h8oAMUGePwRMqebFQl7uTF3Ok0xyh
-akmB0QU7EgM3jw7drHTW3A0MX3Ei9u23dhrmBGUDTs9oO6Zpu7LMkmCyFW5XCKokKeqbtXQulOCT
-gRrd8i3paIwFBqISFiygYOKmVolL1zaUCm+LfQIDAQABo4IBqDCCAaQwDwYDVR0TAQH/BAUwAwEB
-ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWgMDYGA1UdHwQv
-MC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ29kYWRkeS5jb20vZ2RpZzJzMS00MC5jcmwwUwYDVR0gBEww
-SjBIBgtghkgBhv1tAQcXATA5MDcGCCsGAQUFBwIBFitodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFk
-ZHkuY29tL3JlcG9zaXRvcnkvMHYGCCsGAQUFBwEBBGowaDAkBggrBgEFBQcwAYYYaHR0cDovL29j
-c3AuZ29kYWRkeS5jb20vMEAGCCsGAQUFBzAChjRodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHku
-Y29tL3JlcG9zaXRvcnkvZ2RpZzIuY3J0MB8GA1UdIwQYMBaAFEDCvSeOzDSDMKIz1/tss/C0LIDO
-MB0GA1UdEQQWMBSCCSouem9vbS51c4IHem9vbS51czAdBgNVHQ4EFgQU7Iq18k6UpRo2UcsGL/qS
-UFoZ64kwDQYJKoZIhvcNAQELBQADggEBAKBUJLQlb6o9kCVuFhGNj/7och4wo7K207guo9PuhDls
-ipAo4NHubWMrmTRwSELUtQpP1T21uymzPKC2riko1+tOwNJjJ6hB7UMa8hwgC3dCq+TeTsMxNBgP
-xLYUwl+W8g0iss0TTolx4DHrF4iSH2HcunwxDXtqkCtlIRiLhkU/q2DXPwyatLD9f4nypEowXARJ
-F9AI1u80XBk4qks6VFI+F101ov7c11YqtKvzICNJSF/uTaoKU16ZMeV7Awt0stHY1ILdI40ht+YZ
-kMpIITAqh9XwkMMbjOapCeNu6wfL/ywLEOskEvvxnEgP00VVk8S32kBKmNQGLPufut3obbI=</ds:X509Certificate>
+ <ds:X509Certificate>MIIGpDCCBYygAwIBAgIJAOZtkBRrr07MMA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD
+VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEa
+MBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4xLTArBgNVBAsTJGh0dHA6Ly9jZXJ0
+cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzEzMDEGA1UEAxMqR28gRGFkZHkgU2Vj
+dXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTE4MDYxMjE4MDIyMVoX
+DTIwMDYxMjE4MDIyMVowNzEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRh
+dGVkMRIwEAYDVQQDDAkqLnpvb20udXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQDJstTPQTaYgnrfKFDpATrqb8kTp2tL3SIUwfmyI8AVM2aylL/q/ral
+XtLeN0vqZyc+QfX694gk/a+lpcwXBO7OrmzbPuigGk7Y0+eILX10JAwaZf41w9Wd
+j52WkKJtaPDtS41pT8sGidQL8CGKCjs2BtAImMGIxBP4/U/BbTWaX7Yp/wnwqzHi
+i6UiWJzwC5v7Tglc7YkLqS/0uhCnEJlJeTghpT6ST1ZWmvlFvtRSGZLkneeER3Ex
+QhQj7oefAgi98lDgPqcQ+Cw6GR3u9o+5KSj6t8WxmEimlAM230+9jv+lW6xr2k3B
+vFuHSgu9VjxG4h/d7UP8+KW3iVRhbaaXAgMBAAGjggMzMIIDLzAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMC
+BaAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5nb2RhZGR5LmNvbS9nZGln
+MnMxLTgzNy5jcmwwXQYDVR0gBFYwVDBIBgtghkgBhv1tAQcXATA5MDcGCCsGAQUF
+BwIBFitodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkv
+MAgGBmeBDAECATB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9v
+Y3NwLmdvZGFkZHkuY29tLzBABggrBgEFBQcwAoY0aHR0cDovL2NlcnRpZmljYXRl
+cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5L2dkaWcyLmNydDAfBgNVHSMEGDAWgBRA
+wr0njsw0gzCiM9f7bLPwtCyAzjAdBgNVHREEFjAUggkqLnpvb20udXOCB3pvb20u
+dXMwHQYDVR0OBBYEFG86ecvhrBVMcsS4mWYkSlO7jRdUMIIBfwYKKwYBBAHWeQIE
+AgSCAW8EggFrAWkAdwCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAA
+AWP1KmVBAAAEAwBIMEYCIQDFkKMYerM9O8u25bsrdf085HoTpqv4gCVj6KnuI977
+3gIhAISFLgZRYmDjwgHHnm+IYl7Flp7XcU8qmdRp0lesnVwCAHYA7ku9t3XOYLrh
+Qmkfq+GeZqMPfl+wctiDAMR7iXqo/csAAAFj9SpqyQAABAMARzBFAiA0V+bR/z03
+OIJxTVGlG3MDVblzcxNuJONzkgp7WgusTgIhAJMKOXo1SLjOpmqnIjMqFRYELkfh
+zgzFe3xa4xUxthGzAHYAXqdz+d9WwOe1Nkh90EngMnqRmgyEoRIShBh1loFxRVgA
+AAFj9SprlQAABAMARzBFAiEAzePsyzO9cNmhlohiOjXZ6tSu8nKFVDMd5fiKv2g7
+6tACIDIczvM/uV4uz2pOkY1N3CVQSEbrJC6/bLmJgJ3OI/jOMA0GCSqGSIb3DQEB
+CwUAA4IBAQB3//DfcyK0b6D5eijWI414ttLUWJrDOhYPBdtNUzVlWV9jNarCjoAg
+PgNJxkEmgJb4HWQzAeYruJOXGEbZp5LTdWCjrdj18xDh7EtnPIEeY2H6obW4xXe5
+K3jJKtkbHqa5j2Fc+W/dXVqo28kQKbMm+FF9Vj6cQ1B/xPdijb7M2rHL808qVYPp
+J9y1vahFh07yyTOR61CRThhqYv63JHppUWgtolDLdVez4s3cjAiKuE5Ij+NJirNN
+lEdeTAWOcOfqdylDPB2QZutYG+SN4J/C97wjbHlMM+xMPL3UOPOalx8MsPB6WHlg
+xBe5fMnWUgOwr0Mvl+VgxjXb/PHfLMeY</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
diff --git a/swamid-2.0/hkrplay.hkr.se.xml b/swamid-2.0/hkrplay.hkr.se.xml
new file mode 100644
index 00000000..23384ee6
--- /dev/null
+++ b/swamid-2.0/hkrplay.hkr.se.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://hkrplay.hkr.se">
+ <md:Extensions>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue>
+ </samla:Attribute>
+ </mdattr:EntityAttributes>
+ </md:Extensions>
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="en">Kristianstad University Play service</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="sv">Högskolan Kristianstad Playtjänst</mdui:DisplayName>
+ <mdui:Description xml:lang="en">This service is for presentation of videos from Kristianstad University.</mdui:Description>
+ <mdui:Description xml:lang="sv">Denna tjänst används för presentationer av video från Högskolan Kristianstad.</mdui:Description>
+ <mdui:Logo height="94" width="83">https://hkr.se/gui/i/logotype.png</mdui:Logo>
+ <mdui:Logo xml:lang="sv" height="94" width="83">https:hkr.se/gui/i/logotype.png</mdui:Logo>
+ <mdui:Logo xml:lang="en" height="94" width="83">https://hkr.se/gui/i/logotype.png</mdui:Logo>
+ </mdui:UIInfo>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB/DCCAWWgAwIBAgIUR0NIYWpM9T6CEGjdts8Bh/BZf6kwDQYJKoZIhvcNAQEFBQAwKzEXMBUGA1UEAwwOaGtycGxheS5oa3Iuc2UxEDAOBgNVBAoMB2thbHR1cmEwHhcNMTgwNjE0MDkwNjUxWhcNMTkwNjE0MDkwNjUxWjArMRcwFQYDVQQDDA5oa3JwbGF5Lmhrci5zZTEQMA4GA1UECgwHa2FsdHVyYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2p2uj2tNIz/5TXvrs2ZNtsioLYhWtKs2sTMeOO+Zv0c0BBqVkoCGhBB2afbhIYB9ER+JHOwtQeHujCGa/RRvCbOi6n6gj9ZYaJoo5co8I0EkwVx09aaDVo+qxc2AUitPtNEeG7BvN5BSudlCiCQESu4hkNdUH+LSnMlDlsBkJWkCAwEAAaMdMBswGQYDVR0RBBIwEIIOaGtycGxheS5oa3Iuc2UwDQYJKoZIhvcNAQEFBQADgYEAKdQn8AwPrN0ne1OSQH/d1YjCLKq/8Tb+1eMFJQSOOGIYCaeEw3yDngzQbUkfpQkU3XPac+aOW1GZiXy6eOob0h9J5HK5aDDXWtAadT+KBPOXdTc1fRVdDUV7gQkNIVg4Me8gBm7krR7XQmNasMXgP4bpFlTHL1CMMJRZcGIgTNM=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB/DCCAWWgAwIBAgIUR0NIYWpM9T6CEGjdts8Bh/BZf6kwDQYJKoZIhvcNAQEFBQAwKzEXMBUGA1UEAwwOaGtycGxheS5oa3Iuc2UxEDAOBgNVBAoMB2thbHR1cmEwHhcNMTgwNjE0MDkwNjUxWhcNMTkwNjE0MDkwNjUxWjArMRcwFQYDVQQDDA5oa3JwbGF5Lmhrci5zZTEQMA4GA1UECgwHa2FsdHVyYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2p2uj2tNIz/5TXvrs2ZNtsioLYhWtKs2sTMeOO+Zv0c0BBqVkoCGhBB2afbhIYB9ER+JHOwtQeHujCGa/RRvCbOi6n6gj9ZYaJoo5co8I0EkwVx09aaDVo+qxc2AUitPtNEeG7BvN5BSudlCiCQESu4hkNdUH+LSnMlDlsBkJWkCAwEAAaMdMBswGQYDVR0RBBIwEIIOaGtycGxheS5oa3Iuc2UwDQYJKoZIhvcNAQEFBQADgYEAKdQn8AwPrN0ne1OSQH/d1YjCLKq/8Tb+1eMFJQSOOGIYCaeEw3yDngzQbUkfpQkU3XPac+aOW1GZiXy6eOob0h9J5HK5aDDXWtAadT+KBPOXdTc1fRVdDUV7gQkNIVg4Me8gBm7krR7XQmNasMXgP4bpFlTHL1CMMJRZcGIgTNM=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://hkrplay.hkr.se/user/logout"/>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://hkrplay.hkr.se/user/authenticate" index="0"/>
+ </md:SPSSODescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">HKRplay</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="en">HKRplay</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">https://hkrplay.hkr.se</md:OrganizationURL>
+ </md:Organization>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>NORDUnet</md:GivenName>
+ <md:SurName>SAML Admin</md:SurName>
+ <md:EmailAddress>mailto:saml@media.nordu.net</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/id.statenssc.se-adfs-services-trust.xml b/swamid-2.0/id.statenssc.se-adfs-services-trust.xml
index 64bd601e..946de59c 100644
--- a/swamid-2.0/id.statenssc.se-adfs-services-trust.xml
+++ b/swamid-2.0/id.statenssc.se-adfs-services-trust.xml
@@ -31,653 +31,6 @@
</KeyInfo>
</ds:Signature>
-->
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="Annan myndighet">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC4DCCAcigAwIBAgIQTJDRE11esadK2AHqvGUBATANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDEyFBREZTIEVuY3J5cHRpb24gLSBpZC5zdGF0ZW5zc2Muc2UwHhcNMTQwOTA3MjEyNzQxWhcNMTkwOTA3MjEyNzQxWjAsMSowKAYDVQQDEyFBREZTIEVuY3J5cHRpb24gLSBpZC5zdGF0ZW5zc2Muc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI9BftUUS6LbxyhTUbpziaaY+7WyOKUXkHguFyFiL6nSdAn4R14TuJFug8uJCCRY6UEcEAn18QWgW1FvUyf7Zbzpu+U0XGq4QRy+GTbCIWeLmQAc9QFAjbOSqv7TMkgHg2Jo46L8/0ttgr+olPYTO454Ft7XuOm27WasCxrYxOo7tTd3w1YXz9CUtVxdnKPf3stxa+3RqlatrKansieOnI6YbStnhdM42l4S0cSer4Eu5SOakpFQH/BSdNrVV0knQih7seyhv6TmeK0bCYWriPS4lAAPJ8sllzWDQmhX7w8HJB8DFtMdHG4lrmahH3r7uUd/2+uzHjAWBhu2xq80uZAgMBAAEwDQYJKoZIhvcNAQELBQADggEBALFrJzyXfTeY2jyFWVq9jDjxQCm7D6oMipzbn2auPNku5HeUtQaKrnxjp3HFGFkeHMw2WxCo+n2UUsGEnSm4MiszNfHinkVu7KnHxMp3CnkfS6NMWyyGZQ/Sfi71ubMHmEsQrv4GJX4Mcvw4yaI/Ae59IQeUSBLPNzcsvYBtwq3EM/vSwAQpD1PNZEwh8/B/8BsutnvbAEExlUtU9EKxzUX4xl1SNnvDKIMEVue4Qm8DrjhEuLl/8uImfHPCnHcqN4tEe6gJoxBw767istcZmNLTYcJkCEMkL79vetgFad8UZWjJyaUCj16S2bd8w3NlXrb26a1iFj0Fxx9+p7QOSxE=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:ClaimTypesRequested>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://statenssc.se/claims/organisationsnummer" Optional="true">
- <auth:DisplayName>Organisationsnummer</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://statenssc.se/claims/personnummer" Optional="true">
- <auth:DisplayName>Personnummer</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.4" Optional="true">
- <auth:DisplayName>Efternamn OID</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.42" Optional="true">
- <auth:DisplayName>Förnamn OID</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.2.752.29.4.3" Optional="true">
- <auth:DisplayName>Organisationsnummer OID</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.2.752.29.4.13" Optional="true">
- <auth:DisplayName>Personnummer OID</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:0.9.2342.19200300.100.1.3" Optional="true">
- <auth:DisplayName>E-post OID</auth:DisplayName>
- <auth:Description>Unik e-postadress med myndighetens officiella domän som suffix.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://statenssc.se/claims/myndighet" Optional="true">
- <auth:DisplayName>Myndighet</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2013/11/alternateloginid" Optional="true">
- <auth:DisplayName>Alternate Login ID</auth:DisplayName>
- <auth:Description>Alternate login ID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
- <auth:DisplayName>Endpoint Path</auth:DisplayName>
- <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
- <auth:DisplayName>Client IP</auth:DisplayName>
- <auth:Description>IP address of the client</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- </fed:ClaimTypesRequested>
- <fed:TargetScopes>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://id.statenssc.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://id.statenssc.se/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://id.statenssc.se/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://id.statenssc.se/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://id.statenssc.se/adfs/ls/</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>http://id.statenssc.se/adfs/services/trust</Address>
- </EndpointReference>
- </fed:TargetScopes>
- <fed:ApplicationServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://id.statenssc.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- </fed:ApplicationServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://id.statenssc.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:SecurityTokenServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="Annan myndighet">
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC2jCCAcKgAwIBAgIQNiJSeyIIjZNIgrCFtM7wjzANBgkqhkiG9w0BAQsFADApMScwJQYDVQQDEx5BREZTIFNpZ25pbmcgLSBpZC5zdGF0ZW5zc2Muc2UwHhcNMTQwOTA3MjEyNzQzWhcNMTkwOTA3MjEyNzQzWjApMScwJQYDVQQDEx5BREZTIFNpZ25pbmcgLSBpZC5zdGF0ZW5zc2Muc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvyasbdU+qo4Km/Ci2Y4dQynGCmV4N7mhiGZfZy4NGXJLAxY5a93M7pVHSanprju2M1IiwOu0TM7yR7glBW5kgry8G0/qwIEkcB0NtyDnSfF9qpVcwL7SQUL+pcVSRzOIMYaCHr3uydSkqfenSpCo2pQskT4fI3H6WuIt+ssttqzjh107bjfO7jaywV4VsvT6hx2j1PhW9H3h6c1ax6aMSRhBEcutS/SQ4JvULdcM/yITMs+YfN+5uRDUy2OpwPuXNTeNZ6N5lNH/zUCGdVCiz0GP5t6n6591u6vfo62PaIOLvKjmDpyhZEKBXnei2ccZiv01ErQn1U1EjUj3NG9MFAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAFZAIg+ngKrFMBkD6dD3THPK8ky0FxH7hCSASthn1PdIRQCorKIemqglV8yc+hadK+jK6//vc0xRk102Ku6t3T1ThWlTZluJt/WcZ1hb1p+hq3ZaxLSZkzEiu5G2xCPsAXg3QBQO1JyW8j+VnT4ls+wm/QQyG96W42O7bws7b6GWKsmfJNQgbrZDAxFuXKcO8jTP6iqXoRUARSHCe1sUBP+vqKZXE1Pgvwdvo69tqmK3uIUPDlj7cPCs1y01xiPw4qhPzLYyW60epOaGvC2yy4ecsGV9F1NAIbNFU+V2Gdu91bKYAqTt+bNUBMc9ikKy0R84W9Gqj8/vlys8IL5IIWU=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:TokenTypesOffered>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:2.0:assertion"/>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion"/>
- </fed:TokenTypesOffered>
- <fed:ClaimTypesOffered>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" Optional="true">
- <auth:DisplayName>eduPersonPrincipalName</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://statenssc.se/claims/organisationsnummer" Optional="true">
- <auth:DisplayName>Organisationsnummer</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://statenssc.se/claims/personnummer" Optional="true">
- <auth:DisplayName>Personnummer</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.4" Optional="true">
- <auth:DisplayName>Efternamn OID</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.42" Optional="true">
- <auth:DisplayName>Förnamn OID</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.2.752.29.4.3" Optional="true">
- <auth:DisplayName>Organisationsnummer OID</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.2.752.29.4.13" Optional="true">
- <auth:DisplayName>Personnummer OID</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://statenssc.se/claims/hermes" Optional="true">
- <auth:DisplayName>Hermes kod</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:0.9.2342.19200300.100.1.3" Optional="true">
- <auth:DisplayName>E-post OID</auth:DisplayName>
- <auth:Description>Unik e-postadress med myndighetens officiella domän som suffix.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://statenssc.se/claims/myndighet" Optional="true">
- <auth:DisplayName>Myndighet</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://statenssc.se/claims/useridnoprefix" Optional="true">
- <auth:DisplayName>UserId No Prefix</auth:DisplayName>
- <auth:Description>Internt använt UserID utan Hermes prefix</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2013/11/alternateloginid" Optional="true">
- <auth:DisplayName>Alternate Login ID</auth:DisplayName>
- <auth:Description>Alternate login ID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
- <auth:DisplayName>Endpoint Path</auth:DisplayName>
- <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
- <auth:DisplayName>Client IP</auth:DisplayName>
- <auth:Description>IP address of the client</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- </fed:ClaimTypesOffered>
- <fed:SecurityTokenServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://id.statenssc.se/adfs/services/trust/2005/certificatemixed</Address>
- <Metadata>
- <Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataSection xmlns="" Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataReference>
- <Address xmlns="http://www.w3.org/2005/08/addressing">https://id.statenssc.se/adfs/services/trust/mex</Address>
- </wsx:MetadataReference>
- </wsx:MetadataSection>
- </Metadata>
- </Metadata>
- </EndpointReference>
- </fed:SecurityTokenServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://id.statenssc.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
<SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<Extensions>
<mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
diff --git a/swamid-2.0/idp-fre-1.eduid.se-idp.xml b/swamid-2.0/idp-fre-1.eduid.se-idp.xml
deleted file mode 100644
index c0d390a5..00000000
--- a/swamid-2.0/idp-fre-1.eduid.se-idp.xml
+++ /dev/null
@@ -1,75 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<ns0:EntityDescriptor xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ns1="urn:mace:shibboleth:metadata:1.0" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" entityID="https://idp-fre-1.eduid.se/idp.xml">
- <ns0:IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
- <ns0:Extensions>
- <ns1:Scope regexp="false">eduid.se</ns1:Scope>
- </ns0:Extensions>
- <ns0:KeyDescriptor use="encryption">
- <ns2:KeyInfo>
- <ns2:X509Data>
- <ns2:X509Certificate>MIICtjCCAZ4CCQCcz/piVprfwDANBgkqhkiG9w0BAQUFADAdMRswGQYDVQQDExJp
-ZHAtZnJlLTEuZWR1aWQuc2UwHhcNMTMwNDA0MTM0NDQ0WhcNMjMwNDAyMTM0NDQ0
-WjAdMRswGQYDVQQDExJpZHAtZnJlLTEuZWR1aWQuc2UwggEiMA0GCSqGSIb3DQEB
-AQUAA4IBDwAwggEKAoIBAQDZYoiNY7wsKOg0HuPEIOmFt4sNOPANo1WXOEAi4gdr
-Ov5RyA+j4c5qtxgX30eT1mSS+xxd1UYy78jIR42QnvmwZRAw3XGzCT4u+41u+4KP
-ZuzsNmueFruQ/FUj5YvYJdo9LKDXnhqj7GrOYwVKRx3TtV+76IXbY+OQF5mNXNdn
-qFepNt6ukBGqdWjEi6fslbjVwCkRwN9gFm/f0xshITr79MEsmEbm97n8+TxNWx9o
-Vx2cIGHVKur+iBR0ntY71jXCGb/0drVlogMluXUssMV9fZSP0W1HnlI2vNQrVA6p
-0hzRsi+kGGAXn0/u1rhfJ7G6/Tz43OqhVqH5BeKs+0v/AgMBAAEwDQYJKoZIhvcN
-AQEFBQADggEBANfLG7xG2d2bc8ib/XCMly48KEPYqNXIeDIHPR8MpEZrdCph4TUz
-Y96pEbhM3Onn7iZTAqk7QUfVzj3qH35H8FG6XJuUlpeo11c94dsS6+euamdf+9qZ
-ZP0uQyvYepSdQWCeBljDUxp/u6h9NdKpcwK9AvfBVCTNR0gdFNfADi1QtdAtW3Wx
-N4TxcEV9YT6QopkdXKR+Vx+Bp8iM3ij+epA5M87hrrHUFd9s324x2ktl1cx0znS/
-6VT121qX752B4lzzych/glgqUaSZe6/iFq2LYxK5qPZAViEy6by4lYghzdKPjAvu
-97NSksdDvmueTb8t8S2G2CqPc3Wus+M6yQw=
-</ns2:X509Certificate>
- </ns2:X509Data>
- </ns2:KeyInfo>
- </ns0:KeyDescriptor>
- <ns0:KeyDescriptor use="signing">
- <ns2:KeyInfo>
- <ns2:X509Data>
- <ns2:X509Certificate>MIICtjCCAZ4CCQCcz/piVprfwDANBgkqhkiG9w0BAQUFADAdMRswGQYDVQQDExJp
-ZHAtZnJlLTEuZWR1aWQuc2UwHhcNMTMwNDA0MTM0NDQ0WhcNMjMwNDAyMTM0NDQ0
-WjAdMRswGQYDVQQDExJpZHAtZnJlLTEuZWR1aWQuc2UwggEiMA0GCSqGSIb3DQEB
-AQUAA4IBDwAwggEKAoIBAQDZYoiNY7wsKOg0HuPEIOmFt4sNOPANo1WXOEAi4gdr
-Ov5RyA+j4c5qtxgX30eT1mSS+xxd1UYy78jIR42QnvmwZRAw3XGzCT4u+41u+4KP
-ZuzsNmueFruQ/FUj5YvYJdo9LKDXnhqj7GrOYwVKRx3TtV+76IXbY+OQF5mNXNdn
-qFepNt6ukBGqdWjEi6fslbjVwCkRwN9gFm/f0xshITr79MEsmEbm97n8+TxNWx9o
-Vx2cIGHVKur+iBR0ntY71jXCGb/0drVlogMluXUssMV9fZSP0W1HnlI2vNQrVA6p
-0hzRsi+kGGAXn0/u1rhfJ7G6/Tz43OqhVqH5BeKs+0v/AgMBAAEwDQYJKoZIhvcN
-AQEFBQADggEBANfLG7xG2d2bc8ib/XCMly48KEPYqNXIeDIHPR8MpEZrdCph4TUz
-Y96pEbhM3Onn7iZTAqk7QUfVzj3qH35H8FG6XJuUlpeo11c94dsS6+euamdf+9qZ
-ZP0uQyvYepSdQWCeBljDUxp/u6h9NdKpcwK9AvfBVCTNR0gdFNfADi1QtdAtW3Wx
-N4TxcEV9YT6QopkdXKR+Vx+Bp8iM3ij+epA5M87hrrHUFd9s324x2ktl1cx0znS/
-6VT121qX752B4lzzych/glgqUaSZe6/iFq2LYxK5qPZAViEy6by4lYghzdKPjAvu
-97NSksdDvmueTb8t8S2G2CqPc3Wus+M6yQw=
-</ns2:X509Certificate>
- </ns2:X509Data>
- </ns2:KeyInfo>
- </ns0:KeyDescriptor>
- <ns0:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp-fre-1.eduid.se/slo/soap"/>
- <ns0:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-fre-1.eduid.se/slo/post"/>
- <ns0:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-fre-1.eduid.se/slo/redirect"/>
- <ns0:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</ns0:NameIDFormat>
- <ns0:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</ns0:NameIDFormat>
- <ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-fre-1.eduid.se/sso/redirect"/>
- <ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-fre-1.eduid.se/sso/post"/>
- <ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://idp-fre-1.eduid.se/sso/art"/>
- <ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp-fre-1.eduid.se/sso/ecp"/>
- </ns0:IDPSSODescriptor>
- <ns0:Organization>
- <ns0:OrganizationName xml:lang="en">eduID TEST</ns0:OrganizationName>
- <ns0:OrganizationDisplayName xml:lang="en">eduID TEST</ns0:OrganizationDisplayName>
- <ns0:OrganizationURL xml:lang="en">http://www.eduid.se/</ns0:OrganizationURL>
- </ns0:Organization>
- <ns0:ContactPerson contactType="technical">
- <ns0:GivenName>eduID</ns0:GivenName>
- <ns0:SurName>developers</ns0:SurName>
- <ns0:EmailAddress>eduid-dev@SEGATE.SUNET.SE</ns0:EmailAddress>
- </ns0:ContactPerson>
- <ns0:ContactPerson contactType="support">
- <ns0:GivenName>Support</ns0:GivenName>
- <ns0:EmailAddress>support@eduid.se</ns0:EmailAddress>
- </ns0:ContactPerson>
-</ns0:EntityDescriptor>
diff --git a/swamid-2.0/idp-test.it.su.se.xml b/swamid-2.0/idp-test.it.su.se.xml
new file mode 100644
index 00000000..68a376c0
--- /dev/null
+++ b/swamid-2.0/idp-test.it.su.se.xml
@@ -0,0 +1,120 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://idp-test.it.su.se/idp/shibboleth">
+ <Extensions>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category-support">
+ <saml:AttributeValue>http://refeds.org/category/research-and-scholarship</saml:AttributeValue>
+ <saml:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</saml:AttributeValue>
+ </saml:Attribute>
+ </mdattr:EntityAttributes>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope regexp="false">su.se</shibmd:Scope>
+ <mdui:UIInfo>
+ <mdui:DisplayName xml:lang="sv">Stockholms universitet (test)</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Stockholm University (test)</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Identity Provider för medarbetare och studenter vid Stockholms universitet.</mdui:Description>
+ <mdui:Description xml:lang="en">The Stockholm university Identity Provider is used by employees and students at the university.</mdui:Description>
+ <mdui:InformationURL xml:lang="sv">http://www.su.se</mdui:InformationURL>
+ <mdui:InformationURL xml:lang="en">http://www.su.se/english/</mdui:InformationURL>
+ <mdui:Logo xml:lang="sv" height="110" width="127">https://idp-test.it.su.se/idp/img/su-logo-sv_OLD.gif</mdui:Logo>
+ <mdui:Logo xml:lang="en" height="110" width="127">https://idp-test.it.su.se/idp/img/su-logo-en_OLD.gif</mdui:Logo>
+ <mdui:PrivacyStatementURL xml:lang="sv">https://www.su.se/medarbetare/it/it-tj%C3%A4nster/universitetskonto/policy-f%C3%B6r-hantering-av-personuppgifter-inom-ramen-f%C3%B6r-identitetsutgivaren-identity-provider-idp-1.383506</mdui:PrivacyStatementURL>
+ <mdui:PrivacyStatementURL xml:lang="en">https://www.su.se/english/staff/it/it-services/policy-for-the-management-of-personal-information-within-the-scope-of-the-identity-provider-idp-1.384218</mdui:PrivacyStatementURL>
+ </mdui:UIInfo>
+ <mdui:DiscoHints>
+ <mdui:DomainHint>su.se</mdui:DomainHint>
+ <mdui:GeolocationHint>geo:59.3625,18.0586</mdui:GeolocationHint>
+ </mdui:DiscoHints>
+ </Extensions>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIC+jCCAeKgAwIBAgIJAKvigKUJvExYMA0GCSqGSIb3DQEBBQUAMBwxGjAYBgNV
+BAMTEWlkcC10ZXN0Lml0LnN1LnNlMB4XDTEwMTEwOTA4NTAxNVoXDTIwMTEwNjA4
+NTAxNVowHDEaMBgGA1UEAxMRaWRwLXRlc3QuaXQuc3Uuc2UwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDiy33V1Re/N5Wih2L/TFGyAvHhzmOvT2BS3z6s
+Gtum+WYGbVaGrJK6fD+HG89KoMtbbo8uAW0HJfhnOdbbUL2OEUo8quKbJSq5A/+0
+d7zCxteeZOBZ9yQF/cTNtgwVdreYitKD8E0LsTUBnpmomGS4icR3b3KyDVdgexof
+85boL4QYGtDvvBLAR67YHnzFl6sMYY46/ptThge8FrRYE4IzMT7JiOzakrCje8tI
+dDHjLFgIjR4e/oOD/qe/VQBBx+BXYOGK80iq5Q1I/MCIcYPNgu4QRaBM6sgCEbzZ
+BAKvKUwOUG6ISQMClGjpzgGd22OClxXcjakMFuWHEDCh13IdAgMBAAGjPzA9MBwG
+A1UdEQQVMBOCEWlkcC10ZXN0Lml0LnN1LnNlMB0GA1UdDgQWBBTENxJoYSkc0MtD
+9crsO+Sb8o1vmTANBgkqhkiG9w0BAQUFAAOCAQEATQcvg19g3IBDwwTVfMFTVfFc
+ltpedRKvdiS2XNq2jy+/97n2M2Xc4vpUqKJayxwpkN180VCV873zbI81MRCApeJH
+wFYke5r9OSwriiTPgijAAOm6K8++PfNfYOOoo/G/7akcL4dmeu8vKzwE67GAPm+N
++uRvOFivpJ137xlATclXtP4riW0fqagqQDKwJVULLfyeve8+mDlpYg2/dz5hqb6V
+UebM+vdVeYb0JLMqQevfKMQVbhC3sLuZEGHLh0VE/ZSY5GQGDAshuw0e7Xfrxcd6
+0P3iPg1br/W070Wfs66Q90o0xXbVvA/HJyxelHanrZszCvDN6RzhhDYA3jlqzw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp-test.it.su.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp-test.it.su.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp-test.it.su.se/idp/profile/Shibboleth/SSO"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-test.it.su.se/idp/profile/SAML2/POST/SSO"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-test.it.su.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope regexp="false">su.se</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIC+jCCAeKgAwIBAgIJAKvigKUJvExYMA0GCSqGSIb3DQEBBQUAMBwxGjAYBgNV
+BAMTEWlkcC10ZXN0Lml0LnN1LnNlMB4XDTEwMTEwOTA4NTAxNVoXDTIwMTEwNjA4
+NTAxNVowHDEaMBgGA1UEAxMRaWRwLXRlc3QuaXQuc3Uuc2UwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDiy33V1Re/N5Wih2L/TFGyAvHhzmOvT2BS3z6s
+Gtum+WYGbVaGrJK6fD+HG89KoMtbbo8uAW0HJfhnOdbbUL2OEUo8quKbJSq5A/+0
+d7zCxteeZOBZ9yQF/cTNtgwVdreYitKD8E0LsTUBnpmomGS4icR3b3KyDVdgexof
+85boL4QYGtDvvBLAR67YHnzFl6sMYY46/ptThge8FrRYE4IzMT7JiOzakrCje8tI
+dDHjLFgIjR4e/oOD/qe/VQBBx+BXYOGK80iq5Q1I/MCIcYPNgu4QRaBM6sgCEbzZ
+BAKvKUwOUG6ISQMClGjpzgGd22OClxXcjakMFuWHEDCh13IdAgMBAAGjPzA9MBwG
+A1UdEQQVMBOCEWlkcC10ZXN0Lml0LnN1LnNlMB0GA1UdDgQWBBTENxJoYSkc0MtD
+9crsO+Sb8o1vmTANBgkqhkiG9w0BAQUFAAOCAQEATQcvg19g3IBDwwTVfMFTVfFc
+ltpedRKvdiS2XNq2jy+/97n2M2Xc4vpUqKJayxwpkN180VCV873zbI81MRCApeJH
+wFYke5r9OSwriiTPgijAAOm6K8++PfNfYOOoo/G/7akcL4dmeu8vKzwE67GAPm+N
++uRvOFivpJ137xlATclXtP4riW0fqagqQDKwJVULLfyeve8+mDlpYg2/dz5hqb6V
+UebM+vdVeYb0JLMqQevfKMQVbhC3sLuZEGHLh0VE/ZSY5GQGDAshuw0e7Xfrxcd6
+0P3iPg1br/W070Wfs66Q90o0xXbVvA/HJyxelHanrZszCvDN6RzhhDYA3jlqzw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp-test.it.su.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp-test.it.su.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="sv">Stockholms universitet (test)</OrganizationDisplayName>
+ <OrganizationDisplayName xml:lang="en">Stockholm University (test)</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <Company>Stockholm University</Company>
+ <SurName>Helpdesk</SurName>
+ <EmailAddress>mailto:helpdesk@su.se</EmailAddress>
+ <TelephoneNumber>+46 8 16 1999</TelephoneNumber>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm University</Company>
+ <SurName>Helpdesk</SurName>
+ <EmailAddress>mailto:helpdesk@su.se</EmailAddress>
+ <TelephoneNumber>+46 8 16 1999</TelephoneNumber>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <Company>Stockholm University</Company>
+ <SurName>Helpdesk</SurName>
+ <EmailAddress>mailto:helpdesk@su.se</EmailAddress>
+ <TelephoneNumber>+46 8 16 1999</TelephoneNumber>
+ </ContactPerson>
+</EntityDescriptor>
diff --git a/swamid-2.0/idp-test.suni.se-adfs-services-trust.xml b/swamid-2.0/idp-test.suni.se-adfs-services-trust.xml
index 05ed857c..6449707a 100644
--- a/swamid-2.0/idp-test.suni.se-adfs-services-trust.xml
+++ b/swamid-2.0/idp-test.suni.se-adfs-services-trust.xml
@@ -1,148 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="http://idp-test.suni.se/adfs/services/trust">
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="idp-test.suni.se">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC4jCCAcqgAwIBAgIQek/EaOs9V7VFR7XG3cPV/TANBgkqhkiG9w0BAQsFADAtMSswKQYDVQQDEyJBREZTIEVuY3J5cHRpb24gLSBpZHAtdGVzdC5zdW5pLnNlMB4XDTE3MDIxNTE1NTM0MFoXDTE4MDIxNTE1NTM0MFowLTErMCkGA1UEAxMiQURGUyBFbmNyeXB0aW9uIC0gaWRwLXRlc3Quc3VuaS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMLnQfl7WTniCN9Y4WD6FGtQTtfrU7cto9w/1p3lPZynmiYZ2XoVLCIFOjshhnTtUWSdj5ajAXEWkTE0wuLJKIffDblJbUcdxi1V9uOkHoytCRV7sN48hGm5ayu2aT6j6272R0P7iLhaoU5QR/AWsyo4A/UDRirGa/m0pJyyfhSuHqFmkl9f5voLZLvweHrgWj+ie1xkACeeiKnykKqLgBf4LI5z+PMlhMGbLTGsmH5+ljwUmBqiXh2FMG62//gOBDs7wq1iZIm1DV/4b7yKJrTJgStrgo7XVZfj9+BMbc3NRdYgL/WG6E4t6WP2rhtflDY9/xNm1l5nIW7Wd3+S760CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEABc10A6vq9oVHSxmqh7+hwpT8l6eRZhiBDmNAGUovbLnXeytV02vZc6IXNEI72Qzhh6g0FiGSucxRTrUyMX9FtjR/vBwk16KSLQn0FNNBxqV8Wet9mE5R+1fPGWzulp8YQtz5J31xchGoMieJ7M+TLV1Od0iQSqa3/9pfVV35ui4kiPXSyFhUtvRAn+fvSi8RYg6DVB4IRUskLOEMlYRq1SH8JfaiCwdbd5IzDA7Pe60qxrPVOyBJRylfR770ubyJAxhIvfU2m2nKOw2jALD98jDjQ7/1Nli9kA7vdf2NsMUgR76qGczGepjF2l4MIpV22RwMVbfnVsaC0mTpHMdQkg==</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:TargetScopes>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-test.suni.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-test.suni.se/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-test.suni.se/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-test.suni.se/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-test.suni.se/adfs/ls/</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>http://idp-test.suni.se/adfs/services/trust</Address>
- </EndpointReference>
- </fed:TargetScopes>
- <fed:ApplicationServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-test.suni.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- </fed:ApplicationServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-test.suni.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:SecurityTokenServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="idp-test.suni.se">
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC3DCCAcSgAwIBAgIQdLObATCTf61N9d9qj8ZV0zANBgkqhkiG9w0BAQsFADAqMSgwJgYDVQQDEx9BREZTIFNpZ25pbmcgLSBpZHAtdGVzdC5zdW5pLnNlMB4XDTE3MDIxNTE1NTM0MFoXDTE4MDIxNTE1NTM0MFowKjEoMCYGA1UEAxMfQURGUyBTaWduaW5nIC0gaWRwLXRlc3Quc3VuaS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALWUL0Drry/FB46wntV1iIOsBg6QqXrvDlCGaJ/O1JhJ2/ZeqACcCKPZySJSQ+0x5R3V9rbbI4an1JM20Bktjf0xmfT2+80QgGjvNi2W5drem+t7SOAvCBa8RvkYkY2lX/wee6bInkAlsAtQZ9o9ffgYVxlOUW+USR+7XT6F9wtTVrZSX2QK4whj9JWdyA/sQLgjeWU8WFN506KZERm3ua1wpV5EoCOnShIamGhfpgaRVNPI9pcyw0gwXeMdDfPYhfBFni1Tn9tLdsYj878P/3irKwkcTtC3VgYnKsI9U6XJzG5w1wfzTJEnSp9HVhF7UaFcEYTgb3sXunGKwz49ABsCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAQf4xSVepvO2OtF1AokPidv0o1RHYsmJjREfn/bJVV0SQKaYCUx75rPaPUEQTqY3vLdongoJmRaM2hudr5fF+iGRsvIAPoZQcESOZ55k9ff2Ix4yj3CrH93RCbiWDlx80xgjIP5NrsZsrq9YSV6IQCml77qAwYdg7LqeLie1rmgh59PnrIxKO9JoDp8ZYJV1fAaaEpnuqbmUlL51RFNHsyujvc3i991yHCifeDVseOZchZAafmnHHphfsUdlInrohcy4p9nFC8/DdUmipViTAvB6HVvU18lw9dUBU8D4m+RitudnecZdxABWfb4l63j+PhPHDmHS1AuWF0Shs5yrXBQ==</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:TokenTypesOffered>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:2.0:assertion"/>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion"/>
- </fed:TokenTypesOffered>
- <fed:ClaimTypesOffered>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:mace:dir:attribute-def:eduPersonEntitlement" Optional="true">
- <auth:DisplayName>eduPersonEntitlement</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:mace:dir:attribute-def:eduPersonScopedAffiliation" Optional="true">
- <auth:DisplayName>eduPersonScopedAffiliation</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:mace:dir:attribute-def:norEduPersonNIN" Optional="true">
- <auth:DisplayName>norEduPersonNIN</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:mace:dir:attribute-def:vfu" Optional="true">
- <auth:DisplayName>vfu</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/cn" Optional="true">
- <auth:DisplayName>cn</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/displayname" Optional="true">
- <auth:DisplayName>Display Name</auth:DisplayName>
- </auth:ClaimType>
- </fed:ClaimTypesOffered>
- <fed:SecurityTokenServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-test.suni.se/adfs/services/trust/2005/certificatemixed</Address>
- <Metadata>
- <Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataSection xmlns="" Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataReference>
- <Address xmlns="http://www.w3.org/2005/08/addressing">https://idp-test.suni.se/adfs/services/trust/mex</Address>
- </wsx:MetadataReference>
- </wsx:MetadataSection>
- </Metadata>
- </Metadata>
- </EndpointReference>
- </fed:SecurityTokenServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-test.suni.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
<SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<KeyDescriptor use="encryption">
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
@@ -202,25 +59,6 @@
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-test.suni.se/adfs/ls/"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-test.suni.se/adfs/ls/"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:mace:dir:attribute-def:eduPersonEntitlement" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonEntitlement"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:mace:dir:attribute-def:eduPersonScopedAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonScopedAffiliation"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:mace:dir:attribute-def:norEduPersonNIN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="norEduPersonNIN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:mace:dir:attribute-def:vfu" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="vfu"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/cn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="cn"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Display Name"/>
</IDPSSODescriptor>
<Organization>
<OrganizationName xml:lang="sv">Södertörns högskola</OrganizationName>
diff --git a/swamid-2.0/idp-v2.konstfack.se-adfs-services-trust.xml b/swamid-2.0/idp-v2.konstfack.se-adfs-services-trust.xml
index 05f86228..62e3371b 100644
--- a/swamid-2.0/idp-v2.konstfack.se-adfs-services-trust.xml
+++ b/swamid-2.0/idp-v2.konstfack.se-adfs-services-trust.xml
@@ -4,622 +4,6 @@
<shibmd:Scope regexp="false">konstfack.se</shibmd:Scope>
<shibmd:Scope regexp="false">student.konstfack.se</shibmd:Scope>
</Extensions>
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="idp-v2.konstfack.se">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIFbjCCBFagAwIBAgIIWVVUmcWy8KMwDQYJKoZIhvcNAQELBQAwgcYxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydHMuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3NpdG9yeS8xNDAyBgNVBAMTK1N0YXJmaWVsZCBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwHhcNMTYwMzE4MTEwODM4WhcNMTkwMzE4MTEwODM4WjBBMSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxHDAaBgNVBAMTE2lkcC12Mi5rb25zdGZhY2suc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc4aKJIr/SA+wVmhBWdivMqvsQGRaD7oDlOzpiOykD4P7DD7w9ex+xe/Gz+RTU5Hh8f++h4rRv6yMopON52WTEIe2S39LmQ+f0WWq1NsPkJFwynGmvVWmlR+gu8JgtWB19IGplBF5i7wLdN5W8ENcsm/mO7yvhqbLeKcNXtEdQuXbNnAVuA74cx5rkP7QesSO9nEfbfuIZTgg0kz5lza7wcqbzxmpvuTbrufU5iVLsLNtaF04OzUy0h0159GruioZ9olRZGAoiRiyK+zqNlbGa29LoChE4uVh6f55/fyvT5b3g2A4vq0/evDtdvy2FkjpIzitlVIBY01wIz+v74FGFAgMBAAGjggHiMIIB3jAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5zdGFyZmllbGR0ZWNoLmNvbS9zZmlnMnMxLTI1LmNybDBjBgNVHSAEXDBaME4GC2CGSAGG/W4BBxcBMD8wPQYIKwYBBQUHAgEWMWh0dHA6Ly9jZXJ0aWZpY2F0ZXMuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMIGCBggrBgEFBQcBAQR2MHQwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnN0YXJmaWVsZHRlY2guY29tLzBGBggrBgEFBQcwAoY6aHR0cDovL2NlcnRpZmljYXRlcy5zdGFyZmllbGR0ZWNoLmNvbS9yZXBvc2l0b3J5L3NmaWcyLmNydDAfBgNVHSMEGDAWgBQlRYFoUCY4PTstLL7Natm2PbNmYzA3BgNVHREEMDAughNpZHAtdjIua29uc3RmYWNrLnNlghd3d3cuaWRwLXYyLmtvbnN0ZmFjay5zZTAdBgNVHQ4EFgQUSE3LMcug5Hdxxvf0OQ6En7Ft7aMwDQYJKoZIhvcNAQELBQADggEBACOXE7ZTDnPZjQLJOm+/Hs7hhruDNEGe92RxrcjItfsGZLHYXYIgppaZNpp2wduWBWCKZmVGq9zfNvRQDBdBU+VQ/O1YeGAytdc1Se31q6hHxcrka1P9FtY5Vpt22/uerSio/Bm2n/iVmWSb1D0oevRzXTZtpNFDHHnTxbQoezhFi1RkCv7oLgtTh2ZXTcZkrFg2UGYeStVApeXTCVdHzf5yoZf7rRsyt4RVwkkkQQRGOPsL8K4QJmX7aT5llbcdDchNQ/gnJxxL/EVkEmzRHRirFITQ4TD+IymODaYeJ5Fh+PD/tgYuYcQT2q0W3YoysFX/43oq0IJqtTJzVQnlPfk=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:ClaimTypesRequested>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
- <auth:DisplayName>Client IP</auth:DisplayName>
- <auth:Description>IP address of the client</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
- <auth:DisplayName>Endpoint Path</auth:DisplayName>
- <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2013/11/alternateloginid" Optional="true">
- <auth:DisplayName>Alternate Login ID</auth:DisplayName>
- <auth:Description>Alternate login ID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/employeeID" Optional="true">
- <auth:DisplayName>employeeID</auth:DisplayName>
- </auth:ClaimType>
- </fed:ClaimTypesRequested>
- <fed:TargetScopes>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-v2.konstfack.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-v2.konstfack.se/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-v2.konstfack.se/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-v2.konstfack.se/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-v2.konstfack.se/adfs/ls/</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-v2.konstfack.se/adfs/services/trust</Address>
- </EndpointReference>
- </fed:TargetScopes>
- <fed:ApplicationServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-v2.konstfack.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- </fed:ApplicationServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-v2.konstfack.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:SecurityTokenServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="idp-v2.konstfack.se">
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIFbjCCBFagAwIBAgIIWVVUmcWy8KMwDQYJKoZIhvcNAQELBQAwgcYxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydHMuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3NpdG9yeS8xNDAyBgNVBAMTK1N0YXJmaWVsZCBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwHhcNMTYwMzE4MTEwODM4WhcNMTkwMzE4MTEwODM4WjBBMSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxHDAaBgNVBAMTE2lkcC12Mi5rb25zdGZhY2suc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc4aKJIr/SA+wVmhBWdivMqvsQGRaD7oDlOzpiOykD4P7DD7w9ex+xe/Gz+RTU5Hh8f++h4rRv6yMopON52WTEIe2S39LmQ+f0WWq1NsPkJFwynGmvVWmlR+gu8JgtWB19IGplBF5i7wLdN5W8ENcsm/mO7yvhqbLeKcNXtEdQuXbNnAVuA74cx5rkP7QesSO9nEfbfuIZTgg0kz5lza7wcqbzxmpvuTbrufU5iVLsLNtaF04OzUy0h0159GruioZ9olRZGAoiRiyK+zqNlbGa29LoChE4uVh6f55/fyvT5b3g2A4vq0/evDtdvy2FkjpIzitlVIBY01wIz+v74FGFAgMBAAGjggHiMIIB3jAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5zdGFyZmllbGR0ZWNoLmNvbS9zZmlnMnMxLTI1LmNybDBjBgNVHSAEXDBaME4GC2CGSAGG/W4BBxcBMD8wPQYIKwYBBQUHAgEWMWh0dHA6Ly9jZXJ0aWZpY2F0ZXMuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMIGCBggrBgEFBQcBAQR2MHQwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnN0YXJmaWVsZHRlY2guY29tLzBGBggrBgEFBQcwAoY6aHR0cDovL2NlcnRpZmljYXRlcy5zdGFyZmllbGR0ZWNoLmNvbS9yZXBvc2l0b3J5L3NmaWcyLmNydDAfBgNVHSMEGDAWgBQlRYFoUCY4PTstLL7Natm2PbNmYzA3BgNVHREEMDAughNpZHAtdjIua29uc3RmYWNrLnNlghd3d3cuaWRwLXYyLmtvbnN0ZmFjay5zZTAdBgNVHQ4EFgQUSE3LMcug5Hdxxvf0OQ6En7Ft7aMwDQYJKoZIhvcNAQELBQADggEBACOXE7ZTDnPZjQLJOm+/Hs7hhruDNEGe92RxrcjItfsGZLHYXYIgppaZNpp2wduWBWCKZmVGq9zfNvRQDBdBU+VQ/O1YeGAytdc1Se31q6hHxcrka1P9FtY5Vpt22/uerSio/Bm2n/iVmWSb1D0oevRzXTZtpNFDHHnTxbQoezhFi1RkCv7oLgtTh2ZXTcZkrFg2UGYeStVApeXTCVdHzf5yoZf7rRsyt4RVwkkkQQRGOPsL8K4QJmX7aT5llbcdDchNQ/gnJxxL/EVkEmzRHRirFITQ4TD+IymODaYeJ5Fh+PD/tgYuYcQT2q0W3YoysFX/43oq0IJqtTJzVQnlPfk=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:TokenTypesOffered>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:2.0:assertion"/>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion"/>
- </fed:TokenTypesOffered>
- <fed:ClaimTypesOffered>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
- <auth:DisplayName>Client IP</auth:DisplayName>
- <auth:Description>IP address of the client</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
- <auth:DisplayName>Endpoint Path</auth:DisplayName>
- <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2013/11/alternateloginid" Optional="true">
- <auth:DisplayName>Alternate Login ID</auth:DisplayName>
- <auth:Description>Alternate login ID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/employeeID" Optional="true">
- <auth:DisplayName>employeeID</auth:DisplayName>
- </auth:ClaimType>
- </fed:ClaimTypesOffered>
- <fed:SecurityTokenServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-v2.konstfack.se/adfs/services/trust/2005/certificatemixed</Address>
- <Metadata>
- <Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataSection xmlns="" Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataReference>
- <Address xmlns="http://www.w3.org/2005/08/addressing">https://idp-v2.konstfack.se/adfs/services/trust/mex</Address>
- </wsx:MetadataReference>
- </wsx:MetadataSection>
- </Metadata>
- </Metadata>
- </EndpointReference>
- </fed:SecurityTokenServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-v2.konstfack.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
- <SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIFbjCCBFagAwIBAgIIWVVUmcWy8KMwDQYJKoZIhvcNAQELBQAwgcYxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydHMuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3NpdG9yeS8xNDAyBgNVBAMTK1N0YXJmaWVsZCBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwHhcNMTYwMzE4MTEwODM4WhcNMTkwMzE4MTEwODM4WjBBMSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxHDAaBgNVBAMTE2lkcC12Mi5rb25zdGZhY2suc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc4aKJIr/SA+wVmhBWdivMqvsQGRaD7oDlOzpiOykD4P7DD7w9ex+xe/Gz+RTU5Hh8f++h4rRv6yMopON52WTEIe2S39LmQ+f0WWq1NsPkJFwynGmvVWmlR+gu8JgtWB19IGplBF5i7wLdN5W8ENcsm/mO7yvhqbLeKcNXtEdQuXbNnAVuA74cx5rkP7QesSO9nEfbfuIZTgg0kz5lza7wcqbzxmpvuTbrufU5iVLsLNtaF04OzUy0h0159GruioZ9olRZGAoiRiyK+zqNlbGa29LoChE4uVh6f55/fyvT5b3g2A4vq0/evDtdvy2FkjpIzitlVIBY01wIz+v74FGFAgMBAAGjggHiMIIB3jAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5zdGFyZmllbGR0ZWNoLmNvbS9zZmlnMnMxLTI1LmNybDBjBgNVHSAEXDBaME4GC2CGSAGG/W4BBxcBMD8wPQYIKwYBBQUHAgEWMWh0dHA6Ly9jZXJ0aWZpY2F0ZXMuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMIGCBggrBgEFBQcBAQR2MHQwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnN0YXJmaWVsZHRlY2guY29tLzBGBggrBgEFBQcwAoY6aHR0cDovL2NlcnRpZmljYXRlcy5zdGFyZmllbGR0ZWNoLmNvbS9yZXBvc2l0b3J5L3NmaWcyLmNydDAfBgNVHSMEGDAWgBQlRYFoUCY4PTstLL7Natm2PbNmYzA3BgNVHREEMDAughNpZHAtdjIua29uc3RmYWNrLnNlghd3d3cuaWRwLXYyLmtvbnN0ZmFjay5zZTAdBgNVHQ4EFgQUSE3LMcug5Hdxxvf0OQ6En7Ft7aMwDQYJKoZIhvcNAQELBQADggEBACOXE7ZTDnPZjQLJOm+/Hs7hhruDNEGe92RxrcjItfsGZLHYXYIgppaZNpp2wduWBWCKZmVGq9zfNvRQDBdBU+VQ/O1YeGAytdc1Se31q6hHxcrka1P9FtY5Vpt22/uerSio/Bm2n/iVmWSb1D0oevRzXTZtpNFDHHnTxbQoezhFi1RkCv7oLgtTh2ZXTcZkrFg2UGYeStVApeXTCVdHzf5yoZf7rRsyt4RVwkkkQQRGOPsL8K4QJmX7aT5llbcdDchNQ/gnJxxL/EVkEmzRHRirFITQ4TD+IymODaYeJ5Fh+PD/tgYuYcQT2q0W3YoysFX/43oq0IJqtTJzVQnlPfk=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIFbjCCBFagAwIBAgIIWVVUmcWy8KMwDQYJKoZIhvcNAQELBQAwgcYxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydHMuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3NpdG9yeS8xNDAyBgNVBAMTK1N0YXJmaWVsZCBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwHhcNMTYwMzE4MTEwODM4WhcNMTkwMzE4MTEwODM4WjBBMSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxHDAaBgNVBAMTE2lkcC12Mi5rb25zdGZhY2suc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc4aKJIr/SA+wVmhBWdivMqvsQGRaD7oDlOzpiOykD4P7DD7w9ex+xe/Gz+RTU5Hh8f++h4rRv6yMopON52WTEIe2S39LmQ+f0WWq1NsPkJFwynGmvVWmlR+gu8JgtWB19IGplBF5i7wLdN5W8ENcsm/mO7yvhqbLeKcNXtEdQuXbNnAVuA74cx5rkP7QesSO9nEfbfuIZTgg0kz5lza7wcqbzxmpvuTbrufU5iVLsLNtaF04OzUy0h0159GruioZ9olRZGAoiRiyK+zqNlbGa29LoChE4uVh6f55/fyvT5b3g2A4vq0/evDtdvy2FkjpIzitlVIBY01wIz+v74FGFAgMBAAGjggHiMIIB3jAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5zdGFyZmllbGR0ZWNoLmNvbS9zZmlnMnMxLTI1LmNybDBjBgNVHSAEXDBaME4GC2CGSAGG/W4BBxcBMD8wPQYIKwYBBQUHAgEWMWh0dHA6Ly9jZXJ0aWZpY2F0ZXMuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMIGCBggrBgEFBQcBAQR2MHQwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnN0YXJmaWVsZHRlY2guY29tLzBGBggrBgEFBQcwAoY6aHR0cDovL2NlcnRpZmljYXRlcy5zdGFyZmllbGR0ZWNoLmNvbS9yZXBvc2l0b3J5L3NmaWcyLmNydDAfBgNVHSMEGDAWgBQlRYFoUCY4PTstLL7Natm2PbNmYzA3BgNVHREEMDAughNpZHAtdjIua29uc3RmYWNrLnNlghd3d3cuaWRwLXYyLmtvbnN0ZmFjay5zZTAdBgNVHQ4EFgQUSE3LMcug5Hdxxvf0OQ6En7Ft7aMwDQYJKoZIhvcNAQELBQADggEBACOXE7ZTDnPZjQLJOm+/Hs7hhruDNEGe92RxrcjItfsGZLHYXYIgppaZNpp2wduWBWCKZmVGq9zfNvRQDBdBU+VQ/O1YeGAytdc1Se31q6hHxcrka1P9FtY5Vpt22/uerSio/Bm2n/iVmWSb1D0oevRzXTZtpNFDHHnTxbQoezhFi1RkCv7oLgtTh2ZXTcZkrFg2UGYeStVApeXTCVdHzf5yoZf7rRsyt4RVwkkkQQRGOPsL8K4QJmX7aT5llbcdDchNQ/gnJxxL/EVkEmzRHRirFITQ4TD+IymODaYeJ5Fh+PD/tgYuYcQT2q0W3YoysFX/43oq0IJqtTJzVQnlPfk=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-v2.konstfack.se/adfs/ls/"/>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-v2.konstfack.se/adfs/ls/"/>
- <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
- <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-v2.konstfack.se/adfs/ls/" index="0" isDefault="true"/>
- <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://idp-v2.konstfack.se/adfs/ls/" index="1"/>
- </SPSSODescriptor>
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<Extensions>
<shibmd:Scope regexp="false">konstfack.se</shibmd:Scope>
@@ -662,71 +46,6 @@
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-v2.konstfack.se/adfs/ls/"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-v2.konstfack.se/adfs/ls/"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Registered User"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration DisplayName"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS type"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS Version"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Managed Device"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Forwarded Client IP"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Application"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client User Agent"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client IP"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Endpoint Path"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Proxy"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application policies"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authority Key Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Basic Constraint"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Enhanced Key Usage"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Key Usage"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not After"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not Before"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Policies"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Public Key"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Raw Data"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Alternative Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Serial Number"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Signature Algorithm"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Key Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V2 Template Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V1 Template Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Thumbprint"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="X.509 Version"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Inside Corporate Network"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Time"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Days"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Update Password URL"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication Methods References"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Request ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2013/11/alternateloginid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Alternate Login ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/employeeID" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="employeeID"/>
</IDPSSODescriptor>
<Organization>
<OrganizationName xml:lang="sv">Konstfack</OrganizationName>
@@ -739,7 +58,7 @@
<ContactPerson contactType="support">
<GivenName>Håkan</GivenName>
<SurName>Pettersson</SurName>
- <EmailAddress>netsupport@konstfack.se</EmailAddress>
+ <EmailAddress>mailto:netsupport@konstfack.se</EmailAddress>
<TelephoneNumber>+46-8-4504100</TelephoneNumber>
</ContactPerson>
</EntityDescriptor>
diff --git a/swamid-2.0/idp-v2.suni.se-adfs-services-trust.xml b/swamid-2.0/idp-v2.suni.se-adfs-services-trust.xml
index 71f738b2..89712104 100644
--- a/swamid-2.0/idp-v2.suni.se-adfs-services-trust.xml
+++ b/swamid-2.0/idp-v2.suni.se-adfs-services-trust.xml
@@ -3,605 +3,6 @@
<Extensions>
<shibmd:Scope xmlns="" regexp="false">suni.se</shibmd:Scope>
</Extensions>
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="idp-v2.suni.se">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIFMjCCBBqgAwIBAgIQAm3ZwLUL7U5eOFDOgDO7bDANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wgQ0EgMzAeFw0xNjAzMTUwMDAwMDBaFw0xOTAzMjAxMjAwMDBaMHsxCzAJBgNVBAYTAlNFMRIwEAYDVQQIEwlTdG9ja2hvbG0xETAPBgNVBAcTCEh1ZGRpbmdlMR8wHQYDVQQKDBZTw7ZkZXJ0w7ZybnMgaMO2Z3Nrb2xhMQswCQYDVQQLEwJJVDEXMBUGA1UEAxMOaWRwLXYyLnN1bmkuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOXlJ5/dL14M8QLLElvZWd3UQYlu5Ofu5amzIWCbxSisc2dga7auPgo4q+NDWhQMFI1kVYKD5T4AaKVbM6FSwW1alOsaDmVYkqv/z21bTa4bzqwg/GXtlIoxgQI3spHoVCqn2lB4iWD9YHb+85F+BlY4OBgLzUCpXM2w6eIMEfqghRc0XaDUvX1+eymVkKMQ+UNpc9IDkwvaKgQVaEo1hRl76bEVytBtAerMylEvAa7AFs5VBXCA6aoW4hXvYNnL6jJv5gh4kD1vH1WvOA0WlR0wRaO5nRwwPm1kMREXhweP9/l2AXPB9FuceGBz3P16SZKZ2TO4zXhqiEXZFIMqn5AgMBAAGjggHHMIIBwzAfBgNVHSMEGDAWgBRn/YggFCeYxwnSJRm76VERY3VQYjAdBgNVHQ4EFgQUWx+gXBAJLGLQqiZF+QPFw1TJmbgwGQYDVR0RBBIwEIIOaWRwLXYyLnN1bmkuc2UwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vVEVSRU5BU1NMQ0EzLmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1RFUkVOQVNTTENBMy5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwbgYIKwYBBQUHAQEEYjBgMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOAYIKwYBBQUHMAKGLGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xDQTMuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBAEyWyos2TCFAjsW4+VnJikhoydbbI8h/gMpvJImJbsQBhCCN/j0oJi6wDJ08vWC5gKlLG2YHOlhXN5piygmfIXcfF/BkTL++RuF072Ve7pL0NAcETL3xSXnKHqfKzxqjg9t2gInnqdkowtlx7RZdXIabHYCA3tY6r7cg0MCKQJjJvsMfgqYZjSVnZB1AXiJf0NNkH4Dd0zJPW3FjUa7c1pHW4IQFKZkPFlwT5G1VwGJXxJD/oZBgh5dXB/FE1wAJtQyCneg0yKP6T77dPXG96ev15NV7qcFeo7haDeMbGCtDNjzCP/vhiUo1gHYXOUKMkeIIlsyOnWYZApO96h0WfDk=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:ClaimTypesRequested>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
- <auth:DisplayName>Client IP</auth:DisplayName>
- <auth:Description>IP address of the client</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
- <auth:DisplayName>Endpoint Path</auth:DisplayName>
- <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2013/11/alternateloginid" Optional="true">
- <auth:DisplayName>Alternate Login ID</auth:DisplayName>
- <auth:Description>Alternate login ID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/norEduPersonNIN" Optional="true">
- <auth:DisplayName>norEduPersonNIN</auth:DisplayName>
- </auth:ClaimType>
- </fed:ClaimTypesRequested>
- <fed:TargetScopes>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-v2.suni.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-v2.suni.se/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-v2.suni.se/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-v2.suni.se/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-v2.suni.se/adfs/ls/</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-v2.suni.se/adfs/services/trust</Address>
- </EndpointReference>
- </fed:TargetScopes>
- <fed:ApplicationServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-v2.suni.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- </fed:ApplicationServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-v2.suni.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:SecurityTokenServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="idp-v2.suni.se">
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIFMjCCBBqgAwIBAgIQAm3ZwLUL7U5eOFDOgDO7bDANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wgQ0EgMzAeFw0xNjAzMTUwMDAwMDBaFw0xOTAzMjAxMjAwMDBaMHsxCzAJBgNVBAYTAlNFMRIwEAYDVQQIEwlTdG9ja2hvbG0xETAPBgNVBAcTCEh1ZGRpbmdlMR8wHQYDVQQKDBZTw7ZkZXJ0w7ZybnMgaMO2Z3Nrb2xhMQswCQYDVQQLEwJJVDEXMBUGA1UEAxMOaWRwLXYyLnN1bmkuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOXlJ5/dL14M8QLLElvZWd3UQYlu5Ofu5amzIWCbxSisc2dga7auPgo4q+NDWhQMFI1kVYKD5T4AaKVbM6FSwW1alOsaDmVYkqv/z21bTa4bzqwg/GXtlIoxgQI3spHoVCqn2lB4iWD9YHb+85F+BlY4OBgLzUCpXM2w6eIMEfqghRc0XaDUvX1+eymVkKMQ+UNpc9IDkwvaKgQVaEo1hRl76bEVytBtAerMylEvAa7AFs5VBXCA6aoW4hXvYNnL6jJv5gh4kD1vH1WvOA0WlR0wRaO5nRwwPm1kMREXhweP9/l2AXPB9FuceGBz3P16SZKZ2TO4zXhqiEXZFIMqn5AgMBAAGjggHHMIIBwzAfBgNVHSMEGDAWgBRn/YggFCeYxwnSJRm76VERY3VQYjAdBgNVHQ4EFgQUWx+gXBAJLGLQqiZF+QPFw1TJmbgwGQYDVR0RBBIwEIIOaWRwLXYyLnN1bmkuc2UwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vVEVSRU5BU1NMQ0EzLmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1RFUkVOQVNTTENBMy5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwbgYIKwYBBQUHAQEEYjBgMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOAYIKwYBBQUHMAKGLGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xDQTMuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBAEyWyos2TCFAjsW4+VnJikhoydbbI8h/gMpvJImJbsQBhCCN/j0oJi6wDJ08vWC5gKlLG2YHOlhXN5piygmfIXcfF/BkTL++RuF072Ve7pL0NAcETL3xSXnKHqfKzxqjg9t2gInnqdkowtlx7RZdXIabHYCA3tY6r7cg0MCKQJjJvsMfgqYZjSVnZB1AXiJf0NNkH4Dd0zJPW3FjUa7c1pHW4IQFKZkPFlwT5G1VwGJXxJD/oZBgh5dXB/FE1wAJtQyCneg0yKP6T77dPXG96ev15NV7qcFeo7haDeMbGCtDNjzCP/vhiUo1gHYXOUKMkeIIlsyOnWYZApO96h0WfDk=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:TokenTypesOffered>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:2.0:assertion"/>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion"/>
- </fed:TokenTypesOffered>
- <fed:ClaimTypesOffered>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
- <auth:DisplayName>Client IP</auth:DisplayName>
- <auth:Description>IP address of the client</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
- <auth:DisplayName>Endpoint Path</auth:DisplayName>
- <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2013/11/alternateloginid" Optional="true">
- <auth:DisplayName>Alternate Login ID</auth:DisplayName>
- <auth:Description>Alternate login ID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/norEduPersonNIN" Optional="true">
- <auth:DisplayName>norEduPersonNIN</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/eduPersonEntitlement" Optional="true">
- <auth:DisplayName>eduPersonEntitlement</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/eduPersonScopedAffiliation" Optional="true">
- <auth:DisplayName>eduPersonScopedAffiliation</auth:DisplayName>
- </auth:ClaimType>
- </fed:ClaimTypesOffered>
- <fed:SecurityTokenServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-v2.suni.se/adfs/services/trust/2005/certificatemixed</Address>
- <Metadata>
- <Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataSection xmlns="" Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataReference>
- <Address xmlns="http://www.w3.org/2005/08/addressing">https://idp-v2.suni.se/adfs/services/trust/mex</Address>
- </wsx:MetadataReference>
- </wsx:MetadataSection>
- </Metadata>
- </Metadata>
- </EndpointReference>
- </fed:SecurityTokenServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp-v2.suni.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
<SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<KeyDescriptor use="encryption">
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
@@ -660,73 +61,6 @@
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-v2.suni.se/adfs/ls/"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-v2.suni.se/adfs/ls/"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Registered User"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration DisplayName"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS type"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS Version"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Managed Device"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Forwarded Client IP"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Application"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client User Agent"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client IP"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Endpoint Path"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Proxy"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application policies"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authority Key Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Basic Constraint"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Enhanced Key Usage"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Key Usage"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not After"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not Before"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Policies"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Public Key"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Raw Data"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Alternative Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Serial Number"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Signature Algorithm"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Key Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V2 Template Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V1 Template Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Thumbprint"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="X.509 Version"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Inside Corporate Network"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Time"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Days"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Update Password URL"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication Methods References"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Request ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2013/11/alternateloginid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Alternate Login ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/norEduPersonNIN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="norEduPersonNIN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/eduPersonEntitlement" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonEntitlement"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/eduPersonScopedAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonScopedAffiliation"/>
</IDPSSODescriptor>
<Organization>
<OrganizationName xml:lang="sv">Södertörns högskola</OrganizationName>
diff --git a/swamid-2.0/idp.chalmers.se-adfs-services-trust.xml b/swamid-2.0/idp.chalmers.se-adfs-services-trust.xml
index 5b837945..6880b119 100644
--- a/swamid-2.0/idp.chalmers.se-adfs-services-trust.xml
+++ b/swamid-2.0/idp.chalmers.se-adfs-services-trust.xml
@@ -8,286 +8,6 @@
</saml:Attribute>
</attr:EntityAttributes>
</Extensions>
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="idp.chalmers.se">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIEgjCCA2qgAwIBAgIRAJmWfwVBm8cQS1Ty7e6QuJgwDQYJKoZIhvcNAQEFBQAwNjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5BIFNTTCBDQTAeFw0xMTAxMjcwMDAwMDBaFw0xNDAxMjYyMzU5NTlaMF0xCzAJBgNVBAYTAlNFMSYwJAYDVQQKEx1DaGFsbWVycyBUZWtuaXNrYSBIb2dza29sYSBBQjEMMAoGA1UECxMDSVRTMRgwFgYDVQQDEw9pZHAuY2hhbG1lcnMuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj5S9nh00xzrsXmphDbOz4RPwG0JONHrBtVOm6NNwTTQhl8eZSG4oIT/ATXAaQjGXAnz04HDShP6xKwsPN0wZTpuEci4XLlbUaWvcuefPAwGO8Be/HWEB03ilM+FLmJ55CYvpFfxbuElA30YzQcw2xU637g/+rshELRCMZB9Thp3j0tZ09sQTXbodnStm3hN0azuqvtXhZ63+q47GpocyiOlj7wHY6zZ4OfCj2YxFIeiLBBur6/mBKH3uA/xkuIv6NPAN+BI0L4iH1q+umCjeE/qfzWLO3Fe3ngYTWx0YFEIduRWCz7fyLUITNJBSK7YENFdIB0g8wXBWcTVpAv08RAgMBAAGjggFiMIIBXjAfBgNVHSMEGDAWgBQMvZNoDPPeq6NJays3V0fqkOO57TAdBgNVHQ4EFgQU6ZdOotf55GTP/djvkXZgjXBGSqQwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBgGA1UdIAQRMA8wDQYLKwYBBAGyMQECAh0wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcmwwbQYIKwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAChilodHRwOi8vY3J0LnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNydDAmBggrBgEFBQcwAYYaaHR0cDovL29jc3AudGNzLnRlcmVuYS5vcmcwGgYDVR0RBBMwEYIPaWRwLmNoYWxtZXJzLnNlMA0GCSqGSIb3DQEBBQUAA4IBAQBsPH77mopZLCpQgcrIYyZJfGKrXb7rQ4NNaBOR8o/KLNptvY7NPtOnu0HRJrYfZIx4Abj0VgDs/CBWSnBJQcE+aGMQmcPhrSDua9S5p+Cpq4AV7bhCRIovWPFPNQ7TTYRKCkFCmnkM/Y3EyliddxM1JsIL5rw+k8/O/KUJPCSff7yDsSmse5qUrJ12Nh+aG/MB4NknOJuAsLjs0HpIjdVTNFb9dbhrE+8x3AiL0Nk9G69gff1V7uxndvWhCoDUW3RVkpj9xssfHj4atp9F7t3q0bKdt7Y3HWQm8wpSJd7OUWI2WXbA6kjI2YZtFcUCOzy32crsMxLXKsHJyMp/XYyw</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:ClaimTypesRequested>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or ADFS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or ADFS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of &lt;domain&gt;\&lt;user&gt;</auth:Description>
- </auth:ClaimType>
- </fed:ClaimTypesRequested>
- <fed:TargetScopes>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp.chalmers.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp.chalmers.se/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp.chalmers.se/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp.chalmers.se/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp.chalmers.se/adfs/ls/</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>http://idp.chalmers.se/adfs/services/trust</Address>
- </EndpointReference>
- </fed:TargetScopes>
- <fed:ApplicationServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp.chalmers.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- </fed:ApplicationServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp.chalmers.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:SecurityTokenServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="idp.chalmers.se">
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIH8zCCBtugAwIBAgIQDaNbpG1dZnWHBOxGpbv0rTANBgkqhkiG9w0BAQsFADBzMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExJzAlBgNVBAMTHlRFUkVOQSBTU0wgSGlnaCBBc3N1cmFuY2UgQ0EgMzAeFw0xNzAxMTcwMDAwMDBaFw0xOTAxMjIxMjAwMDBaMIIBCDEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCU0UxFDASBgNVBAUTCzU1NjQ3OS01NTk4MRowGAYDVQQJExFDaGFsbWVyc3BsYXRzZW4gNDESMBAGA1UEERMJU0UtNDEyIDk2MQswCQYDVQQGEwJTRTEaMBgGA1UECAwRVsOkc3RyYSBHw7Z0YWxhbmQxEjAQBgNVBAcMCUfDtnRlYm9yZzEnMCUGA1UECgweQ2hhbG1lcnMgVGVrbmlza2EgSMO2Z3Nrb2xhIEFCMQwwCgYDVQQLEwNJVEExGDAWBgNVBAMTD2lkcC5jaGFsbWVycy5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALFvAWT7LPS4Gl0ywiMIHcPGzNFqgqtg1NveV5iPnHgTlh+T72kcQ099F2ueXIP0mC5r6Eguy8Hv4sTHajnLPmaRFWgs8VXbIRI+8UdmAeWomJAZbkS9iUbsToii+ShKGrvOoIenCagRbmjp+Sjz571sOZ8D/LQCWguvyQgeXToZXUD63OGsqu/FdOdWQUKcxxu2fAbqpJmdzetQmNVfdXPBulhGvhIDYU/3y2E+wUH45+4TQAYMOvcAuQpdVcuQf35G1IHRVbfnwbiDmIKAbkgAJKyETtNYzzkKEO7Mk7BVrlN8Hr7ny37Y+j6AVYm4SXgwJwOfbfuyZupGoqr1xGkCAwEAAaOCA+owggPmMB8GA1UdIwQYMBaAFMK4hdfhuRO90Ui8/V7cfZBCeoqpMB0GA1UdDgQWBBS6y7/8EjtLFGwWYPrfbZOSIHUdsjAaBgNVHREEEzARgg9pZHAuY2hhbG1lcnMuc2UwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBhQYDVR0fBH4wfDA8oDqgOIY2aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL1RFUkVOQVNTTEhpZ2hBc3N1cmFuY2VDQTMuY3JsMDygOqA4hjZodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vVEVSRU5BU1NMSGlnaEFzc3VyYW5jZUNBMy5jcmwwSwYDVR0gBEQwQjA3BglghkgBhv1sAgEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAHBgVngQwBATB7BggrBgEFBQcBAQRvMG0wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBFBggrBgEFBQcwAoY5aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL1RFUkVOQVNTTEhpZ2hBc3N1cmFuY2VDQTMuY3J0MAwGA1UdEwEB/wQCMAAwggH3BgorBgEEAdZ5AgQCBIIB5wSCAeMB4QB3AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABWaxG10EAAAQDAEgwRgIhAJ8aHnkMZUnmS8b14TxpxJ6bF0D+FyupZHydymr6eiUUAiEAxuc4R2xGwsTpTyiGrzjOhpFp1m8OxCXm6yy8DYnk8K8AdgBWFAaaL9fC7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ3QAAAVmsRtgtAAAEAwBHMEUCIFKcHShfX2Vx0U6nMdOybcllepBjF/LBXosy+tF7uJ0gAiEAiKWCgJ8xNHsiPrnOjsSbgK/em6CxvJpTm7izwgd5jIwAdwDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAVmsRto2AAAEAwBIMEYCIQDgfq25uMuMnrenJ51ZO7iod0XsZtmlYPAXkVMga4xdSQIhAIQmrpUzpznhNfawdvezpjQWlDF8G18HFD0woxX11Do2AHUAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFZrEbX8gAABAMARjBEAiAM8ZPi1tdEYR0RyY8lmlacibWB/jNVvhx6Xk3C+UNqVgIgDNDJu1z9oSB0H3Kn06flyp8sM7/2MbFpYItnoRLgJYgwDQYJKoZIhvcNAQELBQADggEBAE9MAeAKr+x0//3fQrt9lbyrJzEfISNp4g85PGGwVoBZL1LBDAMqLhtpnzVxpXBjQ51w94F2EM/dZVTQRnOjMby13diSqiui8FhGapmVJ6QR+Asw8r2JLQPpwE/isyaSy2JE4nBDZI8zf4uGxYGMu9/TACsGwnz9TO8pWsFgq9K7OgH+zibB3vGjTqZGy6nETbQcuHyZry6RDQM4edU5GNAVWDebpgWlRGfp648tPOaaku10gWwv3eWjOIEF/3SjGJ4/QvoQZD+bTc6kKPIdvI9wr3Hmn4rFA+kR8p3Pq6vwaiZmdEV2v+iKJG0QArS/ZIhQ3ogLOxWoYHNMu/G4K9I=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIEazCCA1OgAwIBAgIQYiCzN6Gt8LkhjGEzm+oYbzANBgkqhkiG9w0BAQUFADA2MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEgU1NMIENBMB4XDTE0MDEyMDAwMDAwMFoXDTE3MDEyNDIzNTk1OVowPTEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRgwFgYDVQQDEw9pZHAuY2hhbG1lcnMuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmWN/0UvY2KySOfg77U+ORidbq0YyqVSUxTEN5HT0WRRF/k7bdhyNp1mf8OuzefbFbTRwUyqi8BaFSdGaB2ifbyYhprchRdBXQzfS9OSzKRWQrRPPJRc7YF+h0OR2Byjy9Wkm3qzOzbv96DSihNuyhd+q+jUBUoJ+MWAj+K1/rsghrvAcKtedADR+62QaCQCkD6Pv7+njyWWAA1cJAm5KoEzXqANi3SkTwqUYB6PCMKnUBsh/w0I6Qv5lD0i/OXCZJguPhcGM5M/wSZq6iDLdtZ/EDNm82UXO3j+zBFDLSbiWuh74+/dtOyJKYZn5q9lGbhVqvFs/smAztKUSHndmbAgMBAAGjggFsMIIBaDAfBgNVHSMEGDAWgBQMvZNoDPPeq6NJays3V0fqkOO57TAdBgNVHQ4EFgQUaL0QFrip30INB0btXzbf1qhorUswDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAh0wCAYGZ4EMAQIBMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0EuY3JsMG0GCCsGAQUFBwEBBGEwXzA1BggrBgEFBQcwAoYpaHR0cDovL2NydC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcnQwJgYIKwYBBQUHMAGGGmh0dHA6Ly9vY3NwLnRjcy50ZXJlbmEub3JnMBoGA1UdEQQTMBGCD2lkcC5jaGFsbWVycy5zZTANBgkqhkiG9w0BAQUFAAOCAQEAll6pgh+zFiNIwql7sPVIQqhOCRjz1fOYfJUNAQQKiNeiWtZHC0PU7gcdKUmyDEmvdVuvMjnmuBzMCmTwYWBroWPMJCoHvWQGGTElForaG2AU7ghASUeGn2rtXdnj62dbhNhuh/yZfywKmCbRoKYsQB6/6TkmkQcXm7teOqzq3jOjlnJmMCRRSM8z7ZDI6KkcX+FFfsNR9zp76Xi3T6hsfNQJOD593JA7Ub8rX2p3YQIYLNGARfR7fAQoSBgibcGX6buthzFl1Af+ghyy99nezrJ1srvD81AKG7a55znKBcQLPTTsqMlaG9tM9ERe/wQhf9zEUBPDB8PLmA+FfmR3Mg==</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:TokenTypesOffered>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:2.0:assertion"/>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion"/>
- </fed:TokenTypesOffered>
- <fed:ClaimTypesOffered>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or ADFS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or ADFS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of &lt;domain&gt;\&lt;user&gt;</auth:Description>
- </auth:ClaimType>
- </fed:ClaimTypesOffered>
- <fed:SecurityTokenServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp.chalmers.se/adfs/services/trust/2005/certificatemixed</Address>
- <Metadata>
- <Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataSection xmlns="" Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataReference>
- <Address xmlns="http://www.w3.org/2005/08/addressing">https://idp.chalmers.se/adfs/services/trust/mex</Address>
- </wsx:MetadataReference>
- </wsx:MetadataSection>
- </Metadata>
- </Metadata>
- </EndpointReference>
- </fed:SecurityTokenServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://idp.chalmers.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
- <SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIEgjCCA2qgAwIBAgIRAJmWfwVBm8cQS1Ty7e6QuJgwDQYJKoZIhvcNAQEFBQAwNjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5BIFNTTCBDQTAeFw0xMTAxMjcwMDAwMDBaFw0xNDAxMjYyMzU5NTlaMF0xCzAJBgNVBAYTAlNFMSYwJAYDVQQKEx1DaGFsbWVycyBUZWtuaXNrYSBIb2dza29sYSBBQjEMMAoGA1UECxMDSVRTMRgwFgYDVQQDEw9pZHAuY2hhbG1lcnMuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj5S9nh00xzrsXmphDbOz4RPwG0JONHrBtVOm6NNwTTQhl8eZSG4oIT/ATXAaQjGXAnz04HDShP6xKwsPN0wZTpuEci4XLlbUaWvcuefPAwGO8Be/HWEB03ilM+FLmJ55CYvpFfxbuElA30YzQcw2xU637g/+rshELRCMZB9Thp3j0tZ09sQTXbodnStm3hN0azuqvtXhZ63+q47GpocyiOlj7wHY6zZ4OfCj2YxFIeiLBBur6/mBKH3uA/xkuIv6NPAN+BI0L4iH1q+umCjeE/qfzWLO3Fe3ngYTWx0YFEIduRWCz7fyLUITNJBSK7YENFdIB0g8wXBWcTVpAv08RAgMBAAGjggFiMIIBXjAfBgNVHSMEGDAWgBQMvZNoDPPeq6NJays3V0fqkOO57TAdBgNVHQ4EFgQU6ZdOotf55GTP/djvkXZgjXBGSqQwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBgGA1UdIAQRMA8wDQYLKwYBBAGyMQECAh0wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcmwwbQYIKwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAChilodHRwOi8vY3J0LnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNydDAmBggrBgEFBQcwAYYaaHR0cDovL29jc3AudGNzLnRlcmVuYS5vcmcwGgYDVR0RBBMwEYIPaWRwLmNoYWxtZXJzLnNlMA0GCSqGSIb3DQEBBQUAA4IBAQBsPH77mopZLCpQgcrIYyZJfGKrXb7rQ4NNaBOR8o/KLNptvY7NPtOnu0HRJrYfZIx4Abj0VgDs/CBWSnBJQcE+aGMQmcPhrSDua9S5p+Cpq4AV7bhCRIovWPFPNQ7TTYRKCkFCmnkM/Y3EyliddxM1JsIL5rw+k8/O/KUJPCSff7yDsSmse5qUrJ12Nh+aG/MB4NknOJuAsLjs0HpIjdVTNFb9dbhrE+8x3AiL0Nk9G69gff1V7uxndvWhCoDUW3RVkpj9xssfHj4atp9F7t3q0bKdt7Y3HWQm8wpSJd7OUWI2WXbA6kjI2YZtFcUCOzy32crsMxLXKsHJyMp/XYyw</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIH8zCCBtugAwIBAgIQDaNbpG1dZnWHBOxGpbv0rTANBgkqhkiG9w0BAQsFADBzMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExJzAlBgNVBAMTHlRFUkVOQSBTU0wgSGlnaCBBc3N1cmFuY2UgQ0EgMzAeFw0xNzAxMTcwMDAwMDBaFw0xOTAxMjIxMjAwMDBaMIIBCDEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCU0UxFDASBgNVBAUTCzU1NjQ3OS01NTk4MRowGAYDVQQJExFDaGFsbWVyc3BsYXRzZW4gNDESMBAGA1UEERMJU0UtNDEyIDk2MQswCQYDVQQGEwJTRTEaMBgGA1UECAwRVsOkc3RyYSBHw7Z0YWxhbmQxEjAQBgNVBAcMCUfDtnRlYm9yZzEnMCUGA1UECgweQ2hhbG1lcnMgVGVrbmlza2EgSMO2Z3Nrb2xhIEFCMQwwCgYDVQQLEwNJVEExGDAWBgNVBAMTD2lkcC5jaGFsbWVycy5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALFvAWT7LPS4Gl0ywiMIHcPGzNFqgqtg1NveV5iPnHgTlh+T72kcQ099F2ueXIP0mC5r6Eguy8Hv4sTHajnLPmaRFWgs8VXbIRI+8UdmAeWomJAZbkS9iUbsToii+ShKGrvOoIenCagRbmjp+Sjz571sOZ8D/LQCWguvyQgeXToZXUD63OGsqu/FdOdWQUKcxxu2fAbqpJmdzetQmNVfdXPBulhGvhIDYU/3y2E+wUH45+4TQAYMOvcAuQpdVcuQf35G1IHRVbfnwbiDmIKAbkgAJKyETtNYzzkKEO7Mk7BVrlN8Hr7ny37Y+j6AVYm4SXgwJwOfbfuyZupGoqr1xGkCAwEAAaOCA+owggPmMB8GA1UdIwQYMBaAFMK4hdfhuRO90Ui8/V7cfZBCeoqpMB0GA1UdDgQWBBS6y7/8EjtLFGwWYPrfbZOSIHUdsjAaBgNVHREEEzARgg9pZHAuY2hhbG1lcnMuc2UwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBhQYDVR0fBH4wfDA8oDqgOIY2aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL1RFUkVOQVNTTEhpZ2hBc3N1cmFuY2VDQTMuY3JsMDygOqA4hjZodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vVEVSRU5BU1NMSGlnaEFzc3VyYW5jZUNBMy5jcmwwSwYDVR0gBEQwQjA3BglghkgBhv1sAgEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAHBgVngQwBATB7BggrBgEFBQcBAQRvMG0wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBFBggrBgEFBQcwAoY5aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL1RFUkVOQVNTTEhpZ2hBc3N1cmFuY2VDQTMuY3J0MAwGA1UdEwEB/wQCMAAwggH3BgorBgEEAdZ5AgQCBIIB5wSCAeMB4QB3AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABWaxG10EAAAQDAEgwRgIhAJ8aHnkMZUnmS8b14TxpxJ6bF0D+FyupZHydymr6eiUUAiEAxuc4R2xGwsTpTyiGrzjOhpFp1m8OxCXm6yy8DYnk8K8AdgBWFAaaL9fC7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ3QAAAVmsRtgtAAAEAwBHMEUCIFKcHShfX2Vx0U6nMdOybcllepBjF/LBXosy+tF7uJ0gAiEAiKWCgJ8xNHsiPrnOjsSbgK/em6CxvJpTm7izwgd5jIwAdwDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAVmsRto2AAAEAwBIMEYCIQDgfq25uMuMnrenJ51ZO7iod0XsZtmlYPAXkVMga4xdSQIhAIQmrpUzpznhNfawdvezpjQWlDF8G18HFD0woxX11Do2AHUAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFZrEbX8gAABAMARjBEAiAM8ZPi1tdEYR0RyY8lmlacibWB/jNVvhx6Xk3C+UNqVgIgDNDJu1z9oSB0H3Kn06flyp8sM7/2MbFpYItnoRLgJYgwDQYJKoZIhvcNAQELBQADggEBAE9MAeAKr+x0//3fQrt9lbyrJzEfISNp4g85PGGwVoBZL1LBDAMqLhtpnzVxpXBjQ51w94F2EM/dZVTQRnOjMby13diSqiui8FhGapmVJ6QR+Asw8r2JLQPpwE/isyaSy2JE4nBDZI8zf4uGxYGMu9/TACsGwnz9TO8pWsFgq9K7OgH+zibB3vGjTqZGy6nETbQcuHyZry6RDQM4edU5GNAVWDebpgWlRGfp648tPOaaku10gWwv3eWjOIEF/3SjGJ4/QvoQZD+bTc6kKPIdvI9wr3Hmn4rFA+kR8p3Pq6vwaiZmdEV2v+iKJG0QArS/ZIhQ3ogLOxWoYHNMu/G4K9I=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIEazCCA1OgAwIBAgIQYiCzN6Gt8LkhjGEzm+oYbzANBgkqhkiG9w0BAQUFADA2MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEgU1NMIENBMB4XDTE0MDEyMDAwMDAwMFoXDTE3MDEyNDIzNTk1OVowPTEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRgwFgYDVQQDEw9pZHAuY2hhbG1lcnMuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmWN/0UvY2KySOfg77U+ORidbq0YyqVSUxTEN5HT0WRRF/k7bdhyNp1mf8OuzefbFbTRwUyqi8BaFSdGaB2ifbyYhprchRdBXQzfS9OSzKRWQrRPPJRc7YF+h0OR2Byjy9Wkm3qzOzbv96DSihNuyhd+q+jUBUoJ+MWAj+K1/rsghrvAcKtedADR+62QaCQCkD6Pv7+njyWWAA1cJAm5KoEzXqANi3SkTwqUYB6PCMKnUBsh/w0I6Qv5lD0i/OXCZJguPhcGM5M/wSZq6iDLdtZ/EDNm82UXO3j+zBFDLSbiWuh74+/dtOyJKYZn5q9lGbhVqvFs/smAztKUSHndmbAgMBAAGjggFsMIIBaDAfBgNVHSMEGDAWgBQMvZNoDPPeq6NJays3V0fqkOO57TAdBgNVHQ4EFgQUaL0QFrip30INB0btXzbf1qhorUswDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAh0wCAYGZ4EMAQIBMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0EuY3JsMG0GCCsGAQUFBwEBBGEwXzA1BggrBgEFBQcwAoYpaHR0cDovL2NydC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcnQwJgYIKwYBBQUHMAGGGmh0dHA6Ly9vY3NwLnRjcy50ZXJlbmEub3JnMBoGA1UdEQQTMBGCD2lkcC5jaGFsbWVycy5zZTANBgkqhkiG9w0BAQUFAAOCAQEAll6pgh+zFiNIwql7sPVIQqhOCRjz1fOYfJUNAQQKiNeiWtZHC0PU7gcdKUmyDEmvdVuvMjnmuBzMCmTwYWBroWPMJCoHvWQGGTElForaG2AU7ghASUeGn2rtXdnj62dbhNhuh/yZfywKmCbRoKYsQB6/6TkmkQcXm7teOqzq3jOjlnJmMCRRSM8z7ZDI6KkcX+FFfsNR9zp76Xi3T6hsfNQJOD593JA7Ub8rX2p3YQIYLNGARfR7fAQoSBgibcGX6buthzFl1Af+ghyy99nezrJ1srvD81AKG7a55znKBcQLPTTsqMlaG9tM9ERe/wQhf9zEUBPDB8PLmA+FfmR3Mg==</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.chalmers.se/adfs/ls/"/>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.chalmers.se/adfs/ls/"/>
- <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
- <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.chalmers.se/adfs/ls/" index="0" isDefault="true"/>
- <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://idp.chalmers.se/adfs/ls/" index="1"/>
- </SPSSODescriptor>
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<Extensions>
<shibmd:Scope regexp="false">chalmers.se</shibmd:Scope>
@@ -334,27 +54,6 @@
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.chalmers.se/adfs/ls/"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.chalmers.se/adfs/ls/"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
</IDPSSODescriptor>
<Organization>
<OrganizationName xml:lang="en">CHALMERS</OrganizationName>
diff --git a/swamid-2.0/idp.dev.eduid.se-idp.xml.xml b/swamid-2.0/idp.dev.eduid.se-idp.xml.xml
index 063a87a3..15ff70e3 100644
--- a/swamid-2.0/idp.dev.eduid.se-idp.xml.xml
+++ b/swamid-2.0/idp.dev.eduid.se-idp.xml.xml
@@ -1,5 +1,19 @@
<?xml version="1.0" encoding="UTF-8"?>
<ns0:EntityDescriptor xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ns1="urn:mace:shibboleth:metadata:1.0" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" entityID="https://idp.dev.eduid.se/idp.xml">
+ <ns0:Extensions>
+ <attr:EntityAttributes xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml:AttributeValue>http://www.swamid.se/policy/assurance/al1</saml:AttributeValue>
+ <saml:AttributeValue>http://www.swamid.se/policy/assurance/al2</saml:AttributeValue>
+ <saml:AttributeValue>http://www.swamid.se/policy/authentication/swamid-al2-mfa</saml:AttributeValue>
+ <saml:AttributeValue>http://www.swamid.se/policy/authentication/swamid-al2-mfa-hi</saml:AttributeValue>
+ </saml:Attribute>
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category-support">
+ <samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue>
+ <samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue>
+ </samla:Attribute>
+ </attr:EntityAttributes>
+ </ns0:Extensions>
<ns0:IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<ns0:Extensions>
<ns1:Scope regexp="false">eduid.se</ns1:Scope>
diff --git a/swamid-2.0/idp.it.su.se-idp-shibboleth.xml b/swamid-2.0/idp.it.su.se-idp-shibboleth.xml
index 0d5e60fd..68577b60 100644
--- a/swamid-2.0/idp.it.su.se-idp-shibboleth.xml
+++ b/swamid-2.0/idp.it.su.se-idp-shibboleth.xml
@@ -2,6 +2,10 @@
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" entityID="https://idp.it.su.se/idp/shibboleth">
<Extensions>
<mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" xmlns="" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification">
+ <samla:AttributeValue>http://www.swamid.se/policy/assurance/al1</samla:AttributeValue>
+ <samla:AttributeValue>http://www.swamid.se/policy/assurance/al2</samla:AttributeValue>
+ </samla:Attribute>
<saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category-support">
<saml:AttributeValue>http://refeds.org/category/research-and-scholarship</saml:AttributeValue>
<saml:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</saml:AttributeValue>
diff --git a/swamid-2.0/idp2.it.gu.se-idp-shibboleth.xml b/swamid-2.0/idp2.it.gu.se-idp-shibboleth.xml
index 495ec9eb..7476399d 100644
--- a/swamid-2.0/idp2.it.gu.se-idp-shibboleth.xml
+++ b/swamid-2.0/idp2.it.gu.se-idp-shibboleth.xml
@@ -1,10 +1,4 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!--
- This is example metadata only. Do *NOT* supply it as is without review,
- and do *NOT* provide it in real time to your partners.
-
- This metadata is not dynamic - it will not change as your configuration changes.
--->
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://idp2.it.gu.se/idp/shibboleth">
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
<Extensions>
@@ -188,7 +182,5 @@ ocfXlxiISI9q8HuuNs3FvJhJZWITD4pgq6hDioWmYyDa5Xjr7d9e2oOJD9C25Te2
</ds:KeyInfo>
</KeyDescriptor>
<AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp2.it.gu.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
- <!-- <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp2.it.gu.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/> -->
- <!-- If you uncomment the above you should add urn:oasis:names:tc:SAML:2.0:protocol to the protocolSupportEnumeration above -->
</AttributeAuthorityDescriptor>
</EntityDescriptor>
diff --git a/swamid-2.0/indico.test.uu.se-shibboleth.xml b/swamid-2.0/indico.test.uu.se-shibboleth.xml
new file mode 100644
index 00000000..c196de44
--- /dev/null
+++ b/swamid-2.0/indico.test.uu.se-shibboleth.xml
@@ -0,0 +1,120 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://indico.test.uu.se/shibboleth">
+ <md:Extensions>
+ <alg:DigestMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+ <alg:DigestMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+ <alg:DigestMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+ <alg:DigestMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+ <alg:DigestMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+ <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+ <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+ <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+ <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+ <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+ <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+ <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+ <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+ <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+ <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
+ <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+ <samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue>
+ <samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue>
+ </samla:Attribute>
+ <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification">
+ <saml:AttributeValue>https://refeds.org/sirtfi</saml:AttributeValue>
+ </saml:Attribute>
+ </mdattr:EntityAttributes>
+ </md:Extensions>
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://indico.test.uu.se/Shibboleth.sso/Login"/>
+ <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://indico.test.uu.se/Shibboleth.sso/Login" index="1"/>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="sv">Indico TEST</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Indico TEST</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Indico är ett evenemangshanteringssystem för möten, konferenser och föreläsningar.</mdui:Description>
+ <mdui:Description xml:lang="en">Indico is an event management system for meetings, conferences and lectures.</mdui:Description>
+ <mdui:Logo xml:lang="en" height="52" width="196">https://indico.test.uu.se/images/logo_indico.png</mdui:Logo>
+ <mdui:Logo xml:lang="sv" height="52" width="196">https://indico.test.uu.se/images/logo_indico.png</mdui:Logo>
+ <mdui:InformationURL xml:lang="en">https://indico.test.uu.se/about</mdui:InformationURL>
+ <mdui:PrivacyStatementURL xml:lang="en">https://indico.test.uu.se/static/custom/privacy-policy-en</mdui:PrivacyStatementURL>
+ <mdui:PrivacyStatementURL xml:lang="sv">https://indico.test.uu.se/static/custom/privacy-policy-sv</mdui:PrivacyStatementURL>
+ </mdui:UIInfo>
+ </md:Extensions>
+ <md:KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>uuc-web031-t.its.uu.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=uuc-web031-t.its.uu.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDGTCCAgGgAwIBAgIJAKmas4P9C3JXMA0GCSqGSIb3DQEBCwUAMCIxIDAeBgNV
+BAMMFz11dWMtd2ViMDMxLXQuaXRzLnV1LnNlMCAXDTE4MDUzMTE0MDI0OVoYDzIw
+NjgwNTE4MTQwMjQ5WjAiMSAwHgYDVQQDDBc9dXVjLXdlYjAzMS10Lml0cy51dS5z
+ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMAeFrmGgAfLo+1vYbj2
+QfFTfWNPMYdcmTi0AL4Won4sobNBoFZ566tlP8uJ9StRWjoXwJjsPr3ojQk16SQ6
+Am8006g4qEFOwM4oTzRHCPrWILtu6TJ5X1VIX/mw7KArOKjpGpWUtMzScWzt6sI8
+OlZJac3ZDa2VFAExxdSbNWGm+Lts94YoZ9+oCOaTdD9+JVFe/YKof4xd025WOEzd
+tPWVwDLAZm6bQytDCxafopnqNSwfWOgrYSyl6TpXKrjPMt6sy2n2OTpC357jf1py
+rSsAsEEW2wJlIpBICCLtpK5JedguOVMuoxqC63JfnKenWR7Vq6oz/WFhTcy3jhZ9
+fOsCAwEAAaNQME4wHQYDVR0OBBYEFNpK6GpcCaTD+WhRfMTFnItjQhX9MB8GA1Ud
+IwQYMBaAFNpK6GpcCaTD+WhRfMTFnItjQhX9MAwGA1UdEwQFMAMBAf8wDQYJKoZI
+hvcNAQELBQADggEBAGj8EeeTu8QdbK8s2CJsW7IFcMVVa4FDJVGbYHeTe1aSdMPE
+rewZLCim0tdt0pB35iUUTwIlDvGVbJp51bfdHygb/BYyTBAHW8MiXwWBkDYT1TzQ
+3+d+Iw/m9lidoo5NCNpnpM4P7z+DMkJ2odeqDpsFJ07e7nFDCscL5ysAcbRMoNNQ
+Nv/PH3X/ski2V+wFVkIUmAfyvuiKWrYNeabHObiz+Rj8NUk2Swuxfw3lQQAfCSzG
+Mp0Rv5wuTB3e5oRzX1Kc9vkb89kkRSUf6ktQ4Qo/ij0sg59GqkSAFJ6Ng1qmjP0+
+acjhlnJDt40YvXKkX07QZm3Ti5EjNpo4xpmj7+U=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://indico.test.uu.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://indico.test.uu.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://indico.test.uu.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://indico.test.uu.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://indico.test.uu.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://indico.test.uu.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://indico.test.uu.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://indico.test.uu.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://indico.test.uu.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://indico.test.uu.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://indico.test.uu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://indico.test.uu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://indico.test.uu.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://indico.test.uu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AttributeConsumingService index="0">
+ <md:ServiceName xml:lang="en">Indico TEST</md:ServiceName>
+ <md:RequestedAttribute FriendlyName="mail" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+ <md:RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+ </md:AttributeConsumingService>
+ </md:SPSSODescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="sv">Uppsala universitet</md:OrganizationName>
+ <md:OrganizationName xml:lang="en">Uppsala University</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="sv">Uppsala universitet</md:OrganizationDisplayName>
+ <md:OrganizationDisplayName xml:lang="en">Uppsala University</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="sv">http://www.uu.se/</md:OrganizationURL>
+ <md:OrganizationURL xml:lang="en">http://www.uu.se/en/</md:OrganizationURL>
+ </md:Organization>
+ <md:ContactPerson contactType="technical">
+ <md:Company>Uppsala universitet</md:Company>
+ <md:EmailAddress>mailto:drift@uadm.uu.se</md:EmailAddress>
+ </md:ContactPerson>
+ <md:ContactPerson xmlns:remd="http://refeds.org/metadata" contactType="other" remd:contactType="http://refeds.org/metadata/contactType/security">
+ <md:GivenName>Uppsala University Computer Security Incident Response Team</md:GivenName>
+ <md:EmailAddress>mailto:security@uu.se</md:EmailAddress>
+ <md:TelephoneNumber>+46-18-4717560</md:TelephoneNumber>
+ </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/itslearning.com.xml b/swamid-2.0/itslearning.com.xml
deleted file mode 100644
index 774682d5..00000000
--- a/swamid-2.0/itslearning.com.xml
+++ /dev/null
@@ -1,122 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="urn:mace:saml2v2.no:services:com.itslearning">
- <Extensions>
- <attr:EntityAttributes xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute">
- <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
- <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
- <samla:AttributeValue>http://www.swamid.se/category/eu-adequate-protection</samla:AttributeValue>
- </samla:Attribute>
- </attr:EntityAttributes>
- </Extensions>
- <SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
- <Extensions>
- <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
- <mdui:DisplayName xml:lang="en">itslearning</mdui:DisplayName>
- <mdui:DisplayName xml:lang="sv">itslearning</mdui:DisplayName>
- <mdui:Description xml:lang="en">itslearning is a cloud-based LMS that connects people with passions, ideas, and each other.</mdui:Description>
- <mdui:Description xml:lang="sv">itslearning is a cloud-based LMS that connects people with passions, ideas, and each other.</mdui:Description>
- <mdui:InformationURL xml:lang="sv">https://itslearning.com/global/higher-education/lms-overview/</mdui:InformationURL>
- <mdui:InformationURL xml:lang="en">https://itslearning.com/global/higher-education/lms-overview/</mdui:InformationURL>
- <mdui:PrivacyStatementURL xml:lang="sv">https://itslearning.com/global/privacy-policy/</mdui:PrivacyStatementURL>
- <mdui:PrivacyStatementURL xml:lang="en">https://itslearning.com/global/privacy-policy/</mdui:PrivacyStatementURL>
- </mdui:UIInfo>
- </Extensions>
- <KeyDescriptor use="signing">
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:X509Data>
- <ds:X509Certificate>
- MIIGIzCCBQugAwIBAgIRALUG/lMf4ilOPuZcvQG5yDowDQYJKoZIhvcNAQELBQAw
- gZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
- BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYD
- VQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBT
- ZXJ2ZXIgQ0EwHhcNMTUwNzE0MDAwMDAwWhcNMTgwNzEzMjM1OTU5WjCCAQUxCzAJ
- BgNVBAYTAk5PMQ0wCwYDVQQREwQ1MDU5MRIwEAYDVQQIEwlIT1JEQUxBTkQxDzAN
- BgNVBAcTBkJlcmdlbjEcMBoGA1UECRMTRWR2YXJkIEdyaWVncyBWZWkgMzEYMBYG
- A1UEChMPSXRzIExlYXJuaW5nIEFTMRswGQYDVQQLExJpdHNsZWFybmluZyBGcmFu
- Y2UxNTAzBgNVBAsTLElzc3VlZCB0aHJvdWdoIEl0cyBMZWFybmluZyBBUyBFLVBL
- SSBNYW5hZ2VyMRcwFQYDVQQLEw5JbnN0YW50U1NMIFBybzEdMBsGA1UEAxMUYXV0
- aC5pdHNsZWFybmluZy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
- AQCnMiSYW33IAVgQLVF/43Ke524DM0pehzOVUrZJjwM+VNB5Iz1t0Zd5ZLJ71rPR
- HyYTrtlrwiW4bdCOXpj8q8r3x368YawR3vW9pTxvBzADDUE60HLqNnaLzXbEtgOJ
- x/fN/y1vEe/ysL7sFgfZYsK6Esa+ZckzRmhjhIA8Y7AzFxnUwo99S5/MfwAjRpkV
- lChPFgWFW4zecI+qj092VaDJHpfoGR15cv6onHrqUE8gqKsSZ2LrHrzNCoVGO00R
- RS0i0T+yEccvLB0GlIwgK1NJO3BPar25hIV2NHXTck5tn9iLlyXNChKZK0lJMACb
- kyiA4etM//NW0xCZG9DHVLCvAgMBAAGjggH4MIIB9DAfBgNVHSMEGDAWgBSa8yva
- z61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQUziNakwabutZPrjgskjLsLwud1aMw
- DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH
- AwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCswKQYIKwYB
- BQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeBDAECAjBa
- BgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9S
- U0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGLBggr
- BgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6Ly9jcnQuY29tb2RvY2EuY29t
- L0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5j
- cnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTA5BgNVHREE
- MjAwghRhdXRoLml0c2xlYXJuaW5nLmNvbYIYd3d3LmF1dGguaXRzbGVhcm5pbmcu
- Y29tMA0GCSqGSIb3DQEBCwUAA4IBAQBWP/nHSKbTILdOwcCKxyTcG6IYDkUUnwFG
- QPRO8dRu0p55j5m2scN+svm3PqrejqNobeh80VcNahdHY/runY+JpzdXohBsS+oL
- E7t8lBPW4IlNpRi3OBOywnJ0cGIn5PyaMgDyQoWorgBey2m+wfVtWOlyqSIzHdDC
- +2lyPs5rvfbdSzfPeRv+D6/5k/GwCDOz+u/h0ynqDkZojEWShYP0ROckhhUQRxPl
- JNq2fHe+JwzyEqLJ/k5UcBzrwmzqy5K2Gaj2i6ySiAmoCVhF9/Dl5Tae6bv55IGI
- RZNHXVWClNE2/q9xZotJor1siWGA0F3sZjTHTYK7176mUNDWJyjX
- </ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- </KeyDescriptor>
- <KeyDescriptor use="encryption">
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:X509Data>
- <ds:X509Certificate>
- MIIGIzCCBQugAwIBAgIRALUG/lMf4ilOPuZcvQG5yDowDQYJKoZIhvcNAQELBQAw
- gZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
- BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYD
- VQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBT
- ZXJ2ZXIgQ0EwHhcNMTUwNzE0MDAwMDAwWhcNMTgwNzEzMjM1OTU5WjCCAQUxCzAJ
- BgNVBAYTAk5PMQ0wCwYDVQQREwQ1MDU5MRIwEAYDVQQIEwlIT1JEQUxBTkQxDzAN
- BgNVBAcTBkJlcmdlbjEcMBoGA1UECRMTRWR2YXJkIEdyaWVncyBWZWkgMzEYMBYG
- A1UEChMPSXRzIExlYXJuaW5nIEFTMRswGQYDVQQLExJpdHNsZWFybmluZyBGcmFu
- Y2UxNTAzBgNVBAsTLElzc3VlZCB0aHJvdWdoIEl0cyBMZWFybmluZyBBUyBFLVBL
- SSBNYW5hZ2VyMRcwFQYDVQQLEw5JbnN0YW50U1NMIFBybzEdMBsGA1UEAxMUYXV0
- aC5pdHNsZWFybmluZy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
- AQCnMiSYW33IAVgQLVF/43Ke524DM0pehzOVUrZJjwM+VNB5Iz1t0Zd5ZLJ71rPR
- HyYTrtlrwiW4bdCOXpj8q8r3x368YawR3vW9pTxvBzADDUE60HLqNnaLzXbEtgOJ
- x/fN/y1vEe/ysL7sFgfZYsK6Esa+ZckzRmhjhIA8Y7AzFxnUwo99S5/MfwAjRpkV
- lChPFgWFW4zecI+qj092VaDJHpfoGR15cv6onHrqUE8gqKsSZ2LrHrzNCoVGO00R
- RS0i0T+yEccvLB0GlIwgK1NJO3BPar25hIV2NHXTck5tn9iLlyXNChKZK0lJMACb
- kyiA4etM//NW0xCZG9DHVLCvAgMBAAGjggH4MIIB9DAfBgNVHSMEGDAWgBSa8yva
- z61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQUziNakwabutZPrjgskjLsLwud1aMw
- DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH
- AwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCswKQYIKwYB
- BQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeBDAECAjBa
- BgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9S
- U0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGLBggr
- BgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6Ly9jcnQuY29tb2RvY2EuY29t
- L0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5j
- cnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTA5BgNVHREE
- MjAwghRhdXRoLml0c2xlYXJuaW5nLmNvbYIYd3d3LmF1dGguaXRzbGVhcm5pbmcu
- Y29tMA0GCSqGSIb3DQEBCwUAA4IBAQBWP/nHSKbTILdOwcCKxyTcG6IYDkUUnwFG
- QPRO8dRu0p55j5m2scN+svm3PqrejqNobeh80VcNahdHY/runY+JpzdXohBsS+oL
- E7t8lBPW4IlNpRi3OBOywnJ0cGIn5PyaMgDyQoWorgBey2m+wfVtWOlyqSIzHdDC
- +2lyPs5rvfbdSzfPeRv+D6/5k/GwCDOz+u/h0ynqDkZojEWShYP0ROckhhUQRxPl
- JNq2fHe+JwzyEqLJ/k5UcBzrwmzqy5K2Gaj2i6ySiAmoCVhF9/Dl5Tae6bv55IGI
- RZNHXVWClNE2/q9xZotJor1siWGA0F3sZjTHTYK7176mUNDWJyjX
- </ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
- </KeyDescriptor>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.itslearning.com/elogin/SingleLogoutHandler.aspx"/>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
- <AssertionConsumerService index="0" isDefault="true" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.itslearning.com/eLogin/AssertionConsumerService.aspx"/>
- </SPSSODescriptor>
- <Organization>
- <OrganizationName xml:lang="en">itslearning</OrganizationName>
- <OrganizationDisplayName xml:lang="en">itslearning</OrganizationDisplayName>
- <OrganizationURL xml:lang="en">http://www.itslearning.eu</OrganizationURL>
- </Organization>
- <ContactPerson xml:lang="en" contactType="technical">
- <EmailAddress>support@itslearning.com</EmailAddress>
- </ContactPerson>
- <ContactPerson xml:lang="en" contactType="support">
- <EmailAddress>support@itslearning.com</EmailAddress>
- </ContactPerson>
-</EntityDescriptor>
diff --git a/swamid-2.0/kantarainitiative.org-confluence-plugins-servlet-samlsso.xml b/swamid-2.0/kantarainitiative.org-confluence-plugins-servlet-samlsso.xml
index 3f3def10..c2e5177e 100644
--- a/swamid-2.0/kantarainitiative.org-confluence-plugins-servlet-samlsso.xml
+++ b/swamid-2.0/kantarainitiative.org-confluence-plugins-servlet-samlsso.xml
@@ -1,6 +1,13 @@
<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://kantarainitiative.org/confluence/plugins/servlet/samlsso">
<md:SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="en">Kantara Initiative</mdui:DisplayName>
+ <mdui:Description xml:lang="en">The Kantara Initiative is the global consortium improving trustworthy use of identity and personal data through innovation, standardization and good practice.</mdui:Description>
+ <mdui:Logo xml:lang="en" height="76" width="220">https://kantarainitiative.org/confluence/download/attachments/2293776/global.gif</mdui:Logo>
+ </mdui:UIInfo>
+ </md:Extensions>
<md:KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
@@ -47,4 +54,9 @@ PMS4rjAWc41dsrr8CuH3t/NKbvDc9Rn6U+qLGttLcJ1Jlpw2i3fPGGJ+osSsX9+h3KUdLv9j7zJB
<md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kantarainitiative.org/confluence/plugins/servlet/samlsso" index="0"/>
</md:SPSSODescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">Kantara Initiative Inc</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="en">Kantara Initiative Inc</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">https://kantarainitiative.org</md:OrganizationURL>
+ </md:Organization>
</md:EntityDescriptor>
diff --git a/swamid-2.0/kauplay.kau.se.xml b/swamid-2.0/kauplay.kau.se.xml
new file mode 100644
index 00000000..f276e273
--- /dev/null
+++ b/swamid-2.0/kauplay.kau.se.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://kauplay.kau.se">
+ <md:Extensions>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue>
+ </samla:Attribute>
+ </mdattr:EntityAttributes>
+ </md:Extensions>
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="sv">Kau play</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Kau play</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Detta är Karlstads universitets play tjänst</mdui:Description>
+ <mdui:Description xml:lang="en">This is Karlstad University's streaming service</mdui:Description>
+ <mdui:InformationURL xml:lang="sv">https://play.kau.se/Om</mdui:InformationURL>
+ </mdui:UIInfo>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIICMjCCAZugAwIBAgIUJthSm5mO42eUMlr5toLKJCLgBMowDQYJKoZIhvcNAQEFBQAwPTEpMCcGA1UEAwwgMzAwLW1lZGlhc3BhY2Uua2FsdHVyYS5ub3JkdS5uZXQxEDAOBgNVBAoMB2thbHR1cmEwHhcNMTgwNDIwMTE1NTE1WhcNMTkwNDIwMTE1NTE1WjA9MSkwJwYDVQQDDCAzMDAtbWVkaWFzcGFjZS5rYWx0dXJhLm5vcmR1Lm5ldDEQMA4GA1UECgwHa2FsdHVyYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyiDNnoLi56KGDLRoJ0Y2dBj4G7++BtnhkBGqIB0AwF9O0hNgB5smGf6biR+D+qjhrux4tGLM3NBgeevoCBhb5aupP4/0MBeelhdDmoPfApYRVIXp0N0rSy0gVFRtr0sw9T0txuBq3jB/XzVHRmWA8dSm9H0kkoZEzWRViGWroPcCAwEAAaMvMC0wKwYDVR0RBCQwIoIgMzAwLW1lZGlhc3BhY2Uua2FsdHVyYS5ub3JkdS5uZXQwDQYJKoZIhvcNAQEFBQADgYEALwp3i9iN8738mOgmVLI6L/Q9CwtHpJ8HxPENk02v2gjOS5G81kkyjNT6cN5N5FXaLO/X3XmYMx/k3XWZuInvYHfWnGXb2geWycE1P/n150H4j7pq4RNKmoI0D2vlgdngcqjul/2iWjbUdEhOM3eZHbEdQA0Vwbk/PGV8mAuQfbI=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIICMjCCAZugAwIBAgIUJthSm5mO42eUMlr5toLKJCLgBMowDQYJKoZIhvcNAQEFBQAwPTEpMCcGA1UEAwwgMzAwLW1lZGlhc3BhY2Uua2FsdHVyYS5ub3JkdS5uZXQxEDAOBgNVBAoMB2thbHR1cmEwHhcNMTgwNDIwMTE1NTE1WhcNMTkwNDIwMTE1NTE1WjA9MSkwJwYDVQQDDCAzMDAtbWVkaWFzcGFjZS5rYWx0dXJhLm5vcmR1Lm5ldDEQMA4GA1UECgwHa2FsdHVyYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyiDNnoLi56KGDLRoJ0Y2dBj4G7++BtnhkBGqIB0AwF9O0hNgB5smGf6biR+D+qjhrux4tGLM3NBgeevoCBhb5aupP4/0MBeelhdDmoPfApYRVIXp0N0rSy0gVFRtr0sw9T0txuBq3jB/XzVHRmWA8dSm9H0kkoZEzWRViGWroPcCAwEAAaMvMC0wKwYDVR0RBCQwIoIgMzAwLW1lZGlhc3BhY2Uua2FsdHVyYS5ub3JkdS5uZXQwDQYJKoZIhvcNAQEFBQADgYEALwp3i9iN8738mOgmVLI6L/Q9CwtHpJ8HxPENk02v2gjOS5G81kkyjNT6cN5N5FXaLO/X3XmYMx/k3XWZuInvYHfWnGXb2geWycE1P/n150H4j7pq4RNKmoI0D2vlgdngcqjul/2iWjbUdEhOM3eZHbEdQA0Vwbk/PGV8mAuQfbI=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kauplay.kau.se/user/logout"/>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kauplay.kau.se/user/authenticate" index="0"/>
+ </md:SPSSODescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">KauPlay</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="en">KauPlay</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">https://kauplay.kau.se</md:OrganizationURL>
+ </md:Organization>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>NORDUnet</md:GivenName>
+ <md:SurName>SAML Admin</md:SurName>
+ <md:EmailAddress>mailto:saml@media.nordu.net</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/local.cloudmore.com-shibboleth.xml b/swamid-2.0/local.cloudmore.com-shibboleth.xml
index 31331663..25dc1b0e 100644
--- a/swamid-2.0/local.cloudmore.com-shibboleth.xml
+++ b/swamid-2.0/local.cloudmore.com-shibboleth.xml
@@ -32,7 +32,7 @@
<mdui:Description xml:lang="en">Cloud Brokerage Platform for IT, Business and Public Sector</mdui:Description>
<mdui:InformationURL xml:lang="en">http://web.cloudmore.com/</mdui:InformationURL>
<mdui:Logo xml:lang="en" height="300" width="300">https://cloudmore.com/Files/Uploads/Shibboleth/Cloudmore-green-icon.png</mdui:Logo>
- <mdui:PrivacyStatementURL xml:lang="en">https://web.cloudmore.com/hubfs/terms/Cloudmore%20Privacy%20Policy%20v2017-04.pdf</mdui:PrivacyStatementURL>
+ <mdui:PrivacyStatementURL xml:lang="en">http://web.cloudmore.com/privacy/cloudmore-data-processing-terms</mdui:PrivacyStatementURL>
</mdui:UIInfo>
</md:Extensions>
<md:KeyDescriptor>
diff --git a/swamid-2.0/login.temp1235.hhs.se-adfs-services-trust.xml b/swamid-2.0/login.temp1235.hhs.se-adfs-services-trust.xml
index c8cd7f68..432e6b1a 100644
--- a/swamid-2.0/login.temp1235.hhs.se-adfs-services-trust.xml
+++ b/swamid-2.0/login.temp1235.hhs.se-adfs-services-trust.xml
@@ -1,599 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://login.temp1235.hhs.se/adfs/services/trust">
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="Test ADFS4 - Handelshögskolan i Stockholm">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC7DCCAdSgAwIBAgIQcXfC7I8AAZVDQZlpS80QEDANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDEydBREZTIEVuY3J5cHRpb24gLSBsb2dpbi50ZW1wMTIzNS5oaHMuc2UwHhcNMTcwMTIxMjA1MzE3WhcNMTgwMTIxMjA1MzE3WjAyMTAwLgYDVQQDEydBREZTIEVuY3J5cHRpb24gLSBsb2dpbi50ZW1wMTIzNS5oaHMuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSO706ECYl5LgivGf++RRzmJCdC6OypGGI1YHiVNeUhNBEE2pJ2IFr0ZXGpyrx7+bJRGdlZQG75fHsJE+5Fi3+gtNhMbsAnTfvR3PkX4JzAcl32bzxeKKIHQaou6TyPSCVM7hZQ9NnjrKamekIB52hxga7G4lo1tcnVZFYYBXl5CXvfHhnKkVfmUYKQvak8SQCkk7VkbbpFE9zmbpw7TewzWLcOVmHVjqMcMPh8xTwL/uWtiD5nUx43ZKKykXAt8MMutrXVeaXsWz6ii5sls46cfyA79luYnY52UyjLFfAfFJA9PcCg+JucYWkXMtjBzpVFmcUbF2u5NNryvfEC3aLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAC0725ACqttJd6WGETAS2legpdN+dB9WIqOWqP8ub1uxyg0cx6aKtmLK2zXt3NGaJm9XmVb+v6uqToFurIAPYaguwABHy3JkTNNnO66BCtgN1CRtRm+fBz2RaEJ2zt4NIswOwsvEl7R6FWOihzQJ6fk4DEXAIhLQrCn/ti0yCFWhHqjd74Dvr2xHzppv9BLhDOn6RwdYj/EzSG1xe9oPvn1jyUUxGZzRro4e+25W/l2X2RDautBAYZq3bV+k5ak489U5EYQgcGrFWSs9DmAKk2qUwW6qvMDppD5kVTMfIEbeMUUftAo2VkG//Ym9Q3+A0/KkkpFmsG3taxLxgtm1VCg=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:ClaimTypesRequested>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
- <auth:DisplayName>Client IP</auth:DisplayName>
- <auth:Description>IP address of the client</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
- <auth:DisplayName>Endpoint Path</auth:DisplayName>
- <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://www.hhs.se/ws/2005/05/claims/firstname" Optional="true">
- <auth:DisplayName>First Name</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://www.hhs.se/ws/2005/05/claims/lastname" Optional="true">
- <auth:DisplayName>Last Name</auth:DisplayName>
- </auth:ClaimType>
- </fed:ClaimTypesRequested>
- <fed:TargetScopes>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://login.temp1235.hhs.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://login.temp1235.hhs.se/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://login.temp1235.hhs.se/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://login.temp1235.hhs.se/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://login.temp1235.hhs.se/adfs/ls/</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>http://login.temp1235.hhs.se/adfs/services/trust</Address>
- </EndpointReference>
- </fed:TargetScopes>
- <fed:ApplicationServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://login.temp1235.hhs.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- </fed:ApplicationServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://login.temp1235.hhs.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:SecurityTokenServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="Test ADFS4 - Handelshögskolan i Stockholm">
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC5jCCAc6gAwIBAgIQFLE+JRWbr6dO/DnzzRd18jANBgkqhkiG9w0BAQsFADAvMS0wKwYDVQQDEyRBREZTIFNpZ25pbmcgLSBsb2dpbi50ZW1wMTIzNS5oaHMuc2UwHhcNMTcwMTIxMjA1MzE4WhcNMTgwMTIxMjA1MzE4WjAvMS0wKwYDVQQDEyRBREZTIFNpZ25pbmcgLSBsb2dpbi50ZW1wMTIzNS5oaHMuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCb2zXOedFExa2buAnsMwWosysFcvUISb+hTP7Y7cDfLYLC4HYgeaVl+f0utv9EAKooMKbCOOoqypXfZvR4thEj4nASEd9l1SrK7bfTK21w7bpsgPW1YyLYyMeSWREIm2eB+vD19o8K0zF0bJ68ZjtQp/ZeuCB+UAOmwlcRv36tc4ky/MOgAudjG2nozN2Qol4/bjSpxy9X8Vk2AGLeEusv7U2kFnVUUO8LFSJrSukys7+KRrTJa+NoXQa9EXq1y9yPitLYiIfDu8OV0rJuNkidLkhVRluYlp8wsL5xtAPYMABkUCjejYW7OrGfejYTRSgzwRdUrDW2/003XR8eRvMDAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAHnffSwWY95Eu+s8rq4Paazq0tfXYVxkqfRcFFEOeI1Gyq7OGe2YSRTw8dW6/2wsQOZrbLsgRoLhn04B1+gt2wpP29JsKJwVjeKCEtXEqEIm6gmetPCW27pbkLMTUeMYan6jkI9jww7zR8nrwtulBlmzrAcivcNTDiSTq/W+3ec8wg2KPoY0ie5bk3XI5dhrYFzzb6XzVamGvUKYYx6DqOIP/nsTZy21y+4mOoo8bS0snippT2rUlbrFwn8fneuHv7NzEvp0bOSd78ke+hnEQDd44R9XhBU5RT5zvB24Tv6+dUXoSJN6TbauPgtUtGdEV/euSkTlkJoU1Ejbh5qupWY=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:TokenTypesOffered>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:2.0:assertion"/>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion"/>
- </fed:TokenTypesOffered>
- <fed:ClaimTypesOffered>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
- <auth:DisplayName>Client IP</auth:DisplayName>
- <auth:Description>IP address of the client</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
- <auth:DisplayName>Endpoint Path</auth:DisplayName>
- <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://bullshit/id2" Optional="true">
- <auth:DisplayName>Dummy value</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://www.hhs.se/ws/2005/05/claims/firstname" Optional="true">
- <auth:DisplayName>First Name</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://www.hhs.se/ws/2005/05/claims/lastname" Optional="true">
- <auth:DisplayName>Last Name</auth:DisplayName>
- </auth:ClaimType>
- </fed:ClaimTypesOffered>
- <fed:SecurityTokenServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://login.temp1235.hhs.se/adfs/services/trust/2005/certificatemixed</Address>
- <Metadata>
- <Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataSection xmlns="" Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataReference>
- <Address xmlns="http://www.w3.org/2005/08/addressing">https://login.temp1235.hhs.se/adfs/services/trust/mex</Address>
- </wsx:MetadataReference>
- </wsx:MetadataSection>
- </Metadata>
- </Metadata>
- </EndpointReference>
- </fed:SecurityTokenServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://login.temp1235.hhs.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
<SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<KeyDescriptor use="encryption">
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
@@ -641,72 +47,6 @@
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.temp1235.hhs.se/adfs/ls/"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://login.temp1235.hhs.se/adfs/ls/"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Registered User"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration DisplayName"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS type"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS Version"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Managed Device"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Forwarded Client IP"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Application"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client User Agent"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client IP"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Endpoint Path"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Proxy"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application policies"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authority Key Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Basic Constraint"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Enhanced Key Usage"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Key Usage"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not After"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not Before"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Policies"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Public Key"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Raw Data"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Alternative Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Serial Number"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Signature Algorithm"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Key Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V2 Template Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V1 Template Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Thumbprint"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="X.509 Version"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Inside Corporate Network"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Time"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Days"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Update Password URL"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication Methods References"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Request ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://bullshit/id2" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Dummy value"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://www.hhs.se/ws/2005/05/claims/firstname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="First Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://www.hhs.se/ws/2005/05/claims/lastname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Last Name"/>
</IDPSSODescriptor>
<Organization>
<OrganizationName xml:lang="sv">Handelshögskolan i Stockholm (TEST)</OrganizationName>
diff --git a/swamid-2.0/login1.fhs.se-adfs-services-trust.xml b/swamid-2.0/login1.fhs.se-adfs-services-trust.xml
index 4bd790bc..804a2289 100644
--- a/swamid-2.0/login1.fhs.se-adfs-services-trust.xml
+++ b/swamid-2.0/login1.fhs.se-adfs-services-trust.xml
@@ -1,28 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="http://login1.fhs.se/adfs/services/trust">
- <SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC3DCCAcSgAwIBAgIQeWr7QXhH9JlNlt0yAGXDnzANBgkqhkiG9w0BAQsFADAqMSgwJgYDVQQDEx9BREZTIEVuY3J5cHRpb24gLSBsb2dpbjEuZmhzLnNlMB4XDTE4MDMyOTA4NDgyM1oXDTE5MDMyOTA4NDgyM1owKjEoMCYGA1UEAxMfQURGUyBFbmNyeXB0aW9uIC0gbG9naW4xLmZocy5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALfSk8YUwkg2sQvT4Rvo3eHVG6E0TSKvd2REO8iTzMpmMS4D+xRmduJi/d2GBczY5GKzjsm8Ykfz/kF+0zKUyLXjSBxyf1c/HY7ShULcZQI2hYIk9pIafLym1log++Yq1x7A8toQmbIqFQkNfzerb1FSlHhDH9y1ENcVY57Xy4mQGXGdgvUKB7cID4hHPfLvNb9rECmxnznb0aSfumIf169LA662B2QcZOfvdC6L+/okJLoa69X4/wkfYhyXXXaCCmd1EGN4CzXiPKD5LCDFC28hhAC6eaU4e0z+T3u8+HQZTkAP4QnJk18NDqDeS9BTo7iifwjOhScIK+WOTGdgxB0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAFqWIanhTOtPbdyNc3ILtasZPG7srR86xgIUBL4Bb5RZbdEsXSDDYnJGsstwgKb0f8aGeVUaqgq+a/VrNwMIaTbj9bMU85kcJuipj5mhsJ1YY5zgPvpK1uum/AWjPHjn21JQGpqfxJngGJl54FWNhAJL85k+H/3MODSIzrH5Kmyuq+1qU9E5vlvoVJn0WPxowJS7Y9PimatpbNSio/lQ0Rk14GOn6C2/NwBm3wGqpRqRcYsXoYCGDL9ACbiUiBazcslBsURJsTagU68UHytrSsifzRiUdpzOzCf8FICfLDLYFq010hpSUgRWp5uffHpZGUhoHh2tjDym3XZ3TyH70GA==</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC1jCCAb6gAwIBAgIQQFxK+48DP6JHunIm7oDFRDANBgkqhkiG9w0BAQsFADAnMSUwIwYDVQQDExxBREZTIFNpZ25pbmcgLSBsb2dpbjEuZmhzLnNlMB4XDTE4MDMyOTA4NDgyMloXDTE5MDMyOTA4NDgyMlowJzElMCMGA1UEAxMcQURGUyBTaWduaW5nIC0gbG9naW4xLmZocy5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOU4TbE5Q9vYKOIeo4LAdYb156uXz8MfGNddJ0LV5MaVACDzDvX2I+7yXXFfHB/Y39HeJlWzYaR8Nae8vyeCiC2pnt9WXe+kvsdfGwCgCCmbv2DuCcgnprquqUCO6uU9fqMi1hgMMHpGcE+33SyZoXdrIRJ+b4DV2mfmaW0LKNxsz2KU9NYpe41tybMYL1FDw0sGYTyHsdTORvGueO7ccInPCAh8yeVRLu9qIya3yvNxb41/dSmk3Gw/K3VFCaV5wXG4npLmcLWYw+8d+xN8SDRaxys0nojEFtzFM/0Bp4WjdiY74sHwG8UeVL4NmmOSkII2BDsYaKgzzoAmMREx9i0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAt3KSlG7b58D4w9jqz29ZgUuJYCBxQbc+64w0/9mFu2NWwV1F0+4SdnGJGKhyGC8hbegTC+CW464xoRpQJQZfT1hwwt/oRfy3VR+1mZffMvq6bHXZFhWqTasQNZOqgEzTj+bmpUQZnK1UJhM5wR0aM2nPkvkNfMh+Ee1EOlITJs8Gv7hnO6f9I+gp1YixBe9LZs5yTnPrOUYxOcDfn8RE8+H+NwJ9NotK192T5ek7Lqy6TTt09uWYFuGhVW2aJdmI0IaoLhccJyuTHLG5vR+67QCkJ3Qkg7qymh4wLi4pYdjdq+qBKIRmPRNswQhGx0GpamGwDdzboBWJT2cgQbVESg==</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login1.fhs.se/adfs/ls/"/>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://login1.fhs.se/adfs/ls/"/>
- <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
- <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://login1.fhs.se/adfs/ls/" index="0" isDefault="true"/>
- <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://login1.fhs.se/adfs/ls/" index="1"/>
- </SPSSODescriptor>
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<Extensions>
<shibmd:Scope regexp="false">fhs.se</shibmd:Scope>
@@ -35,8 +12,8 @@
<mdui:Description xml:lang="en">Identity Provider for Swedish Defence University</mdui:Description>
<mdui:InformationURL xml:lang="sv">http://www.fhs.se</mdui:InformationURL>
<mdui:InformationURL xml:lang="en">http://www.fhs.se/en/</mdui:InformationURL>
- <mdui:Logo xml:lang="sv" height="118" width="106">https://www.fhs.se/files/sidhuvud/logotyp-sv.jpg</mdui:Logo>
- <mdui:Logo xml:lang="en" height="116" width="103">https://www.fhs.se/files/sidhuvud/logotyp-en.jpg</mdui:Logo>
+ <mdui:Logo xml:lang="sv" height="671" width="2494">https://login1.fhs.se/adfs/portal/logo/logo.jpg</mdui:Logo>
+ <mdui:Logo xml:lang="en" height="671" width="2494">https://login1.fhs.se/adfs/portal/logo/logo.jpg</mdui:Logo>
<mdui:Keywords xml:lang="sv">fhs</mdui:Keywords>
<mdui:Keywords xml:lang="en">fhs</mdui:Keywords>
</mdui:UIInfo>
@@ -91,6 +68,6 @@
<Company>Swedish Defence University</Company>
<SurName>FHS IT Helpdesk</SurName>
<EmailAddress>mailto:helpdesk@fhs.se</EmailAddress>
- <TelephoneNumber>+46 08 55342545</TelephoneNumber>
+ <TelephoneNumber>+46 8 55342545</TelephoneNumber>
</ContactPerson>
</EntityDescriptor>
diff --git a/swamid-2.0/lubcat.lub.lu.se-shibboleth.xml b/swamid-2.0/lubcat.lub.lu.se-shibboleth.xml
new file mode 100644
index 00000000..7b542aef
--- /dev/null
+++ b/swamid-2.0/lubcat.lub.lu.se-shibboleth.xml
@@ -0,0 +1,101 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://lubcat.lub.lu.se/shibboleth">
+ <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+ <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+ <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+ <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+ <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+ <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue>
+ </samla:Attribute>
+ </mdattr:EntityAttributes>
+ </md:Extensions>
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://lubcat.lub.lu.se/Shibboleth.sso/Login"/>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="en">LUBcat</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="sv">LUBcat</mdui:DisplayName>
+ <mdui:Description xml:lang="en">LUBcat, the library catalogue at Lund University</mdui:Description>
+ <mdui:Description xml:lang="sv">LUBcat, bibliotekskatalogen vid Lunds universitet</mdui:Description>
+ <mdui:InformationURL xml:lang="en">https://lubcat.lub.lu.se</mdui:InformationURL>
+ <mdui:InformationURL xml:lang="sv">https://lubcat.lub.lu.se</mdui:InformationURL>
+ </mdui:UIInfo>
+ </md:Extensions>
+ <md:KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>koha.lub.lu.se</ds:KeyName>
+ <ds:KeyName>lubcat.lub.lu.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=lubcat.lub.lu.se</ds:X509SubjectName>
+ <ds:X509Certificate>
+ MIIEBzCCAm+gAwIBAgIJAIHg4MxNUmPGMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNV
+ BAMTEGx1YmNhdC5sdWIubHUuc2UwHhcNMTgwNjExMTIzMDQ0WhcNMjgwNjA4MTIz
+ MDQ0WjAbMRkwFwYDVQQDExBsdWJjYXQubHViLmx1LnNlMIIBojANBgkqhkiG9w0B
+ AQEFAAOCAY8AMIIBigKCAYEA478CYAV83v5lkx8hEYaf7/o3EVMOzO6bOwZNYQXA
+ FZKdeKDREdoUFKdKESN0W9Zaf3jYh09HVAvyB4Op2FyYLD3WmBe7CsAmM9Lq4XHb
+ oD7VeNWHX6CEpwkqH9RUNOsrak+TWpn1a4GXIkr+OxGV6NlygT7SpeoCvobLaN/p
+ MB/KOttd+ZJn5zPq4G21pTqrwX2E9WfB2qhficu8ZPMpBPsCgdedNJ4RI/R/P+4M
+ Jbq5qw1w6HL5ABvEYhb3+QZnfTL51KQjLkAwChIXv3UMJ07zvnUPtv+a5px+loKZ
+ z/k/UvWmRpRqxW2ozu3ERLMomUGOpmTw7klsWhje3F5bkjihr12hxL4xueOxOepe
+ +oENcA7kEjN0k+LwyzWBIRpTqihGN96XAzxUDDzMHkvAFfGbXf/dujNKpq1TLUu3
+ BCwkGRp0wJPKJVM6zwj9Mpb2w7ikjGhB7QymtITTLMBkG+VP1/g8ZsSzvw2YXNe3
+ xCroPqROjrNFPpdLhUdFgZl9AgMBAAGjTjBMMCsGA1UdEQQkMCKCEGx1YmNhdC5s
+ dWIubHUuc2WGDmtvaGEubHViLmx1LnNlMB0GA1UdDgQWBBRGRbUDwyLZ2eb2CqbZ
+ mIpO8yb84DANBgkqhkiG9w0BAQsFAAOCAYEA4fnM3jPZJ9zLTZyKjGXKZ8iHS4zz
+ QU6uunRmYoJD+AsBvp2prwqheuRFNSubDie8SKGp6dDh7AB7tftgc0vpRw7V2Mjs
+ 6H7IChJFgyNNMwnE5RzCWtG9j3W9H4m/bDIbxv/wQ7VhPvb1KYJrzUtMdnk5e4zK
+ Isq2i3XNAcxl3QbfRTwPG9AHG/B/pC47whMZODuLn7Hpph/nN67uYzVFHDxGeV+e
+ IkAp1ME/ryAqL4rZSet1XkclYUmS48aopuDfpkc8cuklvb1RJPG9RZCG5r/hC4ru
+ Eiah3eRwEGOm7SZmdZqj5TxfBJ1Yb4JsKv8YipKX6FzgH2+pZ24UQbQOY1udJSTB
+ zE6te6lGnmK4XEttAgDsoJ4SpzWysOmwmEWfR/OjR1CLLWw+L2asChQMnBIjs4hD
+ 7kFnEFNDxKL+4WcCvRtmibI4F/VjdbzCUq1buF9aE4aethWECHR2umzuv2E8q0Ey
+ JIHl0vtDDiOXzxkUj9hAnkua5AhIWpkqePOP
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://lubcat.lub.lu.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://lubcat.lub.lu.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://lubcat.lub.lu.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://lubcat.lub.lu.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://lubcat.lub.lu.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://lubcat.lub.lu.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://lubcat.lub.lu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://lubcat.lub.lu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://lubcat.lub.lu.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://lubcat.lub.lu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">LU</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="en">Lund University</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">lu.se</md:OrganizationURL>
+ </md:Organization>
+ <md:ContactPerson contactType="technical">
+ <md:Company>Lund University</md:Company>
+ <md:SurName>Dave Sherohman</md:SurName>
+ <md:EmailAddress>mailto:dave.sherohman@ub.lu.se</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/medlem.consensus.liu.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml b/swamid-2.0/medlem.consensus.liu.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml
new file mode 100644
index 00000000..dd5f9242
--- /dev/null
+++ b/swamid-2.0/medlem.consensus.liu.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://medlem.consensus.liu.se/saml/simplesamlwww/module.php/saml/sp/metadata.php/AgeraMedlem">
+ <md:Extensions>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+ <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
+ </samla:Attribute>
+ </mdattr:EntityAttributes>
+ </md:Extensions>
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="sv">Medlemsportalen</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Member Portal</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Medlemsportalen för Consensus Linköping</mdui:Description>
+ <mdui:Description xml:lang="en">Member Portal for Consensus Linköping</mdui:Description>
+ </mdui:UIInfo>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDrDCCApQCCQDMDwvLD8QR3zANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCU0UxETAPBgNVBAcMCEhhbG1zdGFkMRswGQYDVQQKDBJNb250YW5pYSBTeXN0ZW0gQUIxFTATBgNVBAsMDEFnZXJhIE1lZGxlbTEgMB4GA1UEAwwXbWVkbGVtLmNvbnNlbnN1cy5saXUuc2UxHzAdBgkqhkiG9w0BCQEWEHdlYmJAbW9udGFuaWEuc2UwHhcNMTgwNzA0MTIxOTI2WhcNMjgwNzAzMTIxOTI2WjCBlzELMAkGA1UEBhMCU0UxETAPBgNVBAcMCEhhbG1zdGFkMRswGQYDVQQKDBJNb250YW5pYSBTeXN0ZW0gQUIxFTATBgNVBAsMDEFnZXJhIE1lZGxlbTEgMB4GA1UEAwwXbWVkbGVtLmNvbnNlbnN1cy5saXUuc2UxHzAdBgkqhkiG9w0BCQEWEHdlYmJAbW9udGFuaWEuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBu9VSSdGpSKvqukGYMhSNTBAB4Cnrq96xX2YaI/CpkBnBzESG5TI7ExRf1ezZZFj629oS6L9oYxJRioG8Nkz/z0K4eoApdLMVomxXkXNx9WgmlB1jPo16kP9m+ZB39A0SsxtrM0M7ooHUY0/35Dl+FzLAX2BrA/zcn3ChJqrC1aaPyLW4H3zlp1VV5Gs/UsRWrLm0mzrwv+M0YyI1sL87vKmKqjzA55QjR567/eU4wWTKBRsWOwtbQei42ef4WICl1U9bKmAviGVucxHO7ZDKEXfMlhnRv/qVWYqJxej0y/olidOEE562VtioQCP/L6CqbHaqYLa8nn1ms+jHL6hNAgMBAAEwDQYJKoZIhvcNAQELBQADggEBACfza86hMDbKnftHXmgwudphMd6eGOAdYJsUmkiPWO+zkUH1C3ZKjOetCAXYBYLZ+W3m5t0vX38J4ye97dJDoCLRg4qNipJ38AdJF+7SJUih8yDnT0IvXk6k3irxdGaq7GujouiR6i52KiObC7RKLviGri2203IZTLkP3Kf1BUSmrlluo8hWHDVf//CGfQnX29h+LWaz5DyEyLgNBjBWx6DO90n423Z2m1f4sdB8ITs1a8EyI3lL8tZTb6xtHWeAiTJV+UHXArODOsgFlvr9Kv7JhiNLyIXXjPoKlF+QRLiGzJq4w/I379gg3OorNhFI73JxTbYgs1QOtVnWmzWojt8=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDrDCCApQCCQDMDwvLD8QR3zANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCU0UxETAPBgNVBAcMCEhhbG1zdGFkMRswGQYDVQQKDBJNb250YW5pYSBTeXN0ZW0gQUIxFTATBgNVBAsMDEFnZXJhIE1lZGxlbTEgMB4GA1UEAwwXbWVkbGVtLmNvbnNlbnN1cy5saXUuc2UxHzAdBgkqhkiG9w0BCQEWEHdlYmJAbW9udGFuaWEuc2UwHhcNMTgwNzA0MTIxOTI2WhcNMjgwNzAzMTIxOTI2WjCBlzELMAkGA1UEBhMCU0UxETAPBgNVBAcMCEhhbG1zdGFkMRswGQYDVQQKDBJNb250YW5pYSBTeXN0ZW0gQUIxFTATBgNVBAsMDEFnZXJhIE1lZGxlbTEgMB4GA1UEAwwXbWVkbGVtLmNvbnNlbnN1cy5saXUuc2UxHzAdBgkqhkiG9w0BCQEWEHdlYmJAbW9udGFuaWEuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBu9VSSdGpSKvqukGYMhSNTBAB4Cnrq96xX2YaI/CpkBnBzESG5TI7ExRf1ezZZFj629oS6L9oYxJRioG8Nkz/z0K4eoApdLMVomxXkXNx9WgmlB1jPo16kP9m+ZB39A0SsxtrM0M7ooHUY0/35Dl+FzLAX2BrA/zcn3ChJqrC1aaPyLW4H3zlp1VV5Gs/UsRWrLm0mzrwv+M0YyI1sL87vKmKqjzA55QjR567/eU4wWTKBRsWOwtbQei42ef4WICl1U9bKmAviGVucxHO7ZDKEXfMlhnRv/qVWYqJxej0y/olidOEE562VtioQCP/L6CqbHaqYLa8nn1ms+jHL6hNAgMBAAEwDQYJKoZIhvcNAQELBQADggEBACfza86hMDbKnftHXmgwudphMd6eGOAdYJsUmkiPWO+zkUH1C3ZKjOetCAXYBYLZ+W3m5t0vX38J4ye97dJDoCLRg4qNipJ38AdJF+7SJUih8yDnT0IvXk6k3irxdGaq7GujouiR6i52KiObC7RKLviGri2203IZTLkP3Kf1BUSmrlluo8hWHDVf//CGfQnX29h+LWaz5DyEyLgNBjBWx6DO90n423Z2m1f4sdB8ITs1a8EyI3lL8tZTb6xtHWeAiTJV+UHXArODOsgFlvr9Kv7JhiNLyIXXjPoKlF+QRLiGzJq4w/I379gg3OorNhFI73JxTbYgs1QOtVnWmzWojt8=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://medlem.consensus.liu.se/saml/simplesamlwww/module.php/saml/sp/saml2-logout.php/AgeraMedlem"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://medlem.consensus.liu.se/saml/simplesamlwww/module.php/saml/sp/saml2-acs.php/AgeraMedlem" index="0"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://medlem.consensus.liu.se/saml/simplesamlwww/module.php/saml/sp/saml1-acs.php/AgeraMedlem" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://medlem.consensus.liu.se/saml/simplesamlwww/module.php/saml/sp/saml2-acs.php/AgeraMedlem" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://medlem.consensus.liu.se/saml/simplesamlwww/module.php/saml/sp/saml1-acs.php/AgeraMedlem/artifact" index="3"/>
+ </md:SPSSODescriptor>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>Johan</md:GivenName>
+ <md:SurName>Sölve</md:SurName>
+ <md:EmailAddress>webb@montania.se</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/medlem.gotastudentkar.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml b/swamid-2.0/medlem.gotastudentkar.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml
new file mode 100644
index 00000000..d036cc0c
--- /dev/null
+++ b/swamid-2.0/medlem.gotastudentkar.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://medlem.gotastudentkar.se/saml/simplesamlwww/module.php/saml/sp/metadata.php/AgeraMedlem">
+ <md:Extensions>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+ <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
+ </samla:Attribute>
+ </mdattr:EntityAttributes>
+ </md:Extensions>
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="sv">Medlemsportalen</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Member Portal</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Medlemsportalen för Göta studentkår</mdui:Description>
+ <mdui:Description xml:lang="en">Member Portal for Göta studentkår</mdui:Description>
+ </mdui:UIInfo>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDrjCCApYCCQDOi6fRpM1uGzANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCU0UxETAPBgNVBAcMCEhhbG1zdGFkMRswGQYDVQQKDBJNb250YW5pYSBTeXN0ZW0gQUIxFTATBgNVBAsMDEFnZXJhIE1lZGxlbTEhMB8GA1UEAwwYbWVkbGVtLmdvdGFzdHVkZW50a2FyLnNlMR8wHQYJKoZIhvcNAQkBFhB3ZWJiQG1vbnRhbmlhLnNlMB4XDTE4MDcwNDEzMzExN1oXDTI4MDcwMzEzMzExN1owgZgxCzAJBgNVBAYTAlNFMREwDwYDVQQHDAhIYWxtc3RhZDEbMBkGA1UECgwSTW9udGFuaWEgU3lzdGVtIEFCMRUwEwYDVQQLDAxBZ2VyYSBNZWRsZW0xITAfBgNVBAMMGG1lZGxlbS5nb3Rhc3R1ZGVudGthci5zZTEfMB0GCSqGSIb3DQEJARYQd2ViYkBtb250YW5pYS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMlY3sLNuur0tS9ZGkjFHkrH4xPL1K3u0HmuHyKMsfW8o7pB8/IhQnhpoCyN87C7NrIBEk+leFS2WOJ/5REBQM7+JFpOGBSx/SBAqKI6u6rmoXYuWsW+0MJlKFB04QD3bo0mWNdz5ZgmS39cddPBUwsPUMpRryA/JDgl2/yq8w4DHK8rN0j9thrMzpajbzztxE1RV9kF/wjBv/2hIvNaQs3qKRNEcVLwsP0rN5yfXbglRSBPyvpwhj1LJwdJ8lkMqQXcfKySmODB7vUCR2bz01WwaoPENzrKNTsDWootKnz1abNxi5N+vfKmvOTalg4g1yMqFhWyqnYV8hUvWAFpk60CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAg4qAK4Cb6Xbnt2IbFB6qrPrFelK+M8wO1Lo8zBziApQPxF2wlWkazODQrGxPl3gMWr8Y5LlwptdNQcmUzXL5Pm7dlKkvmh0inFnnDrZ+M1kzSw41qrs4Lf/mriHA0aOG7uXF17+sDZdVUVkBDt9YOys9tBw4sorPkrprOcmcGH4bLhLfJJrmsq3Viz84QY5pxuIEDN8viGdPRNGuhQTufMaoht6F00jEVCIj2FeCnubiCCzWDDVUR2wXrodQ/3eVS0mbzqb3AWwHn0EPevrkNZqF6x1Uab86z2zZ1E3y2zJRND8N5wGug8YQujyIXvvzuBNhfSiq7/XcHxKINYILwQ==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDrjCCApYCCQDOi6fRpM1uGzANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCU0UxETAPBgNVBAcMCEhhbG1zdGFkMRswGQYDVQQKDBJNb250YW5pYSBTeXN0ZW0gQUIxFTATBgNVBAsMDEFnZXJhIE1lZGxlbTEhMB8GA1UEAwwYbWVkbGVtLmdvdGFzdHVkZW50a2FyLnNlMR8wHQYJKoZIhvcNAQkBFhB3ZWJiQG1vbnRhbmlhLnNlMB4XDTE4MDcwNDEzMzExN1oXDTI4MDcwMzEzMzExN1owgZgxCzAJBgNVBAYTAlNFMREwDwYDVQQHDAhIYWxtc3RhZDEbMBkGA1UECgwSTW9udGFuaWEgU3lzdGVtIEFCMRUwEwYDVQQLDAxBZ2VyYSBNZWRsZW0xITAfBgNVBAMMGG1lZGxlbS5nb3Rhc3R1ZGVudGthci5zZTEfMB0GCSqGSIb3DQEJARYQd2ViYkBtb250YW5pYS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMlY3sLNuur0tS9ZGkjFHkrH4xPL1K3u0HmuHyKMsfW8o7pB8/IhQnhpoCyN87C7NrIBEk+leFS2WOJ/5REBQM7+JFpOGBSx/SBAqKI6u6rmoXYuWsW+0MJlKFB04QD3bo0mWNdz5ZgmS39cddPBUwsPUMpRryA/JDgl2/yq8w4DHK8rN0j9thrMzpajbzztxE1RV9kF/wjBv/2hIvNaQs3qKRNEcVLwsP0rN5yfXbglRSBPyvpwhj1LJwdJ8lkMqQXcfKySmODB7vUCR2bz01WwaoPENzrKNTsDWootKnz1abNxi5N+vfKmvOTalg4g1yMqFhWyqnYV8hUvWAFpk60CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAg4qAK4Cb6Xbnt2IbFB6qrPrFelK+M8wO1Lo8zBziApQPxF2wlWkazODQrGxPl3gMWr8Y5LlwptdNQcmUzXL5Pm7dlKkvmh0inFnnDrZ+M1kzSw41qrs4Lf/mriHA0aOG7uXF17+sDZdVUVkBDt9YOys9tBw4sorPkrprOcmcGH4bLhLfJJrmsq3Viz84QY5pxuIEDN8viGdPRNGuhQTufMaoht6F00jEVCIj2FeCnubiCCzWDDVUR2wXrodQ/3eVS0mbzqb3AWwHn0EPevrkNZqF6x1Uab86z2zZ1E3y2zJRND8N5wGug8YQujyIXvvzuBNhfSiq7/XcHxKINYILwQ==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://medlem.gotastudentkar.se/saml/simplesamlwww/module.php/saml/sp/saml2-logout.php/AgeraMedlem"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://medlem.gotastudentkar.se/saml/simplesamlwww/module.php/saml/sp/saml2-acs.php/AgeraMedlem" index="0"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://medlem.gotastudentkar.se/saml/simplesamlwww/module.php/saml/sp/saml1-acs.php/AgeraMedlem" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://medlem.gotastudentkar.se/saml/simplesamlwww/module.php/saml/sp/saml2-acs.php/AgeraMedlem" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://medlem.gotastudentkar.se/saml/simplesamlwww/module.php/saml/sp/saml1-acs.php/AgeraMedlem/artifact" index="3"/>
+ </md:SPSSODescriptor>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>Johan</md:GivenName>
+ <md:SurName>Sölve</md:SurName>
+ <md:EmailAddress>webb@montania.se</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/medlem.lintek.liu.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml b/swamid-2.0/medlem.lintek.liu.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml
new file mode 100644
index 00000000..4c40343f
--- /dev/null
+++ b/swamid-2.0/medlem.lintek.liu.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://medlem.lintek.liu.se/saml/simplesamlwww/module.php/saml/sp/metadata.php/AgeraMedlem">
+ <md:Extensions>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+ <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
+ </samla:Attribute>
+ </mdattr:EntityAttributes>
+ </md:Extensions>
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="sv">Medlemsportalen</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Member Portal</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Medlemsportalen för Linköpings teknologers studentkår</mdui:Description>
+ <mdui:Description xml:lang="en">Member Portal for Linköping Union of Technology and Science Students</mdui:Description>
+ </mdui:UIInfo>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDvjCCAqYCCQChX/KBdFYWXTANBgkqhkiG9w0BAQsFADCBoDELMAkGA1UEBhMCU0UxCjAIBgNVBAgMAS0xETAPBgNVBAcMCEhhbG1zdGFkMRswGQYDVQQKDBJNb250YW5pYSBTeXN0ZW0gQUIxFTATBgNVBAsMDEFnZXJhIE1lZGxlbTEdMBsGA1UEAwwUbWVkbGVtLmxpbnRlay5saXUuc2UxHzAdBgkqhkiG9w0BCQEWEHdlYmJAbW9udGFuaWEuc2UwHhcNMTgwNzA0MTE1ODU1WhcNMjgwNzAzMTE1ODU1WjCBoDELMAkGA1UEBhMCU0UxCjAIBgNVBAgMAS0xETAPBgNVBAcMCEhhbG1zdGFkMRswGQYDVQQKDBJNb250YW5pYSBTeXN0ZW0gQUIxFTATBgNVBAsMDEFnZXJhIE1lZGxlbTEdMBsGA1UEAwwUbWVkbGVtLmxpbnRlay5saXUuc2UxHzAdBgkqhkiG9w0BCQEWEHdlYmJAbW9udGFuaWEuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUSflkj4/v3zciaRRGV88x81tuYumdPZETLOqjWhm7b/eDiTJ8MFcmNtjHW7VEZFGSqwE3iL4Zeu6C7CJQ1HUhNjiSATrapknwNUJ7amBiqMlPymF23OSfP49dN3bnwD3+rwf9g7KCNWe6OUEX+2rg+JGm3nYGODqaEJPyjvwdZO3ZubJlYNeb0RuTYy/LVHMvlVmC2ro4nGC40MEgu0ZABzeUGNmmTZGdC6Gcw3uecTfMeHPz7PtY3JBvU1HBqjel6LIB4OY6QdwmASmfr4ypcjgLqPS7VdPbVkWgyiL766oZGW0UKp03IrxkT93CLoZqTQJkSo5+W2k6cvGa3n95AgMBAAEwDQYJKoZIhvcNAQELBQADggEBAKaDARKMMuzNA4fROSv07ZFq+TvasLI0Psc7vqcv2zwtcAsmQw940X94v202Y2+r6Om1ZPHPqXMNjFPBAJWqFb1YOceX+XAQvunT3WUfohqlZQyVDlyRmBwzJSgPTo5Tg5qeiDR6/h1YASRaJfdDY4h0VjnBvEpoYCd2fj6qBWJ10KmFdkTo3sA+7e4tOO1Z6s/E/EWt39DA3Nq0JBkB4Jgspl7njcsytDGVzaN4eravKLvLdsbm/W5b56V8f1hL3XLQ3WIAAx7lyVTAU8i1uAOvrxycMPR+HfCS9rD2MVjWmbsiZdDBzbenqdXdR2av5E0czXVzuj5Pav8pqkxOFLY=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDvjCCAqYCCQChX/KBdFYWXTANBgkqhkiG9w0BAQsFADCBoDELMAkGA1UEBhMCU0UxCjAIBgNVBAgMAS0xETAPBgNVBAcMCEhhbG1zdGFkMRswGQYDVQQKDBJNb250YW5pYSBTeXN0ZW0gQUIxFTATBgNVBAsMDEFnZXJhIE1lZGxlbTEdMBsGA1UEAwwUbWVkbGVtLmxpbnRlay5saXUuc2UxHzAdBgkqhkiG9w0BCQEWEHdlYmJAbW9udGFuaWEuc2UwHhcNMTgwNzA0MTE1ODU1WhcNMjgwNzAzMTE1ODU1WjCBoDELMAkGA1UEBhMCU0UxCjAIBgNVBAgMAS0xETAPBgNVBAcMCEhhbG1zdGFkMRswGQYDVQQKDBJNb250YW5pYSBTeXN0ZW0gQUIxFTATBgNVBAsMDEFnZXJhIE1lZGxlbTEdMBsGA1UEAwwUbWVkbGVtLmxpbnRlay5saXUuc2UxHzAdBgkqhkiG9w0BCQEWEHdlYmJAbW9udGFuaWEuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUSflkj4/v3zciaRRGV88x81tuYumdPZETLOqjWhm7b/eDiTJ8MFcmNtjHW7VEZFGSqwE3iL4Zeu6C7CJQ1HUhNjiSATrapknwNUJ7amBiqMlPymF23OSfP49dN3bnwD3+rwf9g7KCNWe6OUEX+2rg+JGm3nYGODqaEJPyjvwdZO3ZubJlYNeb0RuTYy/LVHMvlVmC2ro4nGC40MEgu0ZABzeUGNmmTZGdC6Gcw3uecTfMeHPz7PtY3JBvU1HBqjel6LIB4OY6QdwmASmfr4ypcjgLqPS7VdPbVkWgyiL766oZGW0UKp03IrxkT93CLoZqTQJkSo5+W2k6cvGa3n95AgMBAAEwDQYJKoZIhvcNAQELBQADggEBAKaDARKMMuzNA4fROSv07ZFq+TvasLI0Psc7vqcv2zwtcAsmQw940X94v202Y2+r6Om1ZPHPqXMNjFPBAJWqFb1YOceX+XAQvunT3WUfohqlZQyVDlyRmBwzJSgPTo5Tg5qeiDR6/h1YASRaJfdDY4h0VjnBvEpoYCd2fj6qBWJ10KmFdkTo3sA+7e4tOO1Z6s/E/EWt39DA3Nq0JBkB4Jgspl7njcsytDGVzaN4eravKLvLdsbm/W5b56V8f1hL3XLQ3WIAAx7lyVTAU8i1uAOvrxycMPR+HfCS9rD2MVjWmbsiZdDBzbenqdXdR2av5E0czXVzuj5Pav8pqkxOFLY=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://medlem.lintek.liu.se/saml/simplesamlwww/module.php/saml/sp/saml2-logout.php/AgeraMedlem"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://medlem.lintek.liu.se/saml/simplesamlwww/module.php/saml/sp/saml2-acs.php/AgeraMedlem" index="0"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://medlem.lintek.liu.se/saml/simplesamlwww/module.php/saml/sp/saml1-acs.php/AgeraMedlem" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://medlem.lintek.liu.se/saml/simplesamlwww/module.php/saml/sp/saml2-acs.php/AgeraMedlem" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://medlem.lintek.liu.se/saml/simplesamlwww/module.php/saml/sp/saml1-acs.php/AgeraMedlem/artifact" index="3"/>
+ </md:SPSSODescriptor>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>Johan</md:GivenName>
+ <md:SurName>Sölve</md:SurName>
+ <md:EmailAddress>webb@montania.se</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/medlem.stuff.liu.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml b/swamid-2.0/medlem.stuff.liu.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml
new file mode 100644
index 00000000..7751b612
--- /dev/null
+++ b/swamid-2.0/medlem.stuff.liu.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://medlem.stuff.liu.se/saml/simplesamlwww/module.php/saml/sp/metadata.php/AgeraMedlem">
+ <md:Extensions>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+ <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
+ </samla:Attribute>
+ </mdattr:EntityAttributes>
+ </md:Extensions>
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="sv">Medlemsportalen</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Member Portal</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Medlemsportalen för StuFF</mdui:Description>
+ <mdui:Description xml:lang="en">Member Portal for StuFF</mdui:Description>
+ </mdui:UIInfo>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDpDCCAowCCQDTYedhFyC/YjANBgkqhkiG9w0BAQsFADCBkzELMAkGA1UEBhMCU0UxETAPBgNVBAcMCEhhbG1zdGFkMRswGQYDVQQKDBJNb250YW5pYSBTeXN0ZW0gQUIxFTATBgNVBAsMDEFnZXJhIE1lZGxlbTEcMBoGA1UEAwwTbWVkbGVtLnN0dWZmLmxpdS5zZTEfMB0GCSqGSIb3DQEJARYQd2ViYkBtb250YW5pYS5zZTAeFw0xODA3MDQxMjEzMDFaFw0yODA3MDMxMjEzMDFaMIGTMQswCQYDVQQGEwJTRTERMA8GA1UEBwwISGFsbXN0YWQxGzAZBgNVBAoMEk1vbnRhbmlhIFN5c3RlbSBBQjEVMBMGA1UECwwMQWdlcmEgTWVkbGVtMRwwGgYDVQQDDBNtZWRsZW0uc3R1ZmYubGl1LnNlMR8wHQYJKoZIhvcNAQkBFhB3ZWJiQG1vbnRhbmlhLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQoJmAJhgqKSS0MzTeeHeE56i04rUEddn9tu/x5F6boC+ggG14UnPUbXhCfo9ZjDHQO28+yCWdRhfWAmvCWfmKkhSx4CpgfE9Yn6mw8+CrssfUUUAkzvqddc7a3ZjL7LPmSntWi3zQE0fzUQv7X4YOzMc9mVQ2TMzy4aKhwGS6ib41m8T4AGRwUEZFbKMt+wDq3YslBfcTTQyc62cRGl3xNsc+Z39Pa43Sb6bqjc9IClpjHObXxRyUpnq2eRg6GRE8yR0wXQG4kwZZAZ/jXS5Mp7xMuCID6qFiNGC+c5AUhCJ8iLmqF+0wmgJq11MeNcng0LtFWNW6VDwlWqtTEdDQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAid7qCYqN9v+CrkPEIUUgSpUiqi+38KasiemtdjbcHL7qSqFjv+KpS5DSvSu+PWsr4q4unHtzzAl08HcKwr8xOab3w1t/qq20cocyPCD+nSJIbtc8kWF7hjj+R6DUFVxe9dK05GUAB7QQHovYIaKKQCyLcPwFJk+u2CK/rLfcQOI7tLmd/nUX+4AbEMa0hdETGJ4Ahfp9lP7PdxAmBmR2WWa5gdga9C8dwuLphzeJtEdXpVBiyocfeUZB8mHNExRezzjFVp/K5QfHnXeTGO6CNrdX4F41BASRmCPTMQYTjFcMfRGpmJIdF4qCloFubbPEXSnGi909x2gdYyH6p3LFz</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDpDCCAowCCQDTYedhFyC/YjANBgkqhkiG9w0BAQsFADCBkzELMAkGA1UEBhMCU0UxETAPBgNVBAcMCEhhbG1zdGFkMRswGQYDVQQKDBJNb250YW5pYSBTeXN0ZW0gQUIxFTATBgNVBAsMDEFnZXJhIE1lZGxlbTEcMBoGA1UEAwwTbWVkbGVtLnN0dWZmLmxpdS5zZTEfMB0GCSqGSIb3DQEJARYQd2ViYkBtb250YW5pYS5zZTAeFw0xODA3MDQxMjEzMDFaFw0yODA3MDMxMjEzMDFaMIGTMQswCQYDVQQGEwJTRTERMA8GA1UEBwwISGFsbXN0YWQxGzAZBgNVBAoMEk1vbnRhbmlhIFN5c3RlbSBBQjEVMBMGA1UECwwMQWdlcmEgTWVkbGVtMRwwGgYDVQQDDBNtZWRsZW0uc3R1ZmYubGl1LnNlMR8wHQYJKoZIhvcNAQkBFhB3ZWJiQG1vbnRhbmlhLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQoJmAJhgqKSS0MzTeeHeE56i04rUEddn9tu/x5F6boC+ggG14UnPUbXhCfo9ZjDHQO28+yCWdRhfWAmvCWfmKkhSx4CpgfE9Yn6mw8+CrssfUUUAkzvqddc7a3ZjL7LPmSntWi3zQE0fzUQv7X4YOzMc9mVQ2TMzy4aKhwGS6ib41m8T4AGRwUEZFbKMt+wDq3YslBfcTTQyc62cRGl3xNsc+Z39Pa43Sb6bqjc9IClpjHObXxRyUpnq2eRg6GRE8yR0wXQG4kwZZAZ/jXS5Mp7xMuCID6qFiNGC+c5AUhCJ8iLmqF+0wmgJq11MeNcng0LtFWNW6VDwlWqtTEdDQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAid7qCYqN9v+CrkPEIUUgSpUiqi+38KasiemtdjbcHL7qSqFjv+KpS5DSvSu+PWsr4q4unHtzzAl08HcKwr8xOab3w1t/qq20cocyPCD+nSJIbtc8kWF7hjj+R6DUFVxe9dK05GUAB7QQHovYIaKKQCyLcPwFJk+u2CK/rLfcQOI7tLmd/nUX+4AbEMa0hdETGJ4Ahfp9lP7PdxAmBmR2WWa5gdga9C8dwuLphzeJtEdXpVBiyocfeUZB8mHNExRezzjFVp/K5QfHnXeTGO6CNrdX4F41BASRmCPTMQYTjFcMfRGpmJIdF4qCloFubbPEXSnGi909x2gdYyH6p3LFz</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://medlem.stuff.liu.se/saml/simplesamlwww/module.php/saml/sp/saml2-logout.php/AgeraMedlem"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://medlem.stuff.liu.se/saml/simplesamlwww/module.php/saml/sp/saml2-acs.php/AgeraMedlem" index="0"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://medlem.stuff.liu.se/saml/simplesamlwww/module.php/saml/sp/saml1-acs.php/AgeraMedlem" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://medlem.stuff.liu.se/saml/simplesamlwww/module.php/saml/sp/saml2-acs.php/AgeraMedlem" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://medlem.stuff.liu.se/saml/simplesamlwww/module.php/saml/sp/saml1-acs.php/AgeraMedlem/artifact" index="3"/>
+ </md:SPSSODescriptor>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>Johan</md:GivenName>
+ <md:SurName>Sölve</md:SurName>
+ <md:EmailAddress>webb@montania.se</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/openexam.bmc.uu.se-simplesaml.xml b/swamid-2.0/openexam.bmc.uu.se-simplesaml.xml
index 7108da8a..fe46a178 100644
--- a/swamid-2.0/openexam.bmc.uu.se-simplesaml.xml
+++ b/swamid-2.0/openexam.bmc.uu.se-simplesaml.xml
@@ -12,15 +12,14 @@
<md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
<md:Extensions>
<mdui:UIInfo>
+ <mdui:DisplayName xml:lang="sv">OpenExam - Elektroniska tentor (CBE)</mdui:DisplayName>
<mdui:DisplayName xml:lang="en">OpenExam - Electronic Exams (CBE)</mdui:DisplayName>
- <mdui:DisplayName xml:lang="sv">OpenExam - Elektroniska Tentor (CBE)</mdui:DisplayName>
- <mdui:Description xml:lang="en">OpenExam is a service platform for cunducting electronic exams.</mdui:Description>
- <mdui:Description xml:lang="sv">OpenExam är en service platform för att genomföra elektroniska tentor.</mdui:Description>
- <mdui:InformationURL xml:lang="en">http://openexam.bmc.uu.se/about</mdui:InformationURL>
- <mdui:InformationURL xml:lang="sv">http://openexam.bmc.uu.se/about</mdui:InformationURL>
- <mdui:PrivacyStatementURL xml:lang="en">http://openexam.bmc.uu.se/privacy</mdui:PrivacyStatementURL>
- <mdui:PrivacyStatementURL xml:lang="sv">http://openexam.bmc.uu.se/privacy</mdui:PrivacyStatementURL>
- <mdui:Logo width="100" height="100">https://openexam.bmc.uu.se/images/logo-medium-normal.png</mdui:Logo>
+ <mdui:Description xml:lang="sv">OpenExam är en serviceplattform för att genomföra elektroniska tentor.</mdui:Description>
+ <mdui:Description xml:lang="en">OpenExam is a service platform for conducting electronic exams.</mdui:Description>
+ <mdui:InformationURL xml:lang="sv">https://openexam.test.uu.se/about-sv</mdui:InformationURL>
+ <mdui:InformationURL xml:lang="en">https://openexam.test.uu.se/about-en</mdui:InformationURL>
+ <mdui:PrivacyStatementURL xml:lang="sv">https://openexam.test.uu.se/privacy-policy-sv</mdui:PrivacyStatementURL>
+ <mdui:PrivacyStatementURL xml:lang="en">https://openexam.test.uu.se/privacy-policy-en</mdui:PrivacyStatementURL>
</mdui:UIInfo>
</md:Extensions>
<md:KeyDescriptor use="signing">
@@ -45,20 +44,19 @@
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://openexam.bmc.uu.se/simplesaml/module.php/saml/sp/saml1-acs.php/default-sp/artifact" index="3"/>
</md:SPSSODescriptor>
<md:Organization>
- <md:OrganizationName xml:lang="en">Uppsala University</md:OrganizationName>
<md:OrganizationName xml:lang="sv">Uppsala universitet</md:OrganizationName>
- <md:OrganizationDisplayName xml:lang="en">Uppsala University</md:OrganizationDisplayName>
+ <md:OrganizationName xml:lang="en">Uppsala University</md:OrganizationName>
<md:OrganizationDisplayName xml:lang="sv">Uppsala universitet</md:OrganizationDisplayName>
- <md:OrganizationURL xml:lang="en">http://www.uu.se</md:OrganizationURL>
+ <md:OrganizationDisplayName xml:lang="en">Uppsala University</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="sv">http://www.uu.se/</md:OrganizationURL>
+ <md:OrganizationURL xml:lang="en">http://www.uu.se/en/</md:OrganizationURL>
</md:Organization>
+ <md:ContactPerson contactType="technical">
+ <md:Company>Uppsala universitet</md:Company>
+ <md:EmailAddress>mailto:drift@uadm.uu.se</md:EmailAddress>
+ </md:ContactPerson>
<md:ContactPerson contactType="support">
- <md:GivenName>OpenExam</md:GivenName>
+ <md:Company>Uppsala universitet</md:Company>
<md:EmailAddress>mailto:openexam@bmc.uu.se</md:EmailAddress>
</md:ContactPerson>
- <md:ContactPerson contactType="technical">
- <md:GivenName>Anders</md:GivenName>
- <md:SurName>Lövgren</md:SurName>
- <md:EmailAddress>mailto:anders.lovgren@bmc.uu.se</md:EmailAddress>
- <md:TelephoneNumber>+46 18 4714016</md:TelephoneNumber>
- </md:ContactPerson>
</md:EntityDescriptor>
diff --git a/swamid-2.0/pilot.idp.eduid.se-idp.xml b/swamid-2.0/pilot.idp.eduid.se-idp.xml
deleted file mode 100644
index ff1e5deb..00000000
--- a/swamid-2.0/pilot.idp.eduid.se-idp.xml
+++ /dev/null
@@ -1,82 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<ns0:EntityDescriptor xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ns1="urn:mace:shibboleth:metadata:1.0" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" entityID="https://pilot.idp.eduid.se/idp.xml">
- <ns0:IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
- <ns0:Extensions>
- <ns1:Scope regexp="false">pilot.eduid.se</ns1:Scope>
- </ns0:Extensions>
- <ns0:KeyDescriptor use="encryption">
- <ns2:KeyInfo>
- <ns2:X509Data>
- <ns2:X509Certificate>MIIDXjCCAhagAwIBAgIEUpw56jANBgkqhkiG9w0BAQsFADAgMR4wHAYDVQQDExUy
-MDEzMTIwMi5pZHAuZWR1aWQuc2UwHhcNMTMxMjAyMDc0MjM2WhcNMTYxMjAxMDc0
-MzI5WjAgMR4wHAYDVQQDExUyMDEzMTIwMi5pZHAuZWR1aWQuc2UwggFSMA0GCSqG
-SIb3DQEBAQUAA4IBPwAwggE6AoIBMQDBUWjILLi4wc4It2A1IJHOx1ho87XAYYqR
-GPXGZg978+sJsesZamPR7wnxqYnXng+lCrKO3xEtrLE1JxzrEGY4xUMtnVOJmwgZ
-G8+TVmppZsmIu/sQd0+uF+fFAc9BgYx+xL/KEpJLDM/BaoQnt5AIz1L8iG3L6hur
-D8/79EN4Bp8tNG1WcX5Y8TjNk+4V9kd/GGZKaABH79aq2gD5W3F/j/A66b/qByq2
-LrbCZi1C9ED8X3oFeKXAQd/r82koj8ErKAaPfQXa6oxBn+hFwJ53bC4ixW84gOlI
-oAZovK7uAE9xBoJOoW86rGRfFhJy7Jl41JqsjbOXGwKG0Ze4i00yJskiNWDiZh5n
-ZgxnTY9vu1JMEIoVEhdaoeuXThUidFcHUKoGgfq8iQHIh9ehqhFpAgMBAAGjQDA+
-MAwGA1UdEwEB/wQCMAAwDwYDVR0PAQH/BAUDAwegADAdBgNVHQ4EFgQUOJHQvHUg
-3gPXPmJFWbX+GzVCxWEwDQYJKoZIhvcNAQELBQADggExAIqLh7pcjkYAr3n3msYf
-PRasAPR+5OIdi7DSDNpPaPQnlSTGz0XwesxUvwhTuir7SDuqOzhoTW07jM8p8GQI
-1cxdaHxnaxF+O5iNkU5Pgx0XhyktXfGeB4uhB33bULN0SfpgaEyyXbOGTRz06Th4
-3AW90cP+5odC/z+yHhcOHq4VcdOg3jZZtTBghQ08u3i7cJLIG5Auc0PZb37hgLRy
-lAKHUrahuhbPDQhFjBwBX6rmRlDlMqNLhDdmlNPxg6xUbNpJIi6OnG/YpVRjbgcg
-1JUccanKdjA79iR/QeMGaJHmBm/iVTmq4XQSaeBi3nfkTrxZdHD+UsP7TXorwD9Y
-p5fHVO1o2XawoMuliRxlRkSbfW79b1XeKXBkV93clVkWc4M2VxBAsaT6yEwOLdif
-7js=
-</ns2:X509Certificate>
- </ns2:X509Data>
- </ns2:KeyInfo>
- </ns0:KeyDescriptor>
- <ns0:KeyDescriptor use="signing">
- <ns2:KeyInfo>
- <ns2:X509Data>
- <ns2:X509Certificate>MIIDXjCCAhagAwIBAgIEUpw56jANBgkqhkiG9w0BAQsFADAgMR4wHAYDVQQDExUy
-MDEzMTIwMi5pZHAuZWR1aWQuc2UwHhcNMTMxMjAyMDc0MjM2WhcNMTYxMjAxMDc0
-MzI5WjAgMR4wHAYDVQQDExUyMDEzMTIwMi5pZHAuZWR1aWQuc2UwggFSMA0GCSqG
-SIb3DQEBAQUAA4IBPwAwggE6AoIBMQDBUWjILLi4wc4It2A1IJHOx1ho87XAYYqR
-GPXGZg978+sJsesZamPR7wnxqYnXng+lCrKO3xEtrLE1JxzrEGY4xUMtnVOJmwgZ
-G8+TVmppZsmIu/sQd0+uF+fFAc9BgYx+xL/KEpJLDM/BaoQnt5AIz1L8iG3L6hur
-D8/79EN4Bp8tNG1WcX5Y8TjNk+4V9kd/GGZKaABH79aq2gD5W3F/j/A66b/qByq2
-LrbCZi1C9ED8X3oFeKXAQd/r82koj8ErKAaPfQXa6oxBn+hFwJ53bC4ixW84gOlI
-oAZovK7uAE9xBoJOoW86rGRfFhJy7Jl41JqsjbOXGwKG0Ze4i00yJskiNWDiZh5n
-ZgxnTY9vu1JMEIoVEhdaoeuXThUidFcHUKoGgfq8iQHIh9ehqhFpAgMBAAGjQDA+
-MAwGA1UdEwEB/wQCMAAwDwYDVR0PAQH/BAUDAwegADAdBgNVHQ4EFgQUOJHQvHUg
-3gPXPmJFWbX+GzVCxWEwDQYJKoZIhvcNAQELBQADggExAIqLh7pcjkYAr3n3msYf
-PRasAPR+5OIdi7DSDNpPaPQnlSTGz0XwesxUvwhTuir7SDuqOzhoTW07jM8p8GQI
-1cxdaHxnaxF+O5iNkU5Pgx0XhyktXfGeB4uhB33bULN0SfpgaEyyXbOGTRz06Th4
-3AW90cP+5odC/z+yHhcOHq4VcdOg3jZZtTBghQ08u3i7cJLIG5Auc0PZb37hgLRy
-lAKHUrahuhbPDQhFjBwBX6rmRlDlMqNLhDdmlNPxg6xUbNpJIi6OnG/YpVRjbgcg
-1JUccanKdjA79iR/QeMGaJHmBm/iVTmq4XQSaeBi3nfkTrxZdHD+UsP7TXorwD9Y
-p5fHVO1o2XawoMuliRxlRkSbfW79b1XeKXBkV93clVkWc4M2VxBAsaT6yEwOLdif
-7js=
-</ns2:X509Certificate>
- </ns2:X509Data>
- </ns2:KeyInfo>
- </ns0:KeyDescriptor>
- <ns0:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://pilot.idp.eduid.se/slo/soap"/>
- <ns0:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pilot.idp.eduid.se/slo/post"/>
- <ns0:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://pilot.idp.eduid.se/slo/redirect"/>
- <ns0:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</ns0:NameIDFormat>
- <ns0:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</ns0:NameIDFormat>
- <ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://pilot.idp.eduid.se/sso/redirect"/>
- <ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pilot.idp.eduid.se/sso/post"/>
- <ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pilot.idp.eduid.se/sso/art"/>
- </ns0:IDPSSODescriptor>
- <ns0:Organization>
- <ns0:OrganizationName xml:lang="en">eduID PILOT</ns0:OrganizationName>
- <ns0:OrganizationDisplayName xml:lang="en">eduID PILOT</ns0:OrganizationDisplayName>
- <ns0:OrganizationURL xml:lang="en">http://www.eduid.se/</ns0:OrganizationURL>
- </ns0:Organization>
- <ns0:ContactPerson contactType="technical">
- <ns0:GivenName>eduID</ns0:GivenName>
- <ns0:SurName>developers</ns0:SurName>
- <ns0:EmailAddress>eduid-dev@SEGATE.SUNET.SE</ns0:EmailAddress>
- </ns0:ContactPerson>
- <ns0:ContactPerson contactType="support">
- <ns0:GivenName>Support</ns0:GivenName>
- <ns0:EmailAddress>support@eduid.se</ns0:EmailAddress>
- </ns0:ContactPerson>
-</ns0:EntityDescriptor>
diff --git a/swamid-2.0/play.ju.se.xml b/swamid-2.0/play.ju.se.xml
new file mode 100644
index 00000000..7197ef69
--- /dev/null
+++ b/swamid-2.0/play.ju.se.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://play.ju.se">
+ <md:Extensions>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue>
+ </samla:Attribute>
+ </mdattr:EntityAttributes>
+ </md:Extensions>
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="en">Jönköping University Play service</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="sv">Högskolan i Jönköping Playtjänst</mdui:DisplayName>
+ <mdui:Description xml:lang="en">This service is for presentation of videos from Jönköping University.</mdui:Description>
+ <mdui:Description xml:lang="sv">Denna tjänst används för presentationer av video från Högskolan i Jönköping.</mdui:Description>
+ <mdui:Logo height="77" width="299">https://lpw.hj.se/images/hj/gfx/hj-sv.png</mdui:Logo>
+ <mdui:Logo xml:lang="sv" height="77" width="299">https://lpw.hj.se/images/hj/gfx/hj-sv.png</mdui:Logo>
+ <mdui:Logo xml:lang="en" height="77" width="299">https://lpw.hj.se/images/hj/gfx/hj-sv.png</mdui:Logo>
+ </mdui:UIInfo>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIICMjCCAZugAwIBAgIUNTWT26lK8ZSiQUyTUl0RoiGV4yAwDQYJKoZIhvcNAQEFBQAwPTEpMCcGA1UEAwwgMzI0LW1lZGlhc3BhY2Uua2FsdHVyYS5ub3JkdS5uZXQxEDAOBgNVBAoMB2thbHR1cmEwHhcNMTgwNTI5MTEzMjA1WhcNMTkwNTI5MTEzMjA1WjA9MSkwJwYDVQQDDCAzMjQtbWVkaWFzcGFjZS5rYWx0dXJhLm5vcmR1Lm5ldDEQMA4GA1UECgwHa2FsdHVyYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA25ss28aYBmKyumvI41hpQoQPep9uwhcb9WG0VX6p+nTi7rkk6DvZibfwNCeU4guo0kViuQRLxKbL4R5qmlGdnDrbK2rxdZqXiANu8Oq2EH+3APqHx1c3isv3cbPV0ckQ99IAbtz+sQ7sZe4DB1tRU7he/fdTS/A+z17ud9ZaAUECAwEAAaMvMC0wKwYDVR0RBCQwIoIgMzI0LW1lZGlhc3BhY2Uua2FsdHVyYS5ub3JkdS5uZXQwDQYJKoZIhvcNAQEFBQADgYEAfpxmxPLqbkH8TqyCeBa/Cxp4wipA/W5G2hNG1o3PByooHQDqmM/WTVJVaA+r0TWexfFFF8SiqBoLjmB7/AKr0MyNnAqBga+1dELItmj+NWd6/+8ioYnMcOWFo2mOXSQbis9a4qC2z0ZEGNu3vylTiHWLVJobCwgemrnAguSHEoI=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIICMjCCAZugAwIBAgIUNTWT26lK8ZSiQUyTUl0RoiGV4yAwDQYJKoZIhvcNAQEFBQAwPTEpMCcGA1UEAwwgMzI0LW1lZGlhc3BhY2Uua2FsdHVyYS5ub3JkdS5uZXQxEDAOBgNVBAoMB2thbHR1cmEwHhcNMTgwNTI5MTEzMjA1WhcNMTkwNTI5MTEzMjA1WjA9MSkwJwYDVQQDDCAzMjQtbWVkaWFzcGFjZS5rYWx0dXJhLm5vcmR1Lm5ldDEQMA4GA1UECgwHa2FsdHVyYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA25ss28aYBmKyumvI41hpQoQPep9uwhcb9WG0VX6p+nTi7rkk6DvZibfwNCeU4guo0kViuQRLxKbL4R5qmlGdnDrbK2rxdZqXiANu8Oq2EH+3APqHx1c3isv3cbPV0ckQ99IAbtz+sQ7sZe4DB1tRU7he/fdTS/A+z17ud9ZaAUECAwEAAaMvMC0wKwYDVR0RBCQwIoIgMzI0LW1lZGlhc3BhY2Uua2FsdHVyYS5ub3JkdS5uZXQwDQYJKoZIhvcNAQEFBQADgYEAfpxmxPLqbkH8TqyCeBa/Cxp4wipA/W5G2hNG1o3PByooHQDqmM/WTVJVaA+r0TWexfFFF8SiqBoLjmB7/AKr0MyNnAqBga+1dELItmj+NWd6/+8ioYnMcOWFo2mOXSQbis9a4qC2z0ZEGNu3vylTiHWLVJobCwgemrnAguSHEoI=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://play.ju.se/user/logout"/>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://play.ju.se/user/authenticate" index="0"/>
+ </md:SPSSODescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">JU play - Jönköping University</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="en">JU play - Jönköping University</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">https://play.ju.se</md:OrganizationURL>
+ </md:Organization>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>NORDUnet</md:GivenName>
+ <md:SurName>SAML Admin</md:SurName>
+ <md:EmailAddress>mailto:saml@media.nordu.net</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/play.kau.se.xml b/swamid-2.0/play.kau.se.xml
index c93fc6c8..1018b5c8 100644
--- a/swamid-2.0/play.kau.se.xml
+++ b/swamid-2.0/play.kau.se.xml
@@ -20,14 +20,14 @@
<md:KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:X509Data>
- <ds:X509Certificate>MIICMjCCAZugAwIBAgIUJthSm5mO42eUMlr5toLKJCLgBMowDQYJKoZIhvcNAQEFBQAwPTEpMCcGA1UEAwwgMzAwLW1lZGlhc3BhY2Uua2FsdHVyYS5ub3JkdS5uZXQxEDAOBgNVBAoMB2thbHR1cmEwHhcNMTgwNDIwMTE1NTE1WhcNMTkwNDIwMTE1NTE1WjA9MSkwJwYDVQQDDCAzMDAtbWVkaWFzcGFjZS5rYWx0dXJhLm5vcmR1Lm5ldDEQMA4GA1UECgwHa2FsdHVyYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyiDNnoLi56KGDLRoJ0Y2dBj4G7++BtnhkBGqIB0AwF9O0hNgB5smGf6biR+D+qjhrux4tGLM3NBgeevoCBhb5aupP4/0MBeelhdDmoPfApYRVIXp0N0rSy0gVFRtr0sw9T0txuBq3jB/XzVHRmWA8dSm9H0kkoZEzWRViGWroPcCAwEAAaMvMC0wKwYDVR0RBCQwIoIgMzAwLW1lZGlhc3BhY2Uua2FsdHVyYS5ub3JkdS5uZXQwDQYJKoZIhvcNAQEFBQADgYEALwp3i9iN8738mOgmVLI6L/Q9CwtHpJ8HxPENk02v2gjOS5G81kkyjNT6cN5N5FXaLO/X3XmYMx/k3XWZuInvYHfWnGXb2geWycE1P/n150H4j7pq4RNKmoI0D2vlgdngcqjul/2iWjbUdEhOM3eZHbEdQA0Vwbk/PGV8mAuQfbI=</ds:X509Certificate>
+ <ds:X509Certificate>MIIDgDCCAmgCCQCROUvZYUy6nTANBgkqhkiG9w0BAQUFADCBgTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5ZMREwDwYDVQQHDAhOZXcgWW9yazEVMBMGA1UECgwMS2FsdHVyYSBJbmMuMRQwEgYDVQQDDAtwbGF5LmthdS5zZTElMCMGCSqGSIb3DQEJARYWc2FtbF9hZG1pbkBrYWx0dXJhLmNvbTAeFw0xNDEyMTgxMzAxMTRaFw0yNDEyMTcxMzAxMTRaMIGBMQswCQYDVQQGEwJVUzELMAkGA1UECAwCTlkxETAPBgNVBAcMCE5ldyBZb3JrMRUwEwYDVQQKDAxLYWx0dXJhIEluYy4xFDASBgNVBAMMC3BsYXkua2F1LnNlMSUwIwYJKoZIhvcNAQkBFhZzYW1sX2FkbWluQGthbHR1cmEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XggMy5SNVvIqdLuynaM29/WMVAh5Utt7G8nyNJUDqsQ7Zh6ghh0RThxtLnmokPjljs9Kw2aVzAMz+hrf28q+F5915a3q6loTrfm0llxYeRn21023aGxki44p6/B5/8hmQSJQC8JfaI9PcMzI5FxBo/U10waEIeGXzaCCNIofCGa2eqeSVEdhCcT8kKE10E2WZy+8avd4E421POuaJW9osnqGh8m06FtaWqB+MiiETxzxIvMVZvIoF1bSjvDlV1+V0JB0Sl0SO6yU8aGO6P60LPK+y3RkeNkamMgKoLEFnZRUYeoukbLzrXuEyMUMYVFGpe+8MnK9APT3Ti+HHc6ZQIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQBzixsmpkDzazpnjcFicXmJGnRepcawDfirRKOyMCBIaXBi2lX7uWlicl3nD3FXT134aNCBSxrSK1iahiWVbkP5Oc/dleytoKRGgfRWlfgPXf94JcztaHOPu6C4Q2OdF9GvoE0bGzt9uiRMFBcajfgu0Ct0qjWxWyxtW7eOOC01cXX5lXoSmL90jjIJ2qkITpsWafpe2g+EBGaR+VcpYb3i/3j2U7f8XNDMdd6mObznD3l8246bgHMq2Eghw/qKLU6I1Vom23R0oy6xBUo+CDpYVqejh6r9bvkHPVj1o6dlJtSzbruZkUOhw9yqQR7iQjaRG0TSg/DZRfM4EpsjTJUC</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:KeyDescriptor use="encryption">
<ds:KeyInfo>
<ds:X509Data>
- <ds:X509Certificate>MIICMjCCAZugAwIBAgIUJthSm5mO42eUMlr5toLKJCLgBMowDQYJKoZIhvcNAQEFBQAwPTEpMCcGA1UEAwwgMzAwLW1lZGlhc3BhY2Uua2FsdHVyYS5ub3JkdS5uZXQxEDAOBgNVBAoMB2thbHR1cmEwHhcNMTgwNDIwMTE1NTE1WhcNMTkwNDIwMTE1NTE1WjA9MSkwJwYDVQQDDCAzMDAtbWVkaWFzcGFjZS5rYWx0dXJhLm5vcmR1Lm5ldDEQMA4GA1UECgwHa2FsdHVyYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyiDNnoLi56KGDLRoJ0Y2dBj4G7++BtnhkBGqIB0AwF9O0hNgB5smGf6biR+D+qjhrux4tGLM3NBgeevoCBhb5aupP4/0MBeelhdDmoPfApYRVIXp0N0rSy0gVFRtr0sw9T0txuBq3jB/XzVHRmWA8dSm9H0kkoZEzWRViGWroPcCAwEAAaMvMC0wKwYDVR0RBCQwIoIgMzAwLW1lZGlhc3BhY2Uua2FsdHVyYS5ub3JkdS5uZXQwDQYJKoZIhvcNAQEFBQADgYEALwp3i9iN8738mOgmVLI6L/Q9CwtHpJ8HxPENk02v2gjOS5G81kkyjNT6cN5N5FXaLO/X3XmYMx/k3XWZuInvYHfWnGXb2geWycE1P/n150H4j7pq4RNKmoI0D2vlgdngcqjul/2iWjbUdEhOM3eZHbEdQA0Vwbk/PGV8mAuQfbI=</ds:X509Certificate>
+ <ds:X509Certificate>MIIDgDCCAmgCCQCROUvZYUy6nTANBgkqhkiG9w0BAQUFADCBgTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5ZMREwDwYDVQQHDAhOZXcgWW9yazEVMBMGA1UECgwMS2FsdHVyYSBJbmMuMRQwEgYDVQQDDAtwbGF5LmthdS5zZTElMCMGCSqGSIb3DQEJARYWc2FtbF9hZG1pbkBrYWx0dXJhLmNvbTAeFw0xNDEyMTgxMzAxMTRaFw0yNDEyMTcxMzAxMTRaMIGBMQswCQYDVQQGEwJVUzELMAkGA1UECAwCTlkxETAPBgNVBAcMCE5ldyBZb3JrMRUwEwYDVQQKDAxLYWx0dXJhIEluYy4xFDASBgNVBAMMC3BsYXkua2F1LnNlMSUwIwYJKoZIhvcNAQkBFhZzYW1sX2FkbWluQGthbHR1cmEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XggMy5SNVvIqdLuynaM29/WMVAh5Utt7G8nyNJUDqsQ7Zh6ghh0RThxtLnmokPjljs9Kw2aVzAMz+hrf28q+F5915a3q6loTrfm0llxYeRn21023aGxki44p6/B5/8hmQSJQC8JfaI9PcMzI5FxBo/U10waEIeGXzaCCNIofCGa2eqeSVEdhCcT8kKE10E2WZy+8avd4E421POuaJW9osnqGh8m06FtaWqB+MiiETxzxIvMVZvIoF1bSjvDlV1+V0JB0Sl0SO6yU8aGO6P60LPK+y3RkeNkamMgKoLEFnZRUYeoukbLzrXuEyMUMYVFGpe+8MnK9APT3Ti+HHc6ZQIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQBzixsmpkDzazpnjcFicXmJGnRepcawDfirRKOyMCBIaXBi2lX7uWlicl3nD3FXT134aNCBSxrSK1iahiWVbkP5Oc/dleytoKRGgfRWlfgPXf94JcztaHOPu6C4Q2OdF9GvoE0bGzt9uiRMFBcajfgu0Ct0qjWxWyxtW7eOOC01cXX5lXoSmL90jjIJ2qkITpsWafpe2g+EBGaR+VcpYb3i/3j2U7f8XNDMdd6mObznD3l8246bgHMq2Eghw/qKLU6I1Vom23R0oy6xBUo+CDpYVqejh6r9bvkHPVj1o6dlJtSzbruZkUOhw9yqQR7iQjaRG0TSg/DZRfM4EpsjTJUC</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
diff --git a/swamid-2.0/play.mau.se.xml b/swamid-2.0/play.mau.se.xml
new file mode 100644
index 00000000..e5b55e2a
--- /dev/null
+++ b/swamid-2.0/play.mau.se.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://play.mau.se">
+ <md:Extensions>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue>
+ </samla:Attribute>
+ </mdattr:EntityAttributes>
+ </md:Extensions>
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="sv">Mau play</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Mau play</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Detta är Malmö universitets play tjänst</mdui:Description>
+ <mdui:Description xml:lang="en">This is Malmö University's streaming service</mdui:Description>
+ </mdui:UIInfo>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB8zCCAVygAwIBAgIUXDvnYY8aJOJARL71LyNhcC1q9acwDQYJKoZIhvcNAQEFBQAwKDEUMBIGA1UEAwwLcGxheS5tYXUuc2UxEDAOBgNVBAoMB2thbHR1cmEwHhcNMTgwNTI4MTMwODM2WhcNMTkwNTI4MTMwODM2WjAoMRQwEgYDVQQDDAtwbGF5Lm1hdS5zZTEQMA4GA1UECgwHa2FsdHVyYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Vb2Os9nVyCv6XG+nNgbRJYW64d4lyLCoWJN2ZlPjVKwR4+LFY/Z6VFDF6rPOX8NBJYsFXW2nIwyjkpYzea3QT/7Jt5EDTpvWT3+ZBc7FSy7yApYTJfhvlfzJYBni8zU+H0p4DSVsEA6M7WfRabV8jf805pmMRbHG8YFpKCu13cCAwEAAaMaMBgwFgYDVR0RBA8wDYILcGxheS5tYXUuc2UwDQYJKoZIhvcNAQEFBQADgYEAhrAt4rhs8VPUBSNF6d0o6cZJcw/h8XigVpR7BdhfkSpR+mKWZIb4SQX/T8AKWJ1GyW0YlJFASvTkda5OVyNnlLaGUNVXYKYSps2MmYQIGoxp8TUyPMKXx2p9sC80HNrqTmOcaBO0CySicIrWPjkmbAF9cpZ1pQ1HH9sEqrjTEAw=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB8zCCAVygAwIBAgIUXDvnYY8aJOJARL71LyNhcC1q9acwDQYJKoZIhvcNAQEFBQAwKDEUMBIGA1UEAwwLcGxheS5tYXUuc2UxEDAOBgNVBAoMB2thbHR1cmEwHhcNMTgwNTI4MTMwODM2WhcNMTkwNTI4MTMwODM2WjAoMRQwEgYDVQQDDAtwbGF5Lm1hdS5zZTEQMA4GA1UECgwHa2FsdHVyYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Vb2Os9nVyCv6XG+nNgbRJYW64d4lyLCoWJN2ZlPjVKwR4+LFY/Z6VFDF6rPOX8NBJYsFXW2nIwyjkpYzea3QT/7Jt5EDTpvWT3+ZBc7FSy7yApYTJfhvlfzJYBni8zU+H0p4DSVsEA6M7WfRabV8jf805pmMRbHG8YFpKCu13cCAwEAAaMaMBgwFgYDVR0RBA8wDYILcGxheS5tYXUuc2UwDQYJKoZIhvcNAQEFBQADgYEAhrAt4rhs8VPUBSNF6d0o6cZJcw/h8XigVpR7BdhfkSpR+mKWZIb4SQX/T8AKWJ1GyW0YlJFASvTkda5OVyNnlLaGUNVXYKYSps2MmYQIGoxp8TUyPMKXx2p9sC80HNrqTmOcaBO0CySicIrWPjkmbAF9cpZ1pQ1HH9sEqrjTEAw=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://play.mau.se/user/logout"/>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://play.mau.se/user/authenticate" index="0"/>
+ </md:SPSSODescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">Mau play</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="en">Mau play</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">https://play.mau.se</md:OrganizationURL>
+ </md:Organization>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>NORDUnet</md:GivenName>
+ <md:SurName>SAML Admin</md:SurName>
+ <md:EmailAddress>mailto:saml@media.nordu.net</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/play.sh.se.xml b/swamid-2.0/play.sh.se.xml
index 30ff7879..9cd72df0 100644
--- a/swamid-2.0/play.sh.se.xml
+++ b/swamid-2.0/play.sh.se.xml
@@ -41,7 +41,8 @@
<md:OrganizationURL xml:lang="en">https://play.sh.se</md:OrganizationURL>
</md:Organization>
<md:ContactPerson contactType="technical">
- <md:SurName>Administrator</md:SurName>
- <md:EmailAddress>saml_admin@kaltura.com</md:EmailAddress>
+ <md:GivenName>NORDUnet</md:GivenName>
+ <md:SurName>SAML Admin</md:SurName>
+ <md:EmailAddress>saml@media.nordu.net</md:EmailAddress>
</md:ContactPerson>
</md:EntityDescriptor>
diff --git a/swamid-2.0/play.shh.se.xml b/swamid-2.0/play.shh.se.xml
new file mode 100644
index 00000000..05fa88e2
--- /dev/null
+++ b/swamid-2.0/play.shh.se.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://play.shh.se">
+ <md:Extensions>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <samla:AttributeValue>http://www.swamid.se/category/nren-service</samla:AttributeValue>
+ <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+ </samla:Attribute>
+ </mdattr:EntityAttributes>
+ </md:Extensions>
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="en">Sophiahemmet University play service</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="sv">Sophiahemmet Högskolas playtjänst</mdui:DisplayName>
+ <mdui:Description xml:lang="en">This is Sophiahemmet University’s streaming service.</mdui:Description>
+ <mdui:Description xml:lang="sv">Detta är Sophiahemmet Högskolas playtjänst</mdui:Description>
+ </mdui:UIInfo>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIFFTCCA/2gAwIBAgIJAP2taPVBJTORMA0GCSqGSIb3DQEBBQUAMIG3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHzAdBgNVBAoUFlNvcGhpYWhlbW1ldCBIw7Znc2tvbGExITAfBgNVBAsUGEbDtnJ2YWx0bmluZ3NhdmRlbG5pbmdlbjEUMBIGA1UEAxMLcGxheS5zaGguc2UxJjAkBgkqhkiG9w0BCQEWF2pvYWtpbS5sZWhuc3Ryb21Ac2hoLnNlMB4XDTE4MDYxMTA5MTYyNloXDTI4MDYxMDA5MTYyNlowgbcxCzAJBgNVBAYTAlNFMRIwEAYDVQQIEwlTdG9ja2hvbG0xEjAQBgNVBAcTCVN0b2NraG9sbTEfMB0GA1UEChQWU29waGlhaGVtbWV0IEjDtmdza29sYTEhMB8GA1UECxQYRsO2cnZhbHRuaW5nc2F2ZGVsbmluZ2VuMRQwEgYDVQQDEwtwbGF5LnNoaC5zZTEmMCQGCSqGSIb3DQEJARYXam9ha2ltLmxlaG5zdHJvbUBzaGguc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMgETbDyZeCfo14RJN0CmzN2QhWQc6yg16seF8LIsLWIjB3rjsJAuEJoQu89bcWmP5UP34cU6Q1MTATng4oDNJPxaD9Qcc+T42kyPnSQPXw/LvfIKr5jv6EvuZ/oEpuGnB7Zg4QiaWOdYYTxo47CcFFFqN837nffnR6UMLRt62bSG5wAH5c8ERXFdLPMr+PL79hsQDByuFcvC2X15RuKPUtVnHYOjIivdfYZssMsfoOGk6tC4nyaWiBRg4zldR1UZCdcXPVZiP3Mve3aoqRRf7olUEZErvesiRT/J2tEqMqnytIpol5s2K76QbVvJBL+ePyr27ztI+V5kbAti4qDU7AgMBAAGjggEgMIIBHDAdBgNVHQ4EFgQUjjz5ooBxJTlV9mXdjEmdEVc7spcwgewGA1UdIwSB5DCB4YAUjjz5ooBxJTlV9mXdjEmdEVc7spehgb2kgbowgbcxCzAJBgNVBAYTAlNFMRIwEAYDVQQIEwlTdG9ja2hvbG0xEjAQBgNVBAcTCVN0b2NraG9sbTEfMB0GA1UEChQWU29waGlhaGVtbWV0IEjDtmdza29sYTEhMB8GA1UECxQYRsO2cnZhbHRuaW5nc2F2ZGVsbmluZ2VuMRQwEgYDVQQDEwtwbGF5LnNoaC5zZTEmMCQGCSqGSIb3DQEJARYXam9ha2ltLmxlaG5zdHJvbUBzaGguc2WCCQD9rWj1QSUzkTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQBWnjQaWqI+hZyS110KINZc/olLi7FbV953D7kM2vQN/bkaz3X8vlw7vrUfFdfTyEOALHM8uXMynTMW2QMdF5wpOM14+Rtt9it9fswB6Sa+qnXakuCCM/uRy9Fm5OXevPv0+squ2TbhK7lP2iJwVKB5vXVX9jz/RDrw/w7BeQ+8f0yjvk3a5OPp2jUyOP7rfSjn0XkrEe3Vpo8L2kLEiPnC+3bOF+y+WUYWFk/qBzsJ1aOKXz5UbG8SmuAv6BKECkVopkU/dPQtUmd/rqR4tGGFL7EJY9Q2q42uj3lQdNAWK6fryG3vv7Hs5lmVBXsyK9te3+NzLfomPEJoDZR4s47s</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIFFTCCA/2gAwIBAgIJAP2taPVBJTORMA0GCSqGSIb3DQEBBQUAMIG3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHzAdBgNVBAoUFlNvcGhpYWhlbW1ldCBIw7Znc2tvbGExITAfBgNVBAsUGEbDtnJ2YWx0bmluZ3NhdmRlbG5pbmdlbjEUMBIGA1UEAxMLcGxheS5zaGguc2UxJjAkBgkqhkiG9w0BCQEWF2pvYWtpbS5sZWhuc3Ryb21Ac2hoLnNlMB4XDTE4MDYxMTA5MTYyNloXDTI4MDYxMDA5MTYyNlowgbcxCzAJBgNVBAYTAlNFMRIwEAYDVQQIEwlTdG9ja2hvbG0xEjAQBgNVBAcTCVN0b2NraG9sbTEfMB0GA1UEChQWU29waGlhaGVtbWV0IEjDtmdza29sYTEhMB8GA1UECxQYRsO2cnZhbHRuaW5nc2F2ZGVsbmluZ2VuMRQwEgYDVQQDEwtwbGF5LnNoaC5zZTEmMCQGCSqGSIb3DQEJARYXam9ha2ltLmxlaG5zdHJvbUBzaGguc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMgETbDyZeCfo14RJN0CmzN2QhWQc6yg16seF8LIsLWIjB3rjsJAuEJoQu89bcWmP5UP34cU6Q1MTATng4oDNJPxaD9Qcc+T42kyPnSQPXw/LvfIKr5jv6EvuZ/oEpuGnB7Zg4QiaWOdYYTxo47CcFFFqN837nffnR6UMLRt62bSG5wAH5c8ERXFdLPMr+PL79hsQDByuFcvC2X15RuKPUtVnHYOjIivdfYZssMsfoOGk6tC4nyaWiBRg4zldR1UZCdcXPVZiP3Mve3aoqRRf7olUEZErvesiRT/J2tEqMqnytIpol5s2K76QbVvJBL+ePyr27ztI+V5kbAti4qDU7AgMBAAGjggEgMIIBHDAdBgNVHQ4EFgQUjjz5ooBxJTlV9mXdjEmdEVc7spcwgewGA1UdIwSB5DCB4YAUjjz5ooBxJTlV9mXdjEmdEVc7spehgb2kgbowgbcxCzAJBgNVBAYTAlNFMRIwEAYDVQQIEwlTdG9ja2hvbG0xEjAQBgNVBAcTCVN0b2NraG9sbTEfMB0GA1UEChQWU29waGlhaGVtbWV0IEjDtmdza29sYTEhMB8GA1UECxQYRsO2cnZhbHRuaW5nc2F2ZGVsbmluZ2VuMRQwEgYDVQQDEwtwbGF5LnNoaC5zZTEmMCQGCSqGSIb3DQEJARYXam9ha2ltLmxlaG5zdHJvbUBzaGguc2WCCQD9rWj1QSUzkTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQBWnjQaWqI+hZyS110KINZc/olLi7FbV953D7kM2vQN/bkaz3X8vlw7vrUfFdfTyEOALHM8uXMynTMW2QMdF5wpOM14+Rtt9it9fswB6Sa+qnXakuCCM/uRy9Fm5OXevPv0+squ2TbhK7lP2iJwVKB5vXVX9jz/RDrw/w7BeQ+8f0yjvk3a5OPp2jUyOP7rfSjn0XkrEe3Vpo8L2kLEiPnC+3bOF+y+WUYWFk/qBzsJ1aOKXz5UbG8SmuAv6BKECkVopkU/dPQtUmd/rqR4tGGFL7EJY9Q2q42uj3lQdNAWK6fryG3vv7Hs5lmVBXsyK9te3+NzLfomPEJoDZR4s47s</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://play.shh.se/user/logout"/>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://play.shh.se/user/authenticate" index="0"/>
+ </md:SPSSODescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">Sophiahemmet Högskola</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="en">Sophiahemmet Högskola</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">https://play.shh.se</md:OrganizationURL>
+ </md:Organization>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>NORDUnet</md:GivenName>
+ <md:SurName>SAML Admin</md:SurName>
+ <md:EmailAddress>saml@media.nordu.net</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/prestaging.cloudmore.com-shibboleth.xml b/swamid-2.0/prestaging.cloudmore.com-shibboleth.xml
index fa1838e8..04f6f61e 100644
--- a/swamid-2.0/prestaging.cloudmore.com-shibboleth.xml
+++ b/swamid-2.0/prestaging.cloudmore.com-shibboleth.xml
@@ -33,7 +33,7 @@
<mdui:Description xml:lang="en">Cloud Brokerage Platform for IT, Business and Public Sector</mdui:Description>
<mdui:InformationURL xml:lang="en">http://web.cloudmore.com/</mdui:InformationURL>
<mdui:Logo xml:lang="en" height="300" width="300">https://cloudmore.com/Files/Uploads/Shibboleth/Cloudmore-green-icon.png</mdui:Logo>
- <mdui:PrivacyStatementURL xml:lang="en">https://web.cloudmore.com/hubfs/terms/Cloudmore%20Privacy%20Policy%20v2017-04.pdf</mdui:PrivacyStatementURL>
+ <mdui:PrivacyStatementURL xml:lang="en">http://web.cloudmore.com/privacy/cloudmore-data-processing-terms</mdui:PrivacyStatementURL>
</mdui:UIInfo>
</md:Extensions>
<md:KeyDescriptor>
diff --git a/swamid-2.0/proquest-ra21.mnt.se-shibboleth.xml b/swamid-2.0/proquest-ra21.mnt.se-shibboleth.xml
index 6fc8b4fe..049a34f3 100644
--- a/swamid-2.0/proquest-ra21.mnt.se-shibboleth.xml
+++ b/swamid-2.0/proquest-ra21.mnt.se-shibboleth.xml
@@ -1,8 +1,4 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!--
-This is example metadata only. Do *NOT* supply it as is without review,
-and do *NOT* provide it in real time to your partners.
- -->
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://proquest-ra21.mnt.se/shibboleth">
<md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
@@ -78,4 +74,14 @@ ozpzY2SFlw==
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://proquest-ra21.mnt.se/Shibboleth.sso/SAML/POST" index="5"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://proquest-ra21.mnt.se/Shibboleth.sso/SAML/Artifact" index="6"/>
</md:SPSSODescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">The RA21 Project</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="en">Resource Access for the 21st Century (RA21)</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">https://ra21.org</md:OrganizationURL>
+ </md:Organization>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>SWAMID</md:GivenName>
+ <md:SurName>Operations</md:SurName>
+ <md:EmailAddress>mailto:operations@swamid.se</md:EmailAddress>
+ </md:ContactPerson>
</md:EntityDescriptor>
diff --git a/swamid-2.0/ra.se-leg.se-shibboleth.xml b/swamid-2.0/ra.se-leg.se-shibboleth.xml
index 606c0459..a9af6272 100644
--- a/swamid-2.0/ra.se-leg.se-shibboleth.xml
+++ b/swamid-2.0/ra.se-leg.se-shibboleth.xml
@@ -26,10 +26,10 @@
</md:Extensions>
<md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:Extensions>
- <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://ra.se-leg.se/Shibboleth.sso/Login/eduid-dev"/>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://ra.se-leg.se/Shibboleth.sso/Login/eduid"/>
<init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://ra.se-leg.se/Shibboleth.sso/Login/sunet-siths"/>
- <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://ra.se-leg.se/Shibboleth.sso/DS/swamid-test"/>
- <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://ra.se-leg.se/Shibboleth.sso/DS/swamid-test" index="1"/>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://ra.se-leg.se/Shibboleth.sso/DS/ndn"/>
+ <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://ra.se-leg.se/Shibboleth.sso/DS/ndn" index="1"/>
</md:Extensions>
<md:KeyDescriptor>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
@@ -37,29 +37,30 @@
<ds:KeyName>ra.se-leg.se</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=ra.se-leg.se</ds:X509SubjectName>
- <ds:X509Certificate>MIIEDDCCAnSgAwIBAgIJAKj4PEYDXmGDMA0GCSqGSIb3DQEBCwUAMBcxFTATBgNV
-BAMTDHJhLnNlLWxlZy5zZTAeFw0xODA0MDYxMTI3MDlaFw0yODA0MDYxMTI3MDla
-MBcxFTATBgNVBAMTDHJhLnNlLWxlZy5zZTCCAaIwDQYJKoZIhvcNAQEBBQADggGP
-ADCCAYoCggGBAPBitjY82g71TZFD2FoQny+nWi47CWCDcfwac8KY2bli6Gbv1274
-by+g+KQPjvlf4rutKH8TCX0vLwW/Z8z3xKa1r9Jjntj91MdkXhj30+SB/NHvDdDX
-hjodh/o52Jq4STgFelXT8rPin9wl59AzixDYSc2FhvP1wgUm8yinl8I8DbYYntuk
-wEMg2jNpIfMD75fgZ/2OiIA07GtT2NYmidePP4Oh+6fnqm8UCdT78CAJq/68AWVn
-Nb4gPj/xVa/B6PNQfBbcMU4HhCbheog88oVuozkeVJGdcjkxDb/m0JajD7vCxg7A
-7vsUQEy73Xz5YkXSnbuvPSLWxw9LM3sNHPMGtiGEjXkTT0ivP8ck8q7yIng08ePL
-I7z4DE7HAQOtegsy83Wj09svOgD9f4Zbqs9hKZCIMZPEJ4plTEBCdOkjsBSFvv+d
-/pbTApQYgndvSQSX4DJhSpIuspBI7Jbbnom6PUfA/qcwz6OC3Ov9IpS5aQGW4A/Z
-nO+4CM+vuuvmtwIDAQABo1swWTA4BgNVHREEMTAvggxyYS5zZS1sZWcuc2WGH2h0
-dHBzOi8vcmEuc2UtbGVnLnNlL3NoaWJib2xldGgwHQYDVR0OBBYEFMjWjw0gad/q
-TG1L3UlhDczozvD9MA0GCSqGSIb3DQEBCwUAA4IBgQCwC0R5ll6/7Sfj4kdsMrfh
-AmAgwcf1IxqkjEPbhI1y5TRMLhB7Ajex1O2dClv/LcUn47gihDDeQPivWZMAOhSi
-VZ5zvPiFDLSq0qQCr71A/tZQSMTg4Soiy2Pdq9DIsxob2DHV23irjvl6HgdMhxXp
-FIoQ2lf9irpBLaNvOrp1js+FM4PrcAL1vMYUzcUSF01wOevaTtzL/qdQ/ISOmnEK
-TQQgR3l0tQ1DQmLQIrp1PIlrc9pqPf4m9UR10EcFr88Tl9eyBrNHmkXBDelmEFTj
-qGwPATq188LAtfp6xExopWG4OZo2ioiJ67ruOErNB4FXmOBI77/Q8ftWKhs+BsXE
-4tk58laYNiye7lEJym+7UeDMdIwGsOhQaQDaQc5HAfdlUaqLCTXEoXGvH/6dEfeH
-Rs8MaY+DpvgNti0cN9bXRD3aFqi5yC4tWiiHVpYts3442WPSNS3aXxPDgPs+aChd
-T19tniO2NrPKbky6hf0eG9p/Z3d05JLLmxujdGeASX4=
-</ds:X509Certificate>
+ <ds:X509Certificate>
+ MIIEDDCCAnSgAwIBAgIJAKj4PEYDXmGDMA0GCSqGSIb3DQEBCwUAMBcxFTATBgNV
+ BAMTDHJhLnNlLWxlZy5zZTAeFw0xODA0MDYxMTI3MDlaFw0yODA0MDYxMTI3MDla
+ MBcxFTATBgNVBAMTDHJhLnNlLWxlZy5zZTCCAaIwDQYJKoZIhvcNAQEBBQADggGP
+ ADCCAYoCggGBAPBitjY82g71TZFD2FoQny+nWi47CWCDcfwac8KY2bli6Gbv1274
+ by+g+KQPjvlf4rutKH8TCX0vLwW/Z8z3xKa1r9Jjntj91MdkXhj30+SB/NHvDdDX
+ hjodh/o52Jq4STgFelXT8rPin9wl59AzixDYSc2FhvP1wgUm8yinl8I8DbYYntuk
+ wEMg2jNpIfMD75fgZ/2OiIA07GtT2NYmidePP4Oh+6fnqm8UCdT78CAJq/68AWVn
+ Nb4gPj/xVa/B6PNQfBbcMU4HhCbheog88oVuozkeVJGdcjkxDb/m0JajD7vCxg7A
+ 7vsUQEy73Xz5YkXSnbuvPSLWxw9LM3sNHPMGtiGEjXkTT0ivP8ck8q7yIng08ePL
+ I7z4DE7HAQOtegsy83Wj09svOgD9f4Zbqs9hKZCIMZPEJ4plTEBCdOkjsBSFvv+d
+ /pbTApQYgndvSQSX4DJhSpIuspBI7Jbbnom6PUfA/qcwz6OC3Ov9IpS5aQGW4A/Z
+ nO+4CM+vuuvmtwIDAQABo1swWTA4BgNVHREEMTAvggxyYS5zZS1sZWcuc2WGH2h0
+ dHBzOi8vcmEuc2UtbGVnLnNlL3NoaWJib2xldGgwHQYDVR0OBBYEFMjWjw0gad/q
+ TG1L3UlhDczozvD9MA0GCSqGSIb3DQEBCwUAA4IBgQCwC0R5ll6/7Sfj4kdsMrfh
+ AmAgwcf1IxqkjEPbhI1y5TRMLhB7Ajex1O2dClv/LcUn47gihDDeQPivWZMAOhSi
+ VZ5zvPiFDLSq0qQCr71A/tZQSMTg4Soiy2Pdq9DIsxob2DHV23irjvl6HgdMhxXp
+ FIoQ2lf9irpBLaNvOrp1js+FM4PrcAL1vMYUzcUSF01wOevaTtzL/qdQ/ISOmnEK
+ TQQgR3l0tQ1DQmLQIrp1PIlrc9pqPf4m9UR10EcFr88Tl9eyBrNHmkXBDelmEFTj
+ qGwPATq188LAtfp6xExopWG4OZo2ioiJ67ruOErNB4FXmOBI77/Q8ftWKhs+BsXE
+ 4tk58laYNiye7lEJym+7UeDMdIwGsOhQaQDaQc5HAfdlUaqLCTXEoXGvH/6dEfeH
+ Rs8MaY+DpvgNti0cN9bXRD3aFqi5yC4tWiiHVpYts3442WPSNS3aXxPDgPs+aChd
+ T19tniO2NrPKbky6hf0eG9p/Z3d05JLLmxujdGeASX4=
+ </ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
diff --git a/swamid-2.0/scalear-staging2.herokuapp.com.xml b/swamid-2.0/scalear-staging2.herokuapp.com.xml
index 38c468e7..cc7e33ba 100644
--- a/swamid-2.0/scalear-staging2.herokuapp.com.xml
+++ b/swamid-2.0/scalear-staging2.herokuapp.com.xml
@@ -19,7 +19,7 @@
<mdui:Description xml:lang="en">Blended learning platform for interactive in-class and online education.</mdui:Description>
<mdui:Description xml:lang="sv">Plattform för stöd av "flipped classroom" utbildning.</mdui:Description>
<mdui:InformationURL xml:lang="en">https://scalear-staging2.herokuapp.com/home/about</mdui:InformationURL>
- <mdui:PrivacyStatementURL xml:lang="en">https://scalear-staging2.herokuapp.com/home/privacy</mdui:PrivacyStatementURL>
+ <mdui:PrivacyStatementURL xml:lang="en">https://www.scalable-learning.com/home/privacy</mdui:PrivacyStatementURL>
<mdui:Logo xml:lang="en" height="100" width="100">https://scalear-staging2.herokuapp.com/assets/logo-a66e557f3f93b4d5195033ba1a1527a3.png</mdui:Logo>
</mdui:UIInfo>
</md:Extensions>
@@ -27,26 +27,26 @@
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
- MIIDlDCCAnwCCQCyPGeQZpWxojANBgkqhkiG9w0BAQsFADCBizELMAkGA1UEBhMC
- U0UxETAPBgNVBAgMCFNUT0NIT0xNMRIwEAYDVQQHDAlTVE9DS0hPTE0xGjAYBgNV
- BAoMEVNDQUxBQkxFIExFQVJOSU5HMRAwDgYDVQQLDAdzY2FsZWFyMScwJQYDVQQD
- DB5zY2FsZWFyLXN0YWdpbmcyLmhlcm9rdWFwcC5jb20wHhcNMTcwOTI3MDgzMzE1
- WhcNMTgwOTI3MDgzMzE1WjCBizELMAkGA1UEBhMCU0UxETAPBgNVBAgMCFNUT0NI
- T0xNMRIwEAYDVQQHDAlTVE9DS0hPTE0xGjAYBgNVBAoMEVNDQUxBQkxFIExFQVJO
- SU5HMRAwDgYDVQQLDAdzY2FsZWFyMScwJQYDVQQDDB5zY2FsZWFyLXN0YWdpbmcy
- Lmhlcm9rdWFwcC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCb
- eSlTGpkeFTPqK4KByF4XWOGAo6IxPjS6VE5UIVWPhR5wcRH+TW2aF+te6qMrNV2P
- l+MFoBhCqs2hq8lodne7yo5IckZGMk0zJ5zBFXkcdgfXdXbVl8J/lS6G+i2xiQLb
- f8iZ4/TeGHWLBOMEPeigU3BDsw412jJYZEdQw9r9ohqppRPq38AHziY1ntbA/Fby
- GMkyn6AN0GxdzO+U0e+0axA6//67AFi3dFhr++zcYkqxlXrOaTxGZR/7OQ1Id52p
- 4a0rci2VD6VWQ4M1n557WZ51dmNfBMJhbW34j97qEDkAQqzwkaZXKkn18Zhg01b3
- kBj9dGaSQBGT1QzPZYa5AgMBAAEwDQYJKoZIhvcNAQELBQADggEBADyVvXFfsTwC
- YVoiFCaW2PfXO0dJgGRnNtIzkC8/iKXTnGjflb35ai+EpbSO7GsTMWZVyIzV71z8
- DxFM3Gfp6FTd8xlGGmtrwfJZnFqNNrrxm+YQSGk1l4Gal8ZdQ5l+5j65HRWMbYKP
- 298UYVliM/1Wh9jW94Q305PVfJD5Wpeu0OrXS0VPzlW+MOs5e2DAsO7OG0YoqH2z
- y20+gi5doZ33pHgiNwH1zMQIvVwAu9uQizSlgserIuhlEvnRfBkFLv/86RX9+54r
- 3aXwCBhr8rGwhonDuZYCGJNu3Qa5Yt1zLBOQJr+/U/sSEBq+ZDx9mI52PjG6sHTw
- EkfY5Bb1pkM=
+MIIDkjCCAnoCCQC5Ve5a+sh3iDANBgkqhkiG9w0BAQsFADCBijELMAkGA1UEBhMC
+U0UxETAPBgNVBAgMCFNUT0NIT0xNMREwDwYDVQQHDAhTVE9DSE9MTTEaMBgGA1UE
+CgwRU0NBTEFCTEUgTEVBUk5JTkcxEDAOBgNVBAsMB3NjYWxlYXIxJzAlBgNVBAMM
+HnNjYWxlYXItc3RhZ2luZzIuaGVyb2t1YXBwLmNvbTAeFw0xODA2MjAxMDAxMDRa
+Fw0xOTA2MjAxMDAxMDRaMIGKMQswCQYDVQQGEwJTRTERMA8GA1UECAwIU1RPQ0hP
+TE0xETAPBgNVBAcMCFNUT0NIT0xNMRowGAYDVQQKDBFTQ0FMQUJMRSBMRUFSTklO
+RzEQMA4GA1UECwwHc2NhbGVhcjEnMCUGA1UEAwwec2NhbGVhci1zdGFnaW5nMi5o
+ZXJva3VhcHAuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3kp
+UxqZHhUz6iuCgcheF1jhgKOiMT40ulROVCFVj4UecHER/k1tmhfrXuqjKzVdj5fj
+BaAYQqrNoavJaHZ3u8qOSHJGRjJNMyecwRV5HHYH13V21ZfCf5UuhvotsYkC23/I
+meP03hh1iwTjBD3ooFNwQ7MONdoyWGRHUMPa/aIaqaUT6t/AB84mNZ7WwPxW8hjJ
+Mp+gDdBsXczvlNHvtGsQOv/+uwBYt3RYa/vs3GJKsZV6zmk8RmUf+zkNSHedqeGt
+K3ItlQ+lVkODNZ+ee1medXZjXwTCYW1t+I/e6hA5AEKs8JGmVypJ9fGYYNNW95AY
+/XRmkkARk9UMz2WGuQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQB4koH+yV00y2JM
+n1wS2sZGD0llBG/g1zGsKM/gIEBWiTvG3qteI6H0f5F1hjWNO8TZlXQdUWTeJ8SV
+FQLB+/izRhHRJXdXyGghJNr+Y9PPBuqe5qgROEWc97i4A0LpbYVcWahMH8MVMgb2
+yC5bkoUyHu7RT9vhzVlOVUaOAq6i675xavGkjmDw7XGuIuJ4IRvni3LPL7pQ11Mm
+n5B3Ki7ZedRgz3K2SI3pmk+9/QUphUyhHv6fHxCnYS9DlUb35oir5Mf13Sek1Orr
+mobl6dq/UG4r+sHNUozUEoaUiAaRhQ4sRTE3zbMONbEi9n5e/+559yKyOjkutGs6
+B2dCYBmx
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
diff --git a/swamid-2.0/sciencedirect-ra21.mnt.se-shibboleth.xml b/swamid-2.0/sciencedirect-ra21.mnt.se-shibboleth.xml
index b889c5f8..dab09836 100644
--- a/swamid-2.0/sciencedirect-ra21.mnt.se-shibboleth.xml
+++ b/swamid-2.0/sciencedirect-ra21.mnt.se-shibboleth.xml
@@ -1,8 +1,4 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!--
-This is example metadata only. Do *NOT* supply it as is without review,
-and do *NOT* provide it in real time to your partners.
- -->
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://sciencedirect-ra21.mnt.se/shibboleth">
<md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
@@ -78,4 +74,14 @@ yJh/Ogdw9ygHU2WVNt79W02hh9M6qw==
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sciencedirect-ra21.mnt.se/Shibboleth.sso/SAML/POST" index="5"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://sciencedirect-ra21.mnt.se/Shibboleth.sso/SAML/Artifact" index="6"/>
</md:SPSSODescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">The RA21 Project</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="en">Resource Access for the 21st Century (RA21)</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">https://ra21.org</md:OrganizationURL>
+ </md:Organization>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>SWAMID</md:GivenName>
+ <md:SurName>Operations</md:SurName>
+ <md:EmailAddress>mailto:operations@swamid.se</md:EmailAddress>
+ </md:ContactPerson>
</md:EntityDescriptor>
diff --git a/swamid-2.0/secure.urkund.com-shibboleth.xml b/swamid-2.0/secure.urkund.com-shibboleth.xml
index 0a29e7a5..48198556 100644
--- a/swamid-2.0/secure.urkund.com-shibboleth.xml
+++ b/swamid-2.0/secure.urkund.com-shibboleth.xml
@@ -95,6 +95,14 @@ gEln3A==
<md:RequestedAttribute FriendlyName="eduPersonScopedAffiliation" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
</md:AttributeConsumingService>
</md:SPSSODescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">Prio Infocenter AB</md:OrganizationName>
+ <md:OrganizationName xml:lang="sv">Prio Infocenter AB</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="en">URKUND / Prio Infocenter AB</md:OrganizationDisplayName>
+ <md:OrganizationDisplayName xml:lang="sv">URKUND / Prio Infocenter AB</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">https://www.urkund.com/en/</md:OrganizationURL>
+ <md:OrganizationURL xml:lang="sv">https://www.urkund.com/sv/</md:OrganizationURL>
+ </md:Organization>
<md:ContactPerson contactType="administrative">
<md:GivenName>Peter</md:GivenName>
<md:SurName>Witasp</md:SurName>
diff --git a/swamid-2.0/staging-us.cloudmore.com-shibboleth.xml b/swamid-2.0/staging-us.cloudmore.com-shibboleth.xml
index c8f0da66..bfa8d45f 100644
--- a/swamid-2.0/staging-us.cloudmore.com-shibboleth.xml
+++ b/swamid-2.0/staging-us.cloudmore.com-shibboleth.xml
@@ -31,7 +31,7 @@
<mdui:Description xml:lang="en">Cloud Brokerage Platform for IT, Business and Public Sector</mdui:Description>
<mdui:InformationURL xml:lang="en">http://web.cloudmore.com/</mdui:InformationURL>
<mdui:Logo xml:lang="en" height="300" width="300">https://us.cloudmore.com/Files/Uploads/Shibboleth/Cloudmore-green-icon.png</mdui:Logo>
- <mdui:PrivacyStatementURL xml:lang="en">https://web.cloudmore.com/hubfs/terms/Cloudmore%20Privacy%20Policy%20v2017-04.pdf</mdui:PrivacyStatementURL>
+ <mdui:PrivacyStatementURL xml:lang="en">http://web.cloudmore.com/privacy/cloudmore-data-processing-terms</mdui:PrivacyStatementURL>
</mdui:UIInfo>
</md:Extensions>
<md:KeyDescriptor>
diff --git a/swamid-2.0/staging.cloudmore.com-shibboleth.xml b/swamid-2.0/staging.cloudmore.com-shibboleth.xml
index ace5c6bd..bff5486c 100644
--- a/swamid-2.0/staging.cloudmore.com-shibboleth.xml
+++ b/swamid-2.0/staging.cloudmore.com-shibboleth.xml
@@ -34,7 +34,7 @@
<mdui:Description xml:lang="en">Cloud Brokerage Platform for IT, Business and Public Sector</mdui:Description>
<mdui:InformationURL xml:lang="en">http://web.cloudmore.com/</mdui:InformationURL>
<mdui:Logo xml:lang="en" height="300" width="300">https://cloudmore.com/Files/Uploads/Shibboleth/Cloudmore-green-icon.png</mdui:Logo>
- <mdui:PrivacyStatementURL xml:lang="en">https://web.cloudmore.com/hubfs/terms/Cloudmore%20Privacy%20Policy%20v2017-04.pdf</mdui:PrivacyStatementURL>
+ <mdui:PrivacyStatementURL xml:lang="en">http://web.cloudmore.com/privacy/cloudmore-data-processing-terms</mdui:PrivacyStatementURL>
</mdui:UIInfo>
</md:Extensions>
<md:KeyDescriptor>
diff --git a/swamid-2.0/swamid-2.grandid.com-module.php-saml-sp-metadata.php-gu-swamid-draftit.xml b/swamid-2.0/swamid-2.grandid.com-module.php-saml-sp-metadata.php-gu-swamid-draftit.xml
new file mode 100644
index 00000000..5eb81b40
--- /dev/null
+++ b/swamid-2.0/swamid-2.grandid.com-module.php-saml-sp-metadata.php-gu-swamid-draftit.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://swamid-2.grandid.com/module.php/saml/sp/metadata.php/gu-swamid-draftit">
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol" AuthnRequestsSigned="true">
+ <md:Extensions>
+ <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" index="1" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://swamid-2.grandid.com/module.php/saml/sp/discoresp.php"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIGoDCCBIigAwIBAgIEAIlfSzANBgkqhkiG9w0BAQsFADCBrTELMAkGA1UEBhMCU0UxEDAOBgNVBAgMB1VwcHNhbGExEDAOBgNVBAcMB1VwcHNhbGExHjAcBgNVBAoMFVN2ZW5zayBlLWlkZW50aXRldCBBQjELMAkGA1UECwwCSVQxJjAkBgNVBAMMHVN2ZW5zayBlLWlkZW50aXRldCBBQiBDQSBWMS4zMSUwIwYJKoZIhvcNAQkBFhZzdXBwb3J0QGUtaWRlbnRpdGV0LnNlMB4XDTE4MDQxODA4NTIwNFoXDTI4MDQxNTA4NTIwNFowgbYxKTAnBgNVBAMMIDJiNmQ2OTkwNjQ4NGIyNWRlMjU0NDQ4MTUzMzQ1MDdjMSIwIAYJKoZIhvcNAQkBFhNzdXBwb3J0QGdyYW5kaWQuY29tMQswCQYDVQQGEwJTRTEQMA4GA1UECAwHVXBwc2FsYTEQMA4GA1UEBwwHVXBwc2FsYTEnMCUGA1UECgweU3ZlbnNrIGUtaWRlbnRpdGV0IEFCIC0gTm9TaWduMQswCQYDVQQLDAJJVDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKDlJdE0PmySOXNRZ7SEpqw5ysXEtAe2z5aKJ20Yy4aj/4SGxVL7diC/+Ix/FNJ/LizRdCmGXhrz7NyrcUc+MHIWPGs6EHj1jXfqmuSct2CE/VW09J9Ted7hhtS2B70S71UjbPzAliTZaLAwHse61hEkvgdQ0y2VqsTuKMNwcHFUwk4pc9iXorWNX+YwilKnsfE0eo+phJOuEl8S0rMlgSVIRMHIDtiZ7b6bMaN1TkCo3jB+rJvCALmf3EiKNpqnSx+WX3dh5JuhyvyTac1aR1b4jh/bJsHADh5VW+F088vZiQnJPSQ/9uQkWkc7mNxWXTbGPEs9heTcGLbMkJnOuCcCAwEAAaOCAbswggG3MAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgZAMDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBTZXJ2ZXIgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFIYaKIFHDC8k7czWqLITtL4YyWweMIHiBgNVHSMEgdowgdeAFAJd5S5wqLzNqSli6PO2ajrfumBuoYGzpIGwMIGtMQswCQYDVQQGEwJTRTEQMA4GA1UECAwHVXBwc2FsYTEQMA4GA1UEBwwHVXBwc2FsYTEeMBwGA1UECgwVU3ZlbnNrIGUtaWRlbnRpdGV0IEFCMQswCQYDVQQLDAJJVDEmMCQGA1UEAwwdU3ZlbnNrIGUtaWRlbnRpdGV0IEFCIENBIFYxLjMxJTAjBgkqhkiG9w0BCQEWFnN1cHBvcnRAZS1pZGVudGl0ZXQuc2WCCQD0BDWW6SHeCDAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwOQYDVR0fBDIwMDAuoCygKoYoaHR0cHM6Ly9jYS5ncmFuZGlkLmNvbS9jcmwvc3ZlbnNrZWlkLmNybDANBgkqhkiG9w0BAQsFAAOCAgEAuKkBLdnmYVbaMzwFhWDBKS62vfPi5Q3LfRWhRwEuServf81ISwl8j6qmriNkCu/B12mt/c3SQhfsCp/eP1zwEZeoNAAfZ0eUn6ohQ7Xuw+GwXfTGY2tJdFZfsfkG/qwLQL1ZAW6v91dmnu6RgyBgqE8FjPiHRk2W6jnaH/D1LoDN9Xu23ZTmS7U+UngZWEH7WVvc5JALpwrJSUvzGgENG08N20Ec3kLN1bYUlimaacotPl1Ytj+fpRUdcLAyqOp4vyvER83k43oVq3ZubKw9ic1TCtlr/B5OZpKk1wItrOaPVJ3kTZUNZDNeZwagRnLo90yxvnoLM+gXX+6n3R1xKAcbFpXaVnJQtfZ7RfI2Mii7rl3BkL1OgXUpMbugmZENH2jMj+5on2b7O91vgZ5DaOYfPELilra1yz/2I7tytjDgXHdIirNPuOAwZ5+hLvkJWTDLC6Dp9xiDCmFlEtndrbDNoEz+XyieMdcjTw4ppqB3X8EuTffBnQRYMYRfWI+Xstm1k/0hKtlUZ8Ub6TgZ8dmsqJYfDgUhcX4/VL1v3311IL5gaXfXOINAKL9r1RWtfbdLDeBpcU/5iNcBbYU97/qp/Frrk56tCzxupJhcT5qmS5t3lcRUvYzzAQaCVhf5cXGzZPtCRdypovj6rPwkx1WM2ZdXpkWyMBkUTI05juE=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIGoDCCBIigAwIBAgIEAIlfSzANBgkqhkiG9w0BAQsFADCBrTELMAkGA1UEBhMCU0UxEDAOBgNVBAgMB1VwcHNhbGExEDAOBgNVBAcMB1VwcHNhbGExHjAcBgNVBAoMFVN2ZW5zayBlLWlkZW50aXRldCBBQjELMAkGA1UECwwCSVQxJjAkBgNVBAMMHVN2ZW5zayBlLWlkZW50aXRldCBBQiBDQSBWMS4zMSUwIwYJKoZIhvcNAQkBFhZzdXBwb3J0QGUtaWRlbnRpdGV0LnNlMB4XDTE4MDQxODA4NTIwNFoXDTI4MDQxNTA4NTIwNFowgbYxKTAnBgNVBAMMIDJiNmQ2OTkwNjQ4NGIyNWRlMjU0NDQ4MTUzMzQ1MDdjMSIwIAYJKoZIhvcNAQkBFhNzdXBwb3J0QGdyYW5kaWQuY29tMQswCQYDVQQGEwJTRTEQMA4GA1UECAwHVXBwc2FsYTEQMA4GA1UEBwwHVXBwc2FsYTEnMCUGA1UECgweU3ZlbnNrIGUtaWRlbnRpdGV0IEFCIC0gTm9TaWduMQswCQYDVQQLDAJJVDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKDlJdE0PmySOXNRZ7SEpqw5ysXEtAe2z5aKJ20Yy4aj/4SGxVL7diC/+Ix/FNJ/LizRdCmGXhrz7NyrcUc+MHIWPGs6EHj1jXfqmuSct2CE/VW09J9Ted7hhtS2B70S71UjbPzAliTZaLAwHse61hEkvgdQ0y2VqsTuKMNwcHFUwk4pc9iXorWNX+YwilKnsfE0eo+phJOuEl8S0rMlgSVIRMHIDtiZ7b6bMaN1TkCo3jB+rJvCALmf3EiKNpqnSx+WX3dh5JuhyvyTac1aR1b4jh/bJsHADh5VW+F088vZiQnJPSQ/9uQkWkc7mNxWXTbGPEs9heTcGLbMkJnOuCcCAwEAAaOCAbswggG3MAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgZAMDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBTZXJ2ZXIgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFIYaKIFHDC8k7czWqLITtL4YyWweMIHiBgNVHSMEgdowgdeAFAJd5S5wqLzNqSli6PO2ajrfumBuoYGzpIGwMIGtMQswCQYDVQQGEwJTRTEQMA4GA1UECAwHVXBwc2FsYTEQMA4GA1UEBwwHVXBwc2FsYTEeMBwGA1UECgwVU3ZlbnNrIGUtaWRlbnRpdGV0IEFCMQswCQYDVQQLDAJJVDEmMCQGA1UEAwwdU3ZlbnNrIGUtaWRlbnRpdGV0IEFCIENBIFYxLjMxJTAjBgkqhkiG9w0BCQEWFnN1cHBvcnRAZS1pZGVudGl0ZXQuc2WCCQD0BDWW6SHeCDAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwOQYDVR0fBDIwMDAuoCygKoYoaHR0cHM6Ly9jYS5ncmFuZGlkLmNvbS9jcmwvc3ZlbnNrZWlkLmNybDANBgkqhkiG9w0BAQsFAAOCAgEAuKkBLdnmYVbaMzwFhWDBKS62vfPi5Q3LfRWhRwEuServf81ISwl8j6qmriNkCu/B12mt/c3SQhfsCp/eP1zwEZeoNAAfZ0eUn6ohQ7Xuw+GwXfTGY2tJdFZfsfkG/qwLQL1ZAW6v91dmnu6RgyBgqE8FjPiHRk2W6jnaH/D1LoDN9Xu23ZTmS7U+UngZWEH7WVvc5JALpwrJSUvzGgENG08N20Ec3kLN1bYUlimaacotPl1Ytj+fpRUdcLAyqOp4vyvER83k43oVq3ZubKw9ic1TCtlr/B5OZpKk1wItrOaPVJ3kTZUNZDNeZwagRnLo90yxvnoLM+gXX+6n3R1xKAcbFpXaVnJQtfZ7RfI2Mii7rl3BkL1OgXUpMbugmZENH2jMj+5on2b7O91vgZ5DaOYfPELilra1yz/2I7tytjDgXHdIirNPuOAwZ5+hLvkJWTDLC6Dp9xiDCmFlEtndrbDNoEz+XyieMdcjTw4ppqB3X8EuTffBnQRYMYRfWI+Xstm1k/0hKtlUZ8Ub6TgZ8dmsqJYfDgUhcX4/VL1v3311IL5gaXfXOINAKL9r1RWtfbdLDeBpcU/5iNcBbYU97/qp/Frrk56tCzxupJhcT5qmS5t3lcRUvYzzAQaCVhf5cXGzZPtCRdypovj6rPwkx1WM2ZdXpkWyMBkUTI05juE=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://swamid-2.grandid.com/module.php/saml/sp/saml2-logout.php/gu-swamid-draftit"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://swamid-2.grandid.com/module.php/saml/sp/saml2-acs.php/gu-swamid-draftit" index="0"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://swamid-2.grandid.com/module.php/saml/sp/saml1-acs.php/gu-swamid-draftit" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://swamid-2.grandid.com/module.php/saml/sp/saml2-acs.php/gu-swamid-draftit" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://swamid-2.grandid.com/module.php/saml/sp/saml1-acs.php/gu-swamid-draftit/artifact" index="3"/>
+ <md:AttributeConsumingService index="0">
+ <md:ServiceName xml:lang="sv">Draftit</md:ServiceName>
+ <md:ServiceName xml:lang="en">Draftit</md:ServiceName>
+ <md:RequestedAttribute Name="givenName" isRequired="true"/>
+ <md:RequestedAttribute Name="sn" isRequired="true"/>
+ <md:RequestedAttribute Name="mail" isRequired="true"/>
+ </md:AttributeConsumingService>
+ </md:SPSSODescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="sv">Svensk E-identitet SP</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="en">Svensk E-identitet AB</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">http://www.e-identitet.se/</md:OrganizationURL>
+ </md:Organization>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>Svensk E-identitet / GrandID Support</md:GivenName>
+ <md:EmailAddress>support@grandid.com</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/te-id.statenssc.se-adfs-services-trust.xml b/swamid-2.0/te-id.statenssc.se-adfs-services-trust.xml
index d4b9cb89..1c34de10 100644
--- a/swamid-2.0/te-id.statenssc.se-adfs-services-trust.xml
+++ b/swamid-2.0/te-id.statenssc.se-adfs-services-trust.xml
@@ -31,620 +31,6 @@
</KeyInfo>
</ds:Signature>
-->
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="Annan myndighet">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC5jCCAc6gAwIBAgIQZmLOGQ7D65NBAKMx53MHTzANBgkqhkiG9w0BAQsFADAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZS1pZC5zdGF0ZW5zc2Muc2UwHhcNMTUwMTEyMTEyOTE0WhcNMjAwMTEyMTEyOTE0WjAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZS1pZC5zdGF0ZW5zc2Muc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/CAXk68VfTOgI12msQPBLuSgUsfMwZYXqBWmBIty2m9HOjbYOMdydFUDihuVEJkNq6OkWrhBs5phBdnEQ2v0aDjXdzp6tVq+h5Kc6508CVUeDDoxE1G4pbylFAZrHMUfVikDKiPlXWkKN2Po7vX6hyKVjUGLLvS42U1DsT98onQNiNsK/XBxddwjFYROCc6dTjx1Y43RTFhR9ycK46Z1PZSHAEIETl4xIqNhLPeGmgdPBtqV4wyk3kidTq2kUbBBjay2i6at/Kq++IM+ZaJpONGGeI02od1BpvNIC8MxnUj7MOWtzucE7R2uWvfjMFbl+NwWly4PaMRpzeCaIbCRfAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAG2y79ay8DN3Lt+Yp+gOtV/FunIZP1Rd1dMBooyoe8Zs/kkddGq6ABIQUwHoddu1Zcjnpa65NWMCO148HjQxcsggX6RXTSevWIUlpWcI95uJkGJpwiMQCcvctMuV3sxIZXezIj5SZcaSNJP+lxhrR2kB4FDf2P0i64YLZvBLmyWG+cuIw5qG8vC44VmPJ8W/dKb50SPHRgLEk2r5EAm3uYCcMvyyT0D4T+xPq+m54mII1Q0P+3irhxqXh4E7a9dI7PrYWqDth9KQtsoRiZveTFqlV4N9DCL9yGbJAyTc7jqDrjSIr2/Koek3PQBI5XO27aLOyhMjYoyYtCv/U96Hbe0=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:ClaimTypesRequested>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2013/11/alternateloginid" Optional="true">
- <auth:DisplayName>Alternate Login ID</auth:DisplayName>
- <auth:Description>Alternate login ID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:0.9.2342.19200300.100.1.3" Optional="true">
- <auth:DisplayName>E-post OID</auth:DisplayName>
- <auth:Description>Unik e-postadress med myndighetens officiella domän som suffix.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.2.752.29.4.13" Optional="true">
- <auth:DisplayName>Personnummer OID</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.2.752.29.4.3" Optional="true">
- <auth:DisplayName>Organisationsnummer OID</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.42" Optional="true">
- <auth:DisplayName>Förnamn OID</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.4" Optional="true">
- <auth:DisplayName>Efternamn OID</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.2.840.113556.1.2.102" Optional="true">
- <auth:DisplayName>sscName</auth:DisplayName>
- <auth:Description>Special namn från KB</auth:Description>
- </auth:ClaimType>
- </fed:ClaimTypesRequested>
- <fed:TargetScopes>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://te-id.statenssc.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://te-id.statenssc.se/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://te-id.statenssc.se/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://te-id.statenssc.se/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://te-id.statenssc.se/adfs/ls/</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>http://te-id.statenssc.se/adfs/services/trust</Address>
- </EndpointReference>
- </fed:TargetScopes>
- <fed:ApplicationServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://te-id.statenssc.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- </fed:ApplicationServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://te-id.statenssc.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:SecurityTokenServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="Annan myndighet">
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC4DCCAcigAwIBAgIQPI5QFpf7V4VNKPr18lyOpjANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZS1pZC5zdGF0ZW5zc2Muc2UwHhcNMTUwMTEyMTEyOTE5WhcNMjAwMTEyMTEyOTE5WjAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZS1pZC5zdGF0ZW5zc2Muc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFcAvIAF5haM4s9A7ovFPZnOK0OOV3z62JUfIh7K3mwlL3ff0+PoTBc2zB62uoEq9vpDtIqa/8tP4f8qD2KlflZB6dTwh/N/aKP+w3B+TdpOklH/+/LKsURnO84wqu6XvpznRpO2ZbSE9G0YKOgcCntmKGGVwfINu5PMMBAKFq2VpuUIkdbyn5S7LVpDjggI/4zNtfF+qDij7mAhE5maexf7rLmQvLj9sDAI+tlTAchoNOMSpsBffhIM7jly/97SQWcGePH2+cg68SjxFixGbDteTHwTtAKJr0Gn0HJdK23gUhua95HgZjVodb+oIfQToUOSnxf6Ft+WjxxI+fjQSRAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAKSdqKTbL0DJheNn0dti+oy7z1Y1nPCZx9y3FGTkIesHmh/+cLZmw8rmXdYXi1JsUh3ybwHUSpRY1dYn6Pg34RAPXKzNwOGjFZ6RZ6OTdoloh+hq30efkO0CDYk5xOfBL9Jq686pp+AOGQyYOUZhWz1eocjptzr9Vzspi5BiNNt0y3D42dZz4ebOq89vQRo7+T0Y+t+3Iued8iMolwntCCBuE5TMhYjYjPDGFpF8vQRRJESXa2w5WX/vqq5gZ5G1uHRC5tNngyNtbKzBsu4yq+F7cp+HcxAu9jeYzHHegLn+VO+NRSzc59wZjX3m+g6BeXiv55GXWl31DFf9aEaT6rY=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:TokenTypesOffered>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:2.0:assertion"/>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion"/>
- </fed:TokenTypesOffered>
- <fed:ClaimTypesOffered>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2013/11/alternateloginid" Optional="true">
- <auth:DisplayName>Alternate Login ID</auth:DisplayName>
- <auth:Description>Alternate login ID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:0.9.2342.19200300.100.1.3" Optional="true">
- <auth:DisplayName>E-post OID</auth:DisplayName>
- <auth:Description>Unik e-postadress med myndighetens officiella domän som suffix.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.2.752.29.4.13" Optional="true">
- <auth:DisplayName>Personnummer OID</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.2.752.29.4.3" Optional="true">
- <auth:DisplayName>Organisationsnummer OID</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.42" Optional="true">
- <auth:DisplayName>Förnamn OID</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.4" Optional="true">
- <auth:DisplayName>Efternamn OID</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://statenssc.se/claims/personnummer" Optional="true">
- <auth:DisplayName>Personnummer</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://statenssc.se/claims/organisationsnummer" Optional="true">
- <auth:DisplayName>Organisationsnummer</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" Optional="true">
- <auth:DisplayName>eduPersonPrincipalName</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://statenssc.se/claims/myndighet" Optional="true">
- <auth:DisplayName>Myndighet</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://statenssc.se/claims/hermes" Optional="true">
- <auth:DisplayName>Hermes kod</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.5.1.1" Optional="true">
- <auth:DisplayName>member</auth:DisplayName>
- <auth:Description>member attribut till ReachMe (innehåller hermeskod)</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.3" Optional="true">
- <auth:DisplayName>cn</auth:DisplayName>
- <auth:Description>userID utanhermeskod till ReachMe</auth:Description>
- </auth:ClaimType>
- </fed:ClaimTypesOffered>
- <fed:SecurityTokenServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://te-id.statenssc.se/adfs/services/trust/2005/certificatemixed</Address>
- <Metadata>
- <Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataSection xmlns="" Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataReference>
- <Address xmlns="http://www.w3.org/2005/08/addressing">https://te-id.statenssc.se/adfs/services/trust/mex</Address>
- </wsx:MetadataReference>
- </wsx:MetadataSection>
- </Metadata>
- </Metadata>
- </EndpointReference>
- </fed:SecurityTokenServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://te-id.statenssc.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
<SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<Extensions>
<mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
diff --git a/swamid-2.0/test-lubcat.lub.lu.se-shibboleth.xml b/swamid-2.0/test-lubcat.lub.lu.se-shibboleth.xml
deleted file mode 100644
index e66159db..00000000
--- a/swamid-2.0/test-lubcat.lub.lu.se-shibboleth.xml
+++ /dev/null
@@ -1,106 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://test-lubcat.lub.lu.se/shibboleth">
- <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
- <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
- <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
- <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
- <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
- <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
- <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc: SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
- <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
- <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
- </samla:Attribute>
- </mdattr:EntityAttributes>
- </md:Extensions>
- <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
- <md:Extensions>
- <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="http://test-lubcat.lub.lu.se/Shibboleth.sso/Login"/>
- <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
- <mdui:DisplayName xml:lang="sv">Test-Lubcat</mdui:DisplayName>
- <mdui:DisplayName xml:lang="en">Test-Lubcat</mdui:DisplayName>
- <mdui:Description xml:lang="sv">Testsystem för Lubcat, kommande bibliotekskatalogen för Lunds
-unversitets bibliotek. ansvarig org.: Universitetsbiblioteket, LU</mdui:Description>
- <mdui:Description xml:lang="en">Testsystem för Lubcat, kommande bibliotekskatalogen för Lunds
-unversitets bibliotek. ansvarig org.: Universitetsbiblioteket, LU</mdui:Description>
- </mdui:UIInfo>
- </md:Extensions>
- <md:KeyDescriptor>
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:KeyName>koha-test.lub.lu.se</ds:KeyName>
- <ds:X509Data>
- <ds:X509SubjectName>CN=koha-test.lub.lu.se</ds:X509SubjectName>
- <ds:X509Certificate>
- MIIEADCCAmigAwIBAgIJAKKU2yFGZvBIMA0GCSqGSIb3DQEBCwUAMB4xHDAaBgNV
- BAMTE2tvaGEtdGVzdC5sdWIubHUuc2UwHhcNMTcxMjE0MTIwNDA1WhcNMjcxMjEy
- MTIwNDA1WjAeMRwwGgYDVQQDExNrb2hhLXRlc3QubHViLmx1LnNlMIIBojANBgkq
- hkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA2LR5sOYc+0nvVvMAt5NeKLN+r3yKaKP+
- 27SAtLsUk8X03Etlp4IGnbpoTHqCtVqmeiTyA5pNGawlj7XHvnNqlKl0x8kwrdAP
- UZwUSqKn8/H/3AeziZGwk++pprqDaeVHsOlvkC5ZjpTvg7PKJJ0CnBN0GfyimWoi
- IrFdW240sPo247kr0IvLG4qqGOFZOShYMgs4WycaP6mR+6qASXbwlHVpsOkj3riZ
- M5JhRFEvasKsUVIwkmxGQWqftAWN8llR10ZGneF2ZvVHw0hIX4Z2PGmMCIJjWXWF
- eS5PNcSbk91AwHM8po8Bt+pBSknJCWUyK6S5UFR4JHw3kgQcNUJ+Ob1oanb7UH/m
- J275Ro4c13Cs2dCc6DzCgvktik+p+cf26YjTqv9K3JZTC85/fMw8haqpwNjcvB0N
- 21MUq7dwWeStYCcnKqqmDB+Fq6BWYtg1eUT85+i3LmfXy6cSZXu+qBCvB+2Cz9mJ
- I1+07zl6mTMRyJrEER17DSpdq5BfdD7RAgMBAAGjQTA/MB4GA1UdEQQXMBWCE2tv
- aGEtdGVzdC5sdWIubHUuc2UwHQYDVR0OBBYEFK1B6aqJvPoSxw3sFqeDueycq7eH
- MA0GCSqGSIb3DQEBCwUAA4IBgQCnU5h+Lyd0DUVdn5bnzZ/UUVJ+qywSuXwFMuzC
- WKtoa9nxghljbzbmMiS/81ONsN7nctuKkPgiPOwRXzFNNYJYFhsaZ4C59V2KHlbB
- 2b2ZamvSNBk/YMqVew2Ibv4SvxNF0tpnWopjL7bh3YEpz9PWPBpMJR++XCzvhBst
- CzC1E6cqX7TaaNHruMcK2PV+Ptm7g4Z63/QA5D1/o/kXdYb+3vTFCK941tz2GKld
- 6XhE3R4Wt6OQeVHCimtppyg7xuld+RUSMJefnM0aIElVRR6HFzVdup2idc4Us3YW
- BaKYrzodOB8u8NAj3GfpjB+PMhjLO+C2kTJq8RO+/oW4XYgah/oBSqGPBcqUWjNM
- lcCGRdWc6zlkIIGKxzJSa4Z+GMqexr4YsPrKuAnIqkn+HrizS+X7y0IlaJRKu3WC
- mtKAsUj3Rq9fz4pu2PKm5ke/bVjX9NfQfYsISRifK4LD9bBAKZrs6ilTWAe5Nt12
- FxLd82ubDMPR0666ZqdkUF0vhlE=
- </ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
- </md:KeyDescriptor>
- <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://test-lubcat.lub.lu.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://test-lubcat.lub.lu.se/Shibboleth.sso/SLO/SOAP"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://test-lubcat.lub.lu.se/Shibboleth.sso/SLO/Redirect"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://test-lubcat.lub.lu.se/Shibboleth.sso/SLO/POST"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://test-lubcat.lub.lu.se/Shibboleth.sso/SLO/Artifact"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://test-lubcat.lub.lu.se/Shibboleth.sso/SAML2/POST" index="1"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://test-lubcat.lub.lu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="http://test-lubcat.lub.lu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://test-lubcat.lub.lu.se/Shibboleth.sso/SAML/POST" index="5"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://test-lubcat.lub.lu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
- </md:SPSSODescriptor>
- <md:ContactPerson contactType="administrative">
- <md:GivenName>Stina</md:GivenName>
- <md:SurName>Hallin</md:SurName>
- <md:EmailAddress>mailto:stina.hallin@ub.lu.se</md:EmailAddress>
- </md:ContactPerson>
- <md:ContactPerson contactType="technical">
- <md:GivenName>Björn</md:GivenName>
- <md:SurName>Nylén</md:SurName>
- <md:EmailAddress>mailto:bjorn.nylen@ub.lu.se</md:EmailAddress>
- </md:ContactPerson>
- <md:ContactPerson contactType="support">
- <md:GivenName>Björn</md:GivenName>
- <md:SurName>Nylén</md:SurName>
- <md:EmailAddress>mailto:bjorn.nylen@ub.lu.se</md:EmailAddress>
- </md:ContactPerson>
-</md:EntityDescriptor>
diff --git a/swamid-2.0/test.account.hj.se-adfs-services-trust.xml b/swamid-2.0/test.account.hj.se-adfs-services-trust.xml
index 31339bd2..2877954e 100644
--- a/swamid-2.0/test.account.hj.se-adfs-services-trust.xml
+++ b/swamid-2.0/test.account.hj.se-adfs-services-trust.xml
@@ -12,643 +12,6 @@
</samla:Attribute>
</mdattr:EntityAttributes>
</Extensions>
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="TEST - Jönköping University">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC5jCCAc6gAwIBAgIQJ6LjjqEWcpJFTvVMSkHi1DANBgkqhkiG9w0BAQsFADAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZXN0LmFjY291bnQuaGouc2UwHhcNMTYxMjA5MTQzMDMwWhcNMTkxMjA5MTQzMDMwWjAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZXN0LmFjY291bnQuaGouc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKeIg/zjQRwo2xTfCu1a+D51QeiD4FTJqsm0Avzhf/voxxhjbNWDa21QjezqpwgXEP7kVfXkEngzaW5wlraZdgZp44dkI0VnXAQ6U2XO0Rm3RX2ZOmYU5s23JwPeuYW5hHlSRpnLvSjiPahSZzeRR4Z2HuVwPOFaxQHxio2LM8YrjeJfUrznjipA4s8PaYoPs7wGe79FNRzVarAyIlmEJRFmNgYmaAJNVQUkQ+iappvq7vlkeXhGbxFOhhpvX7BMaNSDl+c4hATObtYENTPelA5Aiu5yZ3oAgt6fudkND9HNQQn7RMGMHVeRx6X13wzAetbhOMZQlx/I1jkcixiUiLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBADT+YOGXpr3WXIyZfZeQVZTaCFQcm05oxu4Uucc5rYfJTRxQSarYTc1KW94wemAbEFCOAJuwL8zxOcHnoghikBVZZ8uW1qG2Jw+Jo0uf6fbH1PljKMH2Xy2uZOUbyv262aLfZ0rTEr3rPL1SFCAUimcjhqE4Y2QcGol+gGYOk41wgKcW9zS0D7RnQLDBi6wInKjhHWiwVEnGgqwo3ieb0IWV070Aa2EhSWkprXgB6HmxK9uN/tAZcS8KqR3TQHEN8OuinSeGU9+37G9OC3GiAnYXk49S4FqlnY2HJt8CuN64eMYlvRRRtwQozVy/N2vGARRKP4uP5cKZJ2ELheMv38w=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:ClaimTypesRequested>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
- <auth:DisplayName>Client IP</auth:DisplayName>
- <auth:Description>IP address of the client</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
- <auth:DisplayName>Endpoint Path</auth:DisplayName>
- <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.2.752.29.4.13" Optional="true">
- <auth:DisplayName>JU National civic registration number or code</auth:DisplayName>
- <auth:Description>Swedish ”personnummer” or ”samordningsnummer” according to SKV 704 and SKV 707. 12 digits without hyphen.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.2428.90.1.5" Optional="true">
- <auth:DisplayName>JU norEduPersonNIN</auth:DisplayName>
- <auth:Description>SWAMID personnummer 12 tecken</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.42" Optional="true">
- <auth:DisplayName>JU givenName</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.4" Optional="true">
- <auth:DisplayName>JU surName</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oasis:names:tc:SAML:attribute:assurance-certification" Optional="true">
- <auth:DisplayName>JU Assurance-Certification</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.16" Optional="true">
- <auth:DisplayName>JU orcid</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" Optional="true">
- <auth:DisplayName>JU eduPersonAssurance</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.16.840.1.113730.3.1.241" Optional="true">
- <auth:DisplayName>JU displayName</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" Optional="true">
- <auth:DisplayName>JU eduPersonTargetedID</auth:DisplayName>
- </auth:ClaimType>
- </fed:ClaimTypesRequested>
- <fed:TargetScopes>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://test.account.hj.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://test.account.hj.se/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://test.account.hj.se/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://test.account.hj.se/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://test.account.hj.se/adfs/ls/</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>http://test.account.hj.se/adfs/services/trust</Address>
- </EndpointReference>
- </fed:TargetScopes>
- <fed:ApplicationServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://test.account.hj.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- </fed:ApplicationServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://test.account.hj.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:SecurityTokenServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="TEST - Jönköping University">
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC4DCCAcigAwIBAgIQd01qp+Huh4lO3CS1QqGG4TANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZXN0LmFjY291bnQuaGouc2UwHhcNMTYxMjA5MTQzMDE3WhcNMTkxMjA5MTQzMDE3WjAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZXN0LmFjY291bnQuaGouc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1slHrM4Dwv7INShxBAIyO2SPMZ4j7Cj1349drtFYr0b5xW4OYXrbZlsjvFPoH/JiDkxFP6YuHCGFod+NKQ59Jcm5pSAq3W3gAeNpVnCLj4cvHWTn+IuRPGfNRlz4GLDT5NV+L16gYvZOvfTmaVv8WaB6morLyG7iACg2RaZ4I5WsoLdzHTtR667kXXnzols27ebMEqBVJ1UHEUXzN+KLyFN0m1kxXWnWsFlJRM+79+L2j6DPCTpV3akDlSRAL6hAi2Z2SkVXe3J5yTkD06f/TK7wzbyIPWyWcrTYYTjaCLdS/1pu2bgsjYnsfaYhatHaYW8HxmueXEcpVPrGAb/yjAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGmJUmIkyZlvSxVPiyo/3n+UqTX4WQM9VwQ7b3gk1xKqte4kqg4P8GkhMDlovIMd3Kmb1k9G6Qt0SpAgVoW9pjDx0dalT5S7mYAMqnhPLGWxxyfh/glUAj7s1enD7etuLhK+to6FVzCcljdtnh5pvzXxyKJ1Xt77S0aQONobOKkMc5WLGxiFEpeunYFAiP1EyD2mJBObwJmBjEC83Jhd34e0AbW39glUoOrRdNXYML8FbvhJlwoQnbnDDEGGLaKn6VgbJV7WZ7aerYoFrRvHS7izkmArvnPytk3V0ZiW8Z+jXEW7tss0hfezXFz7CtzS8NtK4UijcZMPFhXl5CLEghc=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:TokenTypesOffered>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:2.0:assertion"/>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion"/>
- </fed:TokenTypesOffered>
- <fed:ClaimTypesOffered>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
- <auth:DisplayName>Client IP</auth:DisplayName>
- <auth:Description>IP address of the client</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
- <auth:DisplayName>Endpoint Path</auth:DisplayName>
- <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.2.752.29.4.13" Optional="true">
- <auth:DisplayName>JU National civic registration number or code</auth:DisplayName>
- <auth:Description>Swedish ”personnummer” or ”samordningsnummer” according to SKV 704 and SKV 707. 12 digits without hyphen.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.2428.90.1.5" Optional="true">
- <auth:DisplayName>JU norEduPersonNIN</auth:DisplayName>
- <auth:Description>SWAMID personnummer 12 tecken</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.42" Optional="true">
- <auth:DisplayName>JU givenName</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.4" Optional="true">
- <auth:DisplayName>JU surName</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oasis:names:tc:SAML:attribute:assurance-certification" Optional="true">
- <auth:DisplayName>JU Assurance-Certification</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.16" Optional="true">
- <auth:DisplayName>JU orcid</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" Optional="true">
- <auth:DisplayName>JU eduPersonAssurance</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.16.840.1.113730.3.1.241" Optional="true">
- <auth:DisplayName>JU displayName</auth:DisplayName>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" Optional="true">
- <auth:DisplayName>JU eduPersonTargetedID</auth:DisplayName>
- </auth:ClaimType>
- </fed:ClaimTypesOffered>
- <fed:SecurityTokenServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://test.account.hj.se/adfs/services/trust/2005/certificatemixed</Address>
- <Metadata>
- <Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataSection xmlns="" Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataReference>
- <Address xmlns="http://www.w3.org/2005/08/addressing">https://test.account.hj.se/adfs/services/trust/mex</Address>
- </wsx:MetadataReference>
- </wsx:MetadataSection>
- </Metadata>
- </Metadata>
- </EndpointReference>
- </fed:SecurityTokenServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://test.account.hj.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
<SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<Extensions>
<shibmd:Scope regexp="false">hj.se</shibmd:Scope>
diff --git a/swamid-2.0/test.scalable-learning.com.xml b/swamid-2.0/test.scalable-learning.com.xml
index b6e0195d..25d40679 100644
--- a/swamid-2.0/test.scalable-learning.com.xml
+++ b/swamid-2.0/test.scalable-learning.com.xml
@@ -27,25 +27,26 @@
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
- MIIDjjCCAnYCCQD6bDhuARPmYjANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMC
- U0UxEjAQBgNVBAgMCVNUT0NLSE9MTTESMBAGA1UEBwwJU1RPQ0tIT0xNMRowGAYD
- VQQKDBFTQ0FMQUJMRSBMRUFSTklORzEQMA4GA1UECwwHc2NhbGVhcjEjMCEGA1UE
- AwwadGVzdC5zY2FsYWJsZS1sZWFybmluZy5jb20wHhcNMTcwOTI3MDgzMTQyWhcN
- MTgwOTI3MDgzMTQyWjCBiDELMAkGA1UEBhMCU0UxEjAQBgNVBAgMCVNUT0NLSE9M
- TTESMBAGA1UEBwwJU1RPQ0tIT0xNMRowGAYDVQQKDBFTQ0FMQUJMRSBMRUFSTklO
- RzEQMA4GA1UECwwHc2NhbGVhcjEjMCEGA1UEAwwadGVzdC5zY2FsYWJsZS1sZWFy
- bmluZy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPYtv2obOV
- NRyVFwnXcl0pdqz8LHo/vkJGPHc8UHla8w+ceQQ7NZlmSeVOvXskStYwqh4HzAyk
- FmTb7hkCTP9yRnLrLTZUd6z2q0I0Skdo8A8r02mFfDPFin049/pqau9dlwbvLQyL
- IDcp2iqGeudpkikl7Gn7/zBkERCtwmiROAIs9B9m5VoAddLp/oVGnmErSPj0iVBu
- FB9kTiPoix5UFbTVGYhRFZiy6vFYfanBf9TucRpP8MicE3pLsYQ3IcIT9gcAtpyb
- Y/GhHejXuxzEJ9QOkO1vRsL93ddxlAtWzewtBE8kKZYMbIkq5TyceQ1aTTVgKHqZ
- /pu/6E8ChiIJAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAArZpa7OBUjTOSp0aXWb
- q9AMWAahZ8MH6IrjVd+nY9/WFERMDSy8fSW8S8Zch6H8TZwAdqqTKjcfzuaGYNae
- 4uwkG0fHi6nlEEljfowmBNg1nY3rceIr8p2RbR/lZMklRwC/hHYvcBHNgnNqaviY
- BnO5qnr3Ov0IVCatIGz4tMSRCdfjSP5s+gSRf9Kuj6LyR+4wR/hQTsLAIr/brVYs
- 5DMCb/JBHOz262215XBMB/sWKKr4XiyZC1Idn/EYeA7AmIj4lyV1qePVDLod2ZSJ
- bx/F0bA8M0pIwZ3aRpz46PGKsrOMlcZrzR9F2Bz6KMWpaD/NPK4NxXroOtDpM0ej EV0=
+MIIDjjCCAnYCCQDfKJofoJ7XrzANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMC
+U0UxEjAQBgNVBAgMCVNUT0NLSE9MTTESMBAGA1UEBwwJU1RPQ0tIT0xNMRowGAYD
+VQQKDBFTQ0FMQUJMRSBMRUFSTklORzEQMA4GA1UECwwHc2NhbGVhcjEjMCEGA1UE
+AwwadGVzdC5zY2FsYWJsZS1sZWFybmluZy5jb20wHhcNMTgwNjIwMDk1NTU0WhcN
+MjgwNjE3MDk1NTU0WjCBiDELMAkGA1UEBhMCU0UxEjAQBgNVBAgMCVNUT0NLSE9M
+TTESMBAGA1UEBwwJU1RPQ0tIT0xNMRowGAYDVQQKDBFTQ0FMQUJMRSBMRUFSTklO
+RzEQMA4GA1UECwwHc2NhbGVhcjEjMCEGA1UEAwwadGVzdC5zY2FsYWJsZS1sZWFy
+bmluZy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPYtv2obOV
+NRyVFwnXcl0pdqz8LHo/vkJGPHc8UHla8w+ceQQ7NZlmSeVOvXskStYwqh4HzAyk
+FmTb7hkCTP9yRnLrLTZUd6z2q0I0Skdo8A8r02mFfDPFin049/pqau9dlwbvLQyL
+IDcp2iqGeudpkikl7Gn7/zBkERCtwmiROAIs9B9m5VoAddLp/oVGnmErSPj0iVBu
+FB9kTiPoix5UFbTVGYhRFZiy6vFYfanBf9TucRpP8MicE3pLsYQ3IcIT9gcAtpyb
+Y/GhHejXuxzEJ9QOkO1vRsL93ddxlAtWzewtBE8kKZYMbIkq5TyceQ1aTTVgKHqZ
+/pu/6E8ChiIJAgMBAAEwDQYJKoZIhvcNAQELBQADggEBADsgavTeaBYlECOLO/k+
+QtRy+R92n4pICy6QGWV0aOhPX6yL2FGdQmwieM5SgO85EFbpuAhAhwOUpMwO5Uvj
+/aYx8wlRj2ucYZh+H7T3bcx/9wSasFGKJkI12gxcbULCC+nHZNGvzwPkXLTanFwI
+L2kfOgLGzY9b9GOAncizHV4r83H0GHo8pbgKLYBY9ssD9IyetT+FhoH6DFQwDL/1
+j1SV5ez/228XSJoGmLVTT5E/x48Q2ZNPTqvuUb1w7CgDE39KfHXi2t5x8AcwzOYZ
+YN8K5nluRz9hxbHa0Gq8gmredDMer3VIw7UdQxUIeYyTblls9UEfwt4gs2yM3Rac
+b4Y=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
diff --git a/swamid-2.0/testidpv3.lu.se-idp-shibboleth.xml b/swamid-2.0/testidpv3.lu.se-idp-shibboleth.xml
new file mode 100644
index 00000000..b3b3c092
--- /dev/null
+++ b/swamid-2.0/testidpv3.lu.se-idp-shibboleth.xml
@@ -0,0 +1,130 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://testidpv3.lu.se/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmd:Scope regexp="false">lu.se</shibmd:Scope>
+ <mdui:UIInfo>
+ <mdui:DisplayName xml:lang="sv">Lunds universitet (Test UWDEV)</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Lund University (Test UWDEV)</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Testidentitetstjänst för anställda och studenter vid Lunds universitet</mdui:Description>
+ <mdui:Description xml:lang="en">Test identity Provider for employees and students at Lund University</mdui:Description>
+ <mdui:InformationURL xml:lang="sv">https://www.lu.se/</mdui:InformationURL>
+ <mdui:InformationURL xml:lang="en">https://www.lunduniversity.lu.se/</mdui:InformationURL>
+ <mdui:Logo xml:lang="sv" height="78" width="450">https://testidpv3.lu.se/idp/images/LU_swe_logo_450px.jpg</mdui:Logo>
+ <mdui:Logo xml:lang="en" height="78" width="382">https://testidpv3.lu.se/idp/images/LU_eng_logo_382px.jpg</mdui:Logo>
+ <mdui:Keywords xml:lang="sv">lu lth</mdui:Keywords>
+ <mdui:Keywords xml:lang="en">lu lth</mdui:Keywords>
+ </mdui:UIInfo>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDKDCCAhCgAwIBAgIVALhP8V/8MjD12w9SlT7wI5GFVmfrMA0GCSqGSIb3DQEB
+CwUAMBoxGDAWBgNVBAMMD3Rlc3RpZHB2My5sdS5zZTAeFw0xODAyMjMxMDM5MDNa
+Fw0zODAyMjMxMDM5MDNaMBoxGDAWBgNVBAMMD3Rlc3RpZHB2My5sdS5zZTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALT4Cd0FoZfaVmbHyewMNzwDZnNt
+6C1bO9yjfnWMD8Z3Idf1OkxD7VcaNkE4HHC2ReBOhJ3PvcuuPr53oSL5JEHIzye1
+9EnLSRw/P63qdDprjdUZwXgB4zHx7lSpU3xPcojaKfoew3ugV6Ox1nkof/ASDGZJ
+lXmbb2h0OlJhMHMhQXUkHdvw23Kh4ZYF37iDZIqDXiDVUC6Wt1rHKU9fYvC5odOc
+yi6tZhNq9zsgpj6QhptZKrH85yXVtQxEz0P+25ulH2WsRWjlNsdyQEVJbmG8CYdH
+/KrvXQBPQyA0mPp/UQDA3gIZ+QASNaplRnZM/h7kHG4N7RFFMEaupSqil9ECAwEA
+AaNlMGMwHQYDVR0OBBYEFONBuOA+8iyG5rCorx66+QSKpKPtMEIGA1UdEQQ7MDmC
+D3Rlc3RpZHB2My5sdS5zZYYmaHR0cHM6Ly90ZXN0aWRwdjMubHUuc2UvaWRwL3No
+aWJib2xldGgwDQYJKoZIhvcNAQELBQADggEBABmNEsp90BvPGkAMr0SeCUDTyeSi
+ePwXfY9BHVUfEOSWn2O8Q295EYtZfNDpVoPshJZmg5VTXuieUUVEHHqg/qUDLyvh
+hhDGlkZsGGP3RGTdgIYqhCMVNdDozPQND9tkgdZY5hMNdrpkRxPwpdbgsNlOxCk9
+kVdHOyiO/TKUujQUqwYGlh3Zjt/cQNLWCO5GGxEfS2H4BI29OnEJFzBfwAmWhn5y
+JEamAfj872ShWAGbUza9vtUlyXoKjGeSZRSbKOiWD8Ev6+AeuJIGn6vsASVi+/Tl
+szkY0fk7XyrqJWbMdgd/wnIxDzHJM7cGR661Lyq0bQvvIRqagY5Tf12+uQI=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDKDCCAhCgAwIBAgIVAJu7yWxOQLK9cJdG0Q30vZJZOEa8MA0GCSqGSIb3DQEB
+CwUAMBoxGDAWBgNVBAMMD3Rlc3RpZHB2My5sdS5zZTAeFw0xODAyMjMxMDM5MDJa
+Fw0zODAyMjMxMDM5MDJaMBoxGDAWBgNVBAMMD3Rlc3RpZHB2My5sdS5zZTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJsA06Wmxm9LBEi+w1g+ywRiO6du
+EfKnhb5xKsrfhx4LbT67AAPm+6Ou6GOlJM6reUVvoRpIc5JJTTSHP2oCavqKowhh
+4xeZQPr/qVfqUnwnALGSPdMlLMNy7hHiVXP/jp5l0UbM4Sea3rnO5iYmDoXqmNb9
+9GyAhFk4RaNhaHrirCU6cMUogqNJf5uYVUl6nOOuEfwSeygqbxyJAkXnHOVZOLu6
+8ZCSssGIqj4FO0fOU03pBmpYeACJ18nCn23jnDYI1Lw+URVGr22E/tU2tpw4fdzZ
+LwME0txREn717s9yaUGs7AgrV03l5TJagNV8UJHVTopuhsjTSNEzlgiB6f0CAwEA
+AaNlMGMwHQYDVR0OBBYEFMZmL3DBW3pRh938oZp1TQmJyRxxMEIGA1UdEQQ7MDmC
+D3Rlc3RpZHB2My5sdS5zZYYmaHR0cHM6Ly90ZXN0aWRwdjMubHUuc2UvaWRwL3No
+aWJib2xldGgwDQYJKoZIhvcNAQELBQADggEBAJSIZBkiDTEiBmyRSa3FjEHhLfdk
+UVoBzoKWVih2MZgzZnkRiFdpMxp3ZHgX/WMUIMbVS6DpOMU4ObYaEaI2yO15ifdJ
+yHzRYCHTxRiefseTGXuEslF5ybeC1HySvIl/YBQq6YOTxQ9AyCTke8vuMWfErDDL
+q7LHEMMnMKFesjzZg/RtnvDhf9XvTg1+I4V74/W17cAsNHkfajR+0LpdpqihyLzj
+rz80zeQFncgcnc7tshZDf98W7uGn5fZ29IEq+rYpTh+1APWpr2fqn7w394zo2p1I
+NbvKYWjuGpx/VkVNsG6rkKfY//8BHcOHkJgcLoTUqr3PMFGWPtNeJxpfsDs=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDKDCCAhCgAwIBAgIVAPPwjPtxFG5P/jWKxOpiFuh9ZvtXMA0GCSqGSIb3DQEB
+CwUAMBoxGDAWBgNVBAMMD3Rlc3RpZHB2My5sdS5zZTAeFw0xODAyMjMxMDM5MDNa
+Fw0zODAyMjMxMDM5MDNaMBoxGDAWBgNVBAMMD3Rlc3RpZHB2My5sdS5zZTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANaL2ga5WIVRqtKRKIZFWrbvRDF+
+1lqvrDJpEiMsc0C8TUZvzltq915imDp4Ot2SPVOdxOcOLjzjZySMDgzOD9RRxIFU
+s9twOv+pzllGmyMalmkTHXSVkIe28Xz4O/4kssDpRXupXsnHNtsES7U0FqNInBEq
+ZPqxm/cScmDR3XafkTnMkmVpw+pvwy2SlynnOGwe7n/OISQd0lUBmPwlAE9caWLF
+bo6miz0PJXQ4/O4BD9nUu4aP3h7bgslWgfbrPaCJfAunt8Ss3pOjAsJM2QnVCNBe
+XtZYEl4BgJyZy3b4htsXm+bVpoOPi+/TYISmUMd4x30Y3K23HX7u3ACma8UCAwEA
+AaNlMGMwHQYDVR0OBBYEFLvdNkT0k42GBBqKG5svUKnkBNOYMEIGA1UdEQQ7MDmC
+D3Rlc3RpZHB2My5sdS5zZYYmaHR0cHM6Ly90ZXN0aWRwdjMubHUuc2UvaWRwL3No
+aWJib2xldGgwDQYJKoZIhvcNAQELBQADggEBADSXnKNwgONI2zASv47QIA1rQAu7
+64v6JhmBUCtSCHOsO1PaMsh/FnidzPjO0nOV1ajsXfBT5AmIqSuiEOstqi+DPjsE
+/aeFaceVxD3pY+dF7RSqaK5lS379+YIXochdcT5rPV1JF4CnKCXEWZZtHDxNrAVV
+OkywuMSzt7l3kLUV1UU2nQlCH+L40CBzy2No2c9hhTwtwVci1mIg9hOGxu8k30pE
+SqU+2BuEvGE7lU9qCjRAWwizbocxcFyMgjOp27KZECTaSz7xTOf80EwbUdl/bOG5
+tG9PjRBKf1z043u2YbWxjTSPUmchxSZoACzzOtSs6D6EetuRqhGHKjT7T6o=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://testidpv3.lu.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://testidpv3.lu.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://testidpv3.lu.se/idp/profile/SAML2/Redirect/SLO"/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://testidpv3.lu.se/idp/profile/SAML2/POST/SLO"/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://testidpv3.lu.se:8443/idp/profile/SAML2/SOAP/SLO"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://testidpv3.lu.se/idp/profile/Shibboleth/SSO"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://testidpv3.lu.se/idp/profile/SAML2/POST/SSO"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://testidpv3.lu.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">LU</OrganizationName>
+ <OrganizationDisplayName xml:lang="sv">Lunds universitet (Test UWDEV)</OrganizationDisplayName>
+ <OrganizationDisplayName xml:lang="en">Lund University (Test UWDEV)</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">https://www.lu.se/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Eskil</GivenName>
+ <SurName>Swahn</SurName>
+ <EmailAddress>mailto:eskil.swahn@ldc.lu.se</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Johan</GivenName>
+ <SurName>Silverup</SurName>
+ <EmailAddress>mailto:johan.silverup@ldc.lu.se</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <SurName>LU Servicedesk</SurName>
+ <EmailAddress>mailto:servicedesk@lu.se</EmailAddress>
+ </ContactPerson>
+ <ContactPerson xmlns:remd="http://refeds.org/metadata" contactType="other" remd:contactType="http://refeds.org/metadata/contactType/security">
+ <GivenName>IRT Lund University</GivenName>
+ <EmailAddress>mailto:abuse@lu.se</EmailAddress>
+ <TelephoneNumber>+46462229000</TelephoneNumber>
+ </ContactPerson>
+</EntityDescriptor>
diff --git a/swamid-2.0/tsidp1.test.bth.se-idp-shibboleth.xml b/swamid-2.0/tsidp1.test.bth.se-idp-shibboleth.xml
new file mode 100644
index 00000000..dc128e52
--- /dev/null
+++ b/swamid-2.0/tsidp1.test.bth.se-idp-shibboleth.xml
@@ -0,0 +1,234 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://tsidp1.test.bth.se/idp/shibboleth">
+ <Extensions>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category-support">
+ <samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue>
+ <samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue>
+ </samla:Attribute>
+ <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns="" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml:AttributeValue>https://refeds.org/sirtfi</saml:AttributeValue>
+ </saml:Attribute>
+ </mdattr:EntityAttributes>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmd:Scope regexp="false">bth.se</shibmd:Scope>
+ <mdui:UIInfo>
+ <mdui:DisplayName xml:lang="sv">Blekinge Tekniska Högskola (MFA-TEST)</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Blekinge Institute of Technology (MFA-TEST)</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Identity Provider för Blekinge Tekniska Högskola</mdui:Description>
+ <mdui:Description xml:lang="en">Identity Provider for Blekinge Institute of Technology</mdui:Description>
+ <mdui:InformationURL xml:lang="sv">http://www.bth.se</mdui:InformationURL>
+ <mdui:InformationURL xml:lang="en">http://www.bth.se/eng</mdui:InformationURL>
+ <mdui:Keywords xml:lang="sv">BTH Blekinge+Tekniska+Högskola Blekinge+Institute+of+Technology</mdui:Keywords>
+ <mdui:Keywords xml:lang="en">BTH Blekinge+Tekniska+Högskola Blekinge+Institute+of+Technology</mdui:Keywords>
+ <mdui:Logo height="139" width="114">https://idp2.bth.se/idp/images/logo_bth.png</mdui:Logo>
+ </mdui:UIInfo>
+ <mdui:DiscoHints>
+ <mdui:DomainHint>bth.se</mdui:DomainHint>
+ <mdui:IPHint>193.11.184.0/21</mdui:IPHint>
+ <mdui:IPHint>194.47.128.0/19</mdui:IPHint>
+ <mdui:IPHint>2001:6b0:2a::/48</mdui:IPHint>
+ <mdui:GeolocationHint>geo:56.181775,15.590592</mdui:GeolocationHint>
+ </mdui:DiscoHints>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDNDCCAhygAwIBAgIVAL4JZ5OOlFGEHPs/Rpjzz0BEIU9XMA0GCSqGSIb3DQEB
+CwUAMB0xGzAZBgNVBAMMEnRzaWRwMS50ZXN0LmJ0aC5zZTAeFw0xODA2MjkwNjQw
+MTFaFw0zODA2MjkwNjQwMTFaMB0xGzAZBgNVBAMMEnRzaWRwMS50ZXN0LmJ0aC5z
+ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJnTxlqrR7kGUpj2gTeG
+xrufYI+QHqbitYaomZLM9FGyHyn0S49UrHJouEzKb/1yiobs4ciElORhYiRdAQSD
+x3djXkqj3oeFFwHuhErIuFC1SumAMb5uZ+eFR4B0tGhwv2WKVY+QLm0DPmZUBKlQ
+rl9ONB4fg3ZZyZYEXgzDcA3HJqagwkUfoxGUFPMHGl/ktwtuHjmtEWcDOZlH79on
+wgQ8RC/CPlxUUeZwdijSyY37Vxf0G3mNHEnLjdeYvf7SozFjKYc6Fk4nZDAzfLo5
+J9bWkmy9sjWXc1UNBKqkLlk/NcVrTt+xuXcUfIEtdpVFA5GKgVgtsx/9QK41+0z7
+D9ECAwEAAaNrMGkwHQYDVR0OBBYEFKQd93TojM9FkDf8YdxAQzOnwLvsMEgGA1Ud
+EQRBMD+CEnRzaWRwMS50ZXN0LmJ0aC5zZYYpaHR0cHM6Ly90c2lkcDEudGVzdC5i
+dGguc2UvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQADggEBAB02tudjah94
+qK/F96OeG1lrEGqt2lLviDqnWFw289KqK8fxEP5NjP+2MUUAv51KeYvQcI+jughp
+xflYTjPt5TjiusNh11AlHstk1agy8CzXjDFs5raZKsvs5eGUyg1WMUnUTPB4ctKv
+eF2SM7dfA7NnVnYU78TWD4lRz9uDQ/nDnXtp3Xj3PrpxJ9v9iEH2/VgN4eDg19YY
+tK8vyOBA/Q5i6jWD8hSw8x+M/iFxzQi9XIWCOOZnWrXSs9NonN9tkPalrWbzV1oE
+q4jW6Zn3MM4pFOliVEaVKC+6cgFKZdN3yflEkkCoduyAU0w3vCFGx2XF1R1p4k6V
+J+GfqsC+ns8=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDNDCCAhygAwIBAgIVAMCjk4hwZmk9nF0zuV584r5x06YnMA0GCSqGSIb3DQEB
+CwUAMB0xGzAZBgNVBAMMEnRzaWRwMS50ZXN0LmJ0aC5zZTAeFw0xODA2MjkwNjQw
+MTBaFw0zODA2MjkwNjQwMTBaMB0xGzAZBgNVBAMMEnRzaWRwMS50ZXN0LmJ0aC5z
+ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAInOwXVLwv6hAnRAOQDI
+tdb9IlM/H+6xQ3eK0LOuWIda3Y0OiTpmv9BjD8jX9DL3vpSpv66bv7ifA9MKrreW
+VFQNZeG0xeqtsoabiITA1Od0en7+ck1hooRSoRo+CUQLUFgaaUBbR0RZGHk4SvoB
+VStHnYN19yLNL+RsrjeP3oSZcPr+jj55gOdQGxhEOy6Wcovt8RbDahNhg1DWpXyS
+/SENPP/WaYOF56Gb9Jpp7KUOUzGzBXFJTU2E8RVo4guwnBpX3yazbiivdnFpXNYb
+YwUByFoR9sEJLXdzUlVHMDDyKbWDS6Auu5MHZuL+bnKmBWG/hdcTlhq2yLqIQ8eN
+rbUCAwEAAaNrMGkwHQYDVR0OBBYEFMZH7tXKMYc372JP87HK33LmHu7FMEgGA1Ud
+EQRBMD+CEnRzaWRwMS50ZXN0LmJ0aC5zZYYpaHR0cHM6Ly90c2lkcDEudGVzdC5i
+dGguc2UvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQADggEBAHdnZz8ynbnd
+3njvoTMbnP+XF+54xbc0ub+agBPgvRJLw/P0ZInpMsRHr8tc8Moqge3OR4fXPoD8
+oQ9oyHQ4XZUNrNX1xZoyA2VTfiHE4LqdqHTxGFyH16DULFPQJikzqzjv8XbMrZUx
+NMVEBzWV5C1ABy5j/tRlKHou8PV7Q5ENqP/jGU0bmuReuU3wd1h1FhEvVx4rkkRO
+wwC7smIOjZq3ObHtcwDfv5oEdCOMW6xrWtg+R8VNM9Sm3WYFB3GbZiTCKVwkXudZ
+kFPwyMVFaFDMzFZ9P2PgZEoF7X5dYttC5cKU1J/rSLXUWn373al6guxkl1YCZ4SA
+amiWSFUkXv0=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDNDCCAhygAwIBAgIVAIeQ6gXNRt2npgOwh7kJuoB7pEUYMA0GCSqGSIb3DQEB
+CwUAMB0xGzAZBgNVBAMMEnRzaWRwMS50ZXN0LmJ0aC5zZTAeFw0xODA2MjkwNjQw
+MTFaFw0zODA2MjkwNjQwMTFaMB0xGzAZBgNVBAMMEnRzaWRwMS50ZXN0LmJ0aC5z
+ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIY/wKxfxIkjQtbxtjBY
+L82AyvTBaHj5m55HsQwNNo7Zxb2nPT+MAcfr8TDD367pAi7O1+RQ+JlmULmJ5lsJ
+9NGvOBM8BzzC07qzGY1bgGd7Kurd6Fpu4zPWhg/9VCgRADtKy1S5eKcpvR+xaoZT
+1SMBQAGiMbon1eHGgy01Nkg2pARLeMVQojiAIGngznysALUXd1pGOgaOoaC1ldUe
+iVW2jmZfa4I6q44HfKRpdm40Sy0BDQXPpGW5xMRkXs2yzm6s3v8fht9I1D2PNYT6
+mFVNiRwoqAHNA+0CgNvf+uAANRO1M6Tq+SbhgWf7GvORJ6TiyuWUdGCh5nJaQbyB
+3osCAwEAAaNrMGkwHQYDVR0OBBYEFNZxQS4WYPDYGrNKSyUKENHjaJgMMEgGA1Ud
+EQRBMD+CEnRzaWRwMS50ZXN0LmJ0aC5zZYYpaHR0cHM6Ly90c2lkcDEudGVzdC5i
+dGguc2UvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQADggEBAAED/q+MHali
+B5I1PHP+mMX7CRTJGBHhuOQQaWNDkEt0hzK+O2RBQHKXKalqR+dL42nnqLzQsnOh
+CVEzP3sXwjzQhE/paWIz/DxNTu6hR+5KDzJRx5q6t9PPeF9ijhpaegniLKOqJ0QY
+NNNV1Qh02+9sRHujAKO2uJcvvT4y4Zdsd7kkRBlzghH+RC5nqmf6Rj2i9wR2AOVU
+VcVDrApXQqd7WhKMFpFuZGyCxaY9Fc/KvEddZ0GBJJQbjHTSRKIH6XlQZWlPZjC/
+ZYyThfo2+RLyEkSS2gQdvq9gTwttlzSTPNeTluLpIiBeIJxHSZG+LRuVlvJ7mse+
+qW+WsHaRP1g=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://tsidp1.test.bth.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://tsidp1.test.bth.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://tsidp1.test.bth.se/idp/profile/Shibboleth/SSO"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://tsidp1.test.bth.se/idp/profile/SAML2/POST/SSO"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://tsidp1.test.bth.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope regexp="false">bth.se</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDNDCCAhygAwIBAgIVAL4JZ5OOlFGEHPs/Rpjzz0BEIU9XMA0GCSqGSIb3DQEB
+CwUAMB0xGzAZBgNVBAMMEnRzaWRwMS50ZXN0LmJ0aC5zZTAeFw0xODA2MjkwNjQw
+MTFaFw0zODA2MjkwNjQwMTFaMB0xGzAZBgNVBAMMEnRzaWRwMS50ZXN0LmJ0aC5z
+ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJnTxlqrR7kGUpj2gTeG
+xrufYI+QHqbitYaomZLM9FGyHyn0S49UrHJouEzKb/1yiobs4ciElORhYiRdAQSD
+x3djXkqj3oeFFwHuhErIuFC1SumAMb5uZ+eFR4B0tGhwv2WKVY+QLm0DPmZUBKlQ
+rl9ONB4fg3ZZyZYEXgzDcA3HJqagwkUfoxGUFPMHGl/ktwtuHjmtEWcDOZlH79on
+wgQ8RC/CPlxUUeZwdijSyY37Vxf0G3mNHEnLjdeYvf7SozFjKYc6Fk4nZDAzfLo5
+J9bWkmy9sjWXc1UNBKqkLlk/NcVrTt+xuXcUfIEtdpVFA5GKgVgtsx/9QK41+0z7
+D9ECAwEAAaNrMGkwHQYDVR0OBBYEFKQd93TojM9FkDf8YdxAQzOnwLvsMEgGA1Ud
+EQRBMD+CEnRzaWRwMS50ZXN0LmJ0aC5zZYYpaHR0cHM6Ly90c2lkcDEudGVzdC5i
+dGguc2UvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQADggEBAB02tudjah94
+qK/F96OeG1lrEGqt2lLviDqnWFw289KqK8fxEP5NjP+2MUUAv51KeYvQcI+jughp
+xflYTjPt5TjiusNh11AlHstk1agy8CzXjDFs5raZKsvs5eGUyg1WMUnUTPB4ctKv
+eF2SM7dfA7NnVnYU78TWD4lRz9uDQ/nDnXtp3Xj3PrpxJ9v9iEH2/VgN4eDg19YY
+tK8vyOBA/Q5i6jWD8hSw8x+M/iFxzQi9XIWCOOZnWrXSs9NonN9tkPalrWbzV1oE
+q4jW6Zn3MM4pFOliVEaVKC+6cgFKZdN3yflEkkCoduyAU0w3vCFGx2XF1R1p4k6V
+J+GfqsC+ns8=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDNDCCAhygAwIBAgIVAMCjk4hwZmk9nF0zuV584r5x06YnMA0GCSqGSIb3DQEB
+CwUAMB0xGzAZBgNVBAMMEnRzaWRwMS50ZXN0LmJ0aC5zZTAeFw0xODA2MjkwNjQw
+MTBaFw0zODA2MjkwNjQwMTBaMB0xGzAZBgNVBAMMEnRzaWRwMS50ZXN0LmJ0aC5z
+ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAInOwXVLwv6hAnRAOQDI
+tdb9IlM/H+6xQ3eK0LOuWIda3Y0OiTpmv9BjD8jX9DL3vpSpv66bv7ifA9MKrreW
+VFQNZeG0xeqtsoabiITA1Od0en7+ck1hooRSoRo+CUQLUFgaaUBbR0RZGHk4SvoB
+VStHnYN19yLNL+RsrjeP3oSZcPr+jj55gOdQGxhEOy6Wcovt8RbDahNhg1DWpXyS
+/SENPP/WaYOF56Gb9Jpp7KUOUzGzBXFJTU2E8RVo4guwnBpX3yazbiivdnFpXNYb
+YwUByFoR9sEJLXdzUlVHMDDyKbWDS6Auu5MHZuL+bnKmBWG/hdcTlhq2yLqIQ8eN
+rbUCAwEAAaNrMGkwHQYDVR0OBBYEFMZH7tXKMYc372JP87HK33LmHu7FMEgGA1Ud
+EQRBMD+CEnRzaWRwMS50ZXN0LmJ0aC5zZYYpaHR0cHM6Ly90c2lkcDEudGVzdC5i
+dGguc2UvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQADggEBAHdnZz8ynbnd
+3njvoTMbnP+XF+54xbc0ub+agBPgvRJLw/P0ZInpMsRHr8tc8Moqge3OR4fXPoD8
+oQ9oyHQ4XZUNrNX1xZoyA2VTfiHE4LqdqHTxGFyH16DULFPQJikzqzjv8XbMrZUx
+NMVEBzWV5C1ABy5j/tRlKHou8PV7Q5ENqP/jGU0bmuReuU3wd1h1FhEvVx4rkkRO
+wwC7smIOjZq3ObHtcwDfv5oEdCOMW6xrWtg+R8VNM9Sm3WYFB3GbZiTCKVwkXudZ
+kFPwyMVFaFDMzFZ9P2PgZEoF7X5dYttC5cKU1J/rSLXUWn373al6guxkl1YCZ4SA
+amiWSFUkXv0=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDNDCCAhygAwIBAgIVAIeQ6gXNRt2npgOwh7kJuoB7pEUYMA0GCSqGSIb3DQEB
+CwUAMB0xGzAZBgNVBAMMEnRzaWRwMS50ZXN0LmJ0aC5zZTAeFw0xODA2MjkwNjQw
+MTFaFw0zODA2MjkwNjQwMTFaMB0xGzAZBgNVBAMMEnRzaWRwMS50ZXN0LmJ0aC5z
+ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIY/wKxfxIkjQtbxtjBY
+L82AyvTBaHj5m55HsQwNNo7Zxb2nPT+MAcfr8TDD367pAi7O1+RQ+JlmULmJ5lsJ
+9NGvOBM8BzzC07qzGY1bgGd7Kurd6Fpu4zPWhg/9VCgRADtKy1S5eKcpvR+xaoZT
+1SMBQAGiMbon1eHGgy01Nkg2pARLeMVQojiAIGngznysALUXd1pGOgaOoaC1ldUe
+iVW2jmZfa4I6q44HfKRpdm40Sy0BDQXPpGW5xMRkXs2yzm6s3v8fht9I1D2PNYT6
+mFVNiRwoqAHNA+0CgNvf+uAANRO1M6Tq+SbhgWf7GvORJ6TiyuWUdGCh5nJaQbyB
+3osCAwEAAaNrMGkwHQYDVR0OBBYEFNZxQS4WYPDYGrNKSyUKENHjaJgMMEgGA1Ud
+EQRBMD+CEnRzaWRwMS50ZXN0LmJ0aC5zZYYpaHR0cHM6Ly90c2lkcDEudGVzdC5i
+dGguc2UvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQADggEBAAED/q+MHali
+B5I1PHP+mMX7CRTJGBHhuOQQaWNDkEt0hzK+O2RBQHKXKalqR+dL42nnqLzQsnOh
+CVEzP3sXwjzQhE/paWIz/DxNTu6hR+5KDzJRx5q6t9PPeF9ijhpaegniLKOqJ0QY
+NNNV1Qh02+9sRHujAKO2uJcvvT4y4Zdsd7kkRBlzghH+RC5nqmf6Rj2i9wR2AOVU
+VcVDrApXQqd7WhKMFpFuZGyCxaY9Fc/KvEddZ0GBJJQbjHTSRKIH6XlQZWlPZjC/
+ZYyThfo2+RLyEkSS2gQdvq9gTwttlzSTPNeTluLpIiBeIJxHSZG+LRuVlvJ7mse+
+qW+WsHaRP1g=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://tsidp1.test.bth.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">BTH</OrganizationName>
+ <OrganizationDisplayName xml:lang="sv">Blekinge Tekniska Högskola (MFA-TEST)</OrganizationDisplayName>
+ <OrganizationDisplayName xml:lang="en">Blekinge Institute of Technology (MFA-TEST)</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.bth.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <Company>Blekinge Institute of Technology</Company>
+ <SurName>IT Helpdesk</SurName>
+ <EmailAddress>mailto:ithelpdesk@bth.se</EmailAddress>
+ <TelephoneNumber>+46 455 38 51 00</TelephoneNumber>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <Company>Blekinge Institute of Technology</Company>
+ <SurName>IT Helpdesk</SurName>
+ <EmailAddress>mailto:ithelpdesk@bth.se</EmailAddress>
+ <TelephoneNumber>+46 455 38 51 00</TelephoneNumber>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <Company>Blekinge Institute of Technology</Company>
+ <SurName>IT Helpdesk</SurName>
+ <EmailAddress>mailto:ithelpdesk@bth.se</EmailAddress>
+ <TelephoneNumber>+46 455 381500</TelephoneNumber>
+ </ContactPerson>
+ <ContactPerson xmlns:remd="http://refeds.org/metadata" contactType="other" remd:contactType="http://refeds.org/metadata/contactType/security">
+ <GivenName>Security Response Team</GivenName>
+ <EmailAddress>mailto:abuse@bth.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
diff --git a/swamid-2.0/us.cloudmore.com-shibboleth.xml b/swamid-2.0/us.cloudmore.com-shibboleth.xml
index 4cce3d13..48a1d5b2 100644
--- a/swamid-2.0/us.cloudmore.com-shibboleth.xml
+++ b/swamid-2.0/us.cloudmore.com-shibboleth.xml
@@ -30,7 +30,7 @@
<mdui:Description xml:lang="en">Cloud Brokerage Platform for IT, Business and Public Sector</mdui:Description>
<mdui:InformationURL xml:lang="en">http://web.cloudmore.com/</mdui:InformationURL>
<mdui:Logo xml:lang="en" height="300" width="300">https://us.cloudmore.com/Files/Uploads/Shibboleth/Cloudmore-green-icon.png</mdui:Logo>
- <mdui:PrivacyStatementURL xml:lang="en">https://web.cloudmore.com/hubfs/terms/Cloudmore%20Privacy%20Policy%20v2017-04.pdf</mdui:PrivacyStatementURL>
+ <mdui:PrivacyStatementURL xml:lang="en">http://web.cloudmore.com/privacy/cloudmore-data-processing-terms</mdui:PrivacyStatementURL>
</mdui:UIInfo>
<init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://us.cloudmore.com/Shibboleth.sso/Login"/>
</md:Extensions>
diff --git a/swamid-2.0/weblogin.kau.se-idp-shibboleth.xml b/swamid-2.0/weblogin.kau.se-idp-shibboleth.xml
index 08a51405..2e9cf327 100644
--- a/swamid-2.0/weblogin.kau.se-idp-shibboleth.xml
+++ b/swamid-2.0/weblogin.kau.se-idp-shibboleth.xml
@@ -208,9 +208,11 @@ cHgs7D1QiqGixbmFlSZyPcCPcIzPDzRaoXyb+yKQy31QP/VEt8VGXH5H2A==
</AttributeAuthorityDescriptor>
<Organization>
<OrganizationName xml:lang="en">KAU</OrganizationName>
+ <OrganizationName xml:lang="sv">KAU</OrganizationName>
<OrganizationDisplayName xml:lang="sv">Karlstads universitet</OrganizationDisplayName>
<OrganizationDisplayName xml:lang="en">Karlstad University</OrganizationDisplayName>
- <OrganizationURL xml:lang="en">http://www.kau.se</OrganizationURL>
+ <OrganizationURL xml:lang="en">http://www.kau.se/en</OrganizationURL>
+ <OrganizationURL xml:lang="sv">http://www.kau.se</OrganizationURL>
</Organization>
<ContactPerson contactType="administrative">
<Company>Karlstad University</Company>
diff --git a/swamid-2.0/webproxysrv.uniarts.se-adfs-services-trust.xml b/swamid-2.0/webproxysrv.uniarts.se-adfs-services-trust.xml
index c8b4940f..26190888 100644
--- a/swamid-2.0/webproxysrv.uniarts.se-adfs-services-trust.xml
+++ b/swamid-2.0/webproxysrv.uniarts.se-adfs-services-trust.xml
@@ -1,631 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="http://webproxysrv.uniarts.se/adfs/services/trust">
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="SKH Federation Services">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIFUDCCBDigAwIBAgIQDjYX0Tt8ykO4l5acarpnTDANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wgQ0EgMzAeFw0xNTEwMjgwMDAwMDBaFw0xODExMDExMjAwMDBaMIGQMQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xKzApBgNVBAoMIlN0b2NraG9sbXMga29uc3Ruw6RybGlnYSBow7Znc2tvbGExCzAJBgNVBAsTAklUMR8wHQYDVQQDExZ3ZWJwcm94eXNydi51bmlhcnRzLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAph5zfUwm/ttNeSs235cO+bVcGVQN7KZ0fCNbrcdIIczu428JAWxQNtLXr1XFryearsfSCYMxTNxfL80so7f+h/wXh98GYI6l0oYKUxRBtWNPuaGPS1Zj8c8dP+rTur+n5B8Y+oi2lJZyUCpx37zsIDpnWWVmRf6AOH9a7NZ5TziA4NQKc7RhIPpGP1owtAEKUCwmxBLVdeTnKK0P76vHwKkmANRo2mpDh2KNGIWfCL92uapxZnJLnw139X4tK2+Y3e/B95VFLthmJaO39SyDg0Z5+tGbOM07O5az6Bxd0U+tyn50DgcDR+n1fXEnYKzZZ6RwXtAmfsKaxnILTxWkuQIDAQABo4IBzzCCAcswHwYDVR0jBBgwFoAUZ/2IIBQnmMcJ0iUZu+lREWN1UGIwHQYDVR0OBBYEFHUjEnJ9NYIsk9drv73ycdYQMcAJMCEGA1UdEQQaMBiCFndlYnByb3h5c3J2LnVuaWFydHMuc2UwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vVEVSRU5BU1NMQ0EzLmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1RFUkVOQVNTTENBMy5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwbgYIKwYBBQUHAQEEYjBgMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOAYIKwYBBQUHMAKGLGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xDQTMuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBAHAYQ5i9Ruevq0Md4Y5DD7HIjyXfO8rG0iuSTN6og6w7Wnpz4ZgSp/EQfTG+bItV9CoiFlIDOSDMPwYSPeZNo2LPOuCfDtGs5eQWKOBR/3SBm6I8gqkpm1WR7Qr7DjX4Tdpp+GhLmygb/95p0jVCH86PFj67LvOKq1DnVossZ+WdxbnYyEviiXSTEcDsCBMKPSFKy8732SkncX76blNFGKaFtaLYsZg4nAVn39sPOGd1EzrZBq/FYxKlteWKyJRR919W/qi15UbMUx4cvHjjWrXwoHWSatlSu9qKG68blkseUmtN/YQAQh9JyynE0Y/ovNLEs7wKi1X5O/KnSahXUg4=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:ClaimTypesRequested>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
- <auth:DisplayName>Client IP</auth:DisplayName>
- <auth:Description>IP address of the client</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
- <auth:DisplayName>Endpoint Path</auth:DisplayName>
- <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2013/11/alternateloginid" Optional="true">
- <auth:DisplayName>Alternate Login ID</auth:DisplayName>
- <auth:Description>Alternate login ID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/eduPersonScopedAffiliation" Optional="true">
- <auth:DisplayName>eduPersonScopedAffiliation</auth:DisplayName>
- <auth:Description>Claim för SWAMID 2015-11-18 //LL</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/employeeid" Optional="true">
- <auth:DisplayName>norEduPersonNIN</auth:DisplayName>
- <auth:Description>Inlagt 2016-03-22 av LL efter tips från Tomas Legat, Södertörn</auth:Description>
- </auth:ClaimType>
- </fed:ClaimTypesRequested>
- <fed:TargetScopes>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://webproxysrv.uniarts.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://webproxysrv.uniarts.se/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://webproxysrv.uniarts.se/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://webproxysrv.uniarts.se/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://webproxysrv.uniarts.se/adfs/ls/</Address>
- </EndpointReference>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>http://webproxysrv.uniarts.se/adfs/services/trust</Address>
- </EndpointReference>
- </fed:TargetScopes>
- <fed:ApplicationServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://webproxysrv.uniarts.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
- </EndpointReference>
- </fed:ApplicationServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://webproxysrv.uniarts.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
- <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:SecurityTokenServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="SKH Federation Services">
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIFUDCCBDigAwIBAgIQDjYX0Tt8ykO4l5acarpnTDANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wgQ0EgMzAeFw0xNTEwMjgwMDAwMDBaFw0xODExMDExMjAwMDBaMIGQMQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xKzApBgNVBAoMIlN0b2NraG9sbXMga29uc3Ruw6RybGlnYSBow7Znc2tvbGExCzAJBgNVBAsTAklUMR8wHQYDVQQDExZ3ZWJwcm94eXNydi51bmlhcnRzLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAph5zfUwm/ttNeSs235cO+bVcGVQN7KZ0fCNbrcdIIczu428JAWxQNtLXr1XFryearsfSCYMxTNxfL80so7f+h/wXh98GYI6l0oYKUxRBtWNPuaGPS1Zj8c8dP+rTur+n5B8Y+oi2lJZyUCpx37zsIDpnWWVmRf6AOH9a7NZ5TziA4NQKc7RhIPpGP1owtAEKUCwmxBLVdeTnKK0P76vHwKkmANRo2mpDh2KNGIWfCL92uapxZnJLnw139X4tK2+Y3e/B95VFLthmJaO39SyDg0Z5+tGbOM07O5az6Bxd0U+tyn50DgcDR+n1fXEnYKzZZ6RwXtAmfsKaxnILTxWkuQIDAQABo4IBzzCCAcswHwYDVR0jBBgwFoAUZ/2IIBQnmMcJ0iUZu+lREWN1UGIwHQYDVR0OBBYEFHUjEnJ9NYIsk9drv73ycdYQMcAJMCEGA1UdEQQaMBiCFndlYnByb3h5c3J2LnVuaWFydHMuc2UwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vVEVSRU5BU1NMQ0EzLmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1RFUkVOQVNTTENBMy5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwbgYIKwYBBQUHAQEEYjBgMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOAYIKwYBBQUHMAKGLGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xDQTMuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBAHAYQ5i9Ruevq0Md4Y5DD7HIjyXfO8rG0iuSTN6og6w7Wnpz4ZgSp/EQfTG+bItV9CoiFlIDOSDMPwYSPeZNo2LPOuCfDtGs5eQWKOBR/3SBm6I8gqkpm1WR7Qr7DjX4Tdpp+GhLmygb/95p0jVCH86PFj67LvOKq1DnVossZ+WdxbnYyEviiXSTEcDsCBMKPSFKy8732SkncX76blNFGKaFtaLYsZg4nAVn39sPOGd1EzrZBq/FYxKlteWKyJRR919W/qi15UbMUx4cvHjjWrXwoHWSatlSu9qKG68blkseUmtN/YQAQh9JyynE0Y/ovNLEs7wKi1X5O/KnSahXUg4=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <fed:TokenTypesOffered>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:2.0:assertion"/>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion"/>
- </fed:TokenTypesOffered>
- <fed:ClaimTypesOffered>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
- <auth:DisplayName>E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
- <auth:DisplayName>Given Name</auth:DisplayName>
- <auth:Description>The given name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
- <auth:DisplayName>Name</auth:DisplayName>
- <auth:Description>The unique name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
- <auth:DisplayName>UPN</auth:DisplayName>
- <auth:Description>The user principal name (UPN) of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
- <auth:DisplayName>Common Name</auth:DisplayName>
- <auth:Description>The common name of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
- <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
- <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
- <auth:DisplayName>Group</auth:DisplayName>
- <auth:Description>A group that the user is a member of</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
- <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
- <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
- <auth:DisplayName>Role</auth:DisplayName>
- <auth:Description>A role that the user has</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
- <auth:DisplayName>Surname</auth:DisplayName>
- <auth:Description>The surname of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
- <auth:DisplayName>PPID</auth:DisplayName>
- <auth:Description>The private identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
- <auth:DisplayName>Name ID</auth:DisplayName>
- <auth:Description>The SAML name identifier of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
- <auth:DisplayName>Authentication time stamp</auth:DisplayName>
- <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
- <auth:DisplayName>Authentication method</auth:DisplayName>
- <auth:Description>The method used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
- <auth:DisplayName>Deny only group SID</auth:DisplayName>
- <auth:Description>The deny-only group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
- <auth:DisplayName>Deny only primary SID</auth:DisplayName>
- <auth:Description>The deny-only primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
- <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
- <auth:Description>The deny-only primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
- <auth:DisplayName>Group SID</auth:DisplayName>
- <auth:Description>The group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
- <auth:DisplayName>Primary group SID</auth:DisplayName>
- <auth:Description>The primary group SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
- <auth:DisplayName>Primary SID</auth:DisplayName>
- <auth:Description>The primary SID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
- <auth:DisplayName>Windows account name</auth:DisplayName>
- <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
- <auth:DisplayName>Is Registered User</auth:DisplayName>
- <auth:Description>User is registered to use this device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
- <auth:DisplayName>Device Identifier</auth:DisplayName>
- <auth:Description>Identifier of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
- <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
- <auth:Description>Identifier for Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
- <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
- <auth:Description>Display name of Device Registration</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
- <auth:DisplayName>Device OS type</auth:DisplayName>
- <auth:Description>OS type of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
- <auth:DisplayName>Device OS Version</auth:DisplayName>
- <auth:Description>OS version of the device</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
- <auth:DisplayName>Is Managed Device</auth:DisplayName>
- <auth:Description>Device is managed by a management service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
- <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
- <auth:Description>IP address of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
- <auth:DisplayName>Client Application</auth:DisplayName>
- <auth:Description>Type of the Client Application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
- <auth:DisplayName>Client User Agent</auth:DisplayName>
- <auth:Description>Device type the client is using to access the application</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
- <auth:DisplayName>Client IP</auth:DisplayName>
- <auth:Description>IP address of the client</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
- <auth:DisplayName>Endpoint Path</auth:DisplayName>
- <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
- <auth:DisplayName>Proxy</auth:DisplayName>
- <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
- <auth:DisplayName>Application Identifier</auth:DisplayName>
- <auth:Description>Identifier for the Relying Party</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
- <auth:DisplayName>Application policies</auth:DisplayName>
- <auth:Description>Application policies of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
- <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
- <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
- <auth:DisplayName>Basic Constraint</auth:DisplayName>
- <auth:Description>One of the basic constraints of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
- <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
- <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
- <auth:DisplayName>Issuer</auth:DisplayName>
- <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
- <auth:DisplayName>Issuer Name</auth:DisplayName>
- <auth:Description>The distinguished name of the certificate issuer</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
- <auth:DisplayName>Key Usage</auth:DisplayName>
- <auth:Description>One of the key usages of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
- <auth:DisplayName>Not After</auth:DisplayName>
- <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
- <auth:DisplayName>Not Before</auth:DisplayName>
- <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
- <auth:DisplayName>Certificate Policies</auth:DisplayName>
- <auth:Description>The policies under which the certificate has been issued</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
- <auth:DisplayName>Public Key</auth:DisplayName>
- <auth:Description>Public Key of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
- <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
- <auth:Description>The raw data of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
- <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
- <auth:Description>One of the alternative names of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
- <auth:DisplayName>Serial Number</auth:DisplayName>
- <auth:Description>The serial number of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
- <auth:DisplayName>Signature Algorithm</auth:DisplayName>
- <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
- <auth:DisplayName>Subject</auth:DisplayName>
- <auth:Description>The subject from the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
- <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
- <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
- <auth:DisplayName>Subject Name</auth:DisplayName>
- <auth:Description>The subject distinguished name from a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
- <auth:DisplayName>V2 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
- <auth:DisplayName>V1 Template Name</auth:DisplayName>
- <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
- <auth:DisplayName>Thumbprint</auth:DisplayName>
- <auth:Description>Thumbprint of the certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
- <auth:DisplayName>X.509 Version</auth:DisplayName>
- <auth:Description>The X.509 format version of a certificate</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
- <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
- <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
- <auth:DisplayName>Password Expiration Time</auth:DisplayName>
- <auth:Description>Used to display the time when the password expires</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
- <auth:DisplayName>Password Expiration Days</auth:DisplayName>
- <auth:Description>Used to display the number of days to password expiry</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
- <auth:DisplayName>Update Password URL</auth:DisplayName>
- <auth:Description>Used to display the web address of update password service</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
- <auth:DisplayName>Authentication Methods References</auth:DisplayName>
- <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
- <auth:DisplayName>Client Request ID</auth:DisplayName>
- <auth:Description>Identifier for a user session</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2013/11/alternateloginid" Optional="true">
- <auth:DisplayName>Alternate Login ID</auth:DisplayName>
- <auth:Description>Alternate login ID of the user</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/eduPersonScopedAffiliation" Optional="true">
- <auth:DisplayName>eduPersonScopedAffiliation</auth:DisplayName>
- <auth:Description>Claim för SWAMID 2015-11-18 //LL</auth:Description>
- </auth:ClaimType>
- <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/employeeid" Optional="true">
- <auth:DisplayName>norEduPersonNIN</auth:DisplayName>
- <auth:Description>Inlagt 2016-03-22 av LL efter tips från Tomas Legat, Södertörn</auth:Description>
- </auth:ClaimType>
- </fed:ClaimTypesOffered>
- <fed:SecurityTokenServiceEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://webproxysrv.uniarts.se/adfs/services/trust/2005/certificatemixed</Address>
- <Metadata>
- <Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataSection xmlns="" Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex">
- <wsx:MetadataReference>
- <Address xmlns="http://www.w3.org/2005/08/addressing">https://webproxysrv.uniarts.se/adfs/services/trust/mex</Address>
- </wsx:MetadataReference>
- </wsx:MetadataSection>
- </Metadata>
- </Metadata>
- </EndpointReference>
- </fed:SecurityTokenServiceEndpoint>
- <fed:PassiveRequestorEndpoint>
- <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
- <Address>https://webproxysrv.uniarts.se/adfs/ls/</Address>
- </EndpointReference>
- </fed:PassiveRequestorEndpoint>
- </RoleDescriptor>
- <SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIFUDCCBDigAwIBAgIQDjYX0Tt8ykO4l5acarpnTDANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wgQ0EgMzAeFw0xNTEwMjgwMDAwMDBaFw0xODExMDExMjAwMDBaMIGQMQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xKzApBgNVBAoMIlN0b2NraG9sbXMga29uc3Ruw6RybGlnYSBow7Znc2tvbGExCzAJBgNVBAsTAklUMR8wHQYDVQQDExZ3ZWJwcm94eXNydi51bmlhcnRzLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAph5zfUwm/ttNeSs235cO+bVcGVQN7KZ0fCNbrcdIIczu428JAWxQNtLXr1XFryearsfSCYMxTNxfL80so7f+h/wXh98GYI6l0oYKUxRBtWNPuaGPS1Zj8c8dP+rTur+n5B8Y+oi2lJZyUCpx37zsIDpnWWVmRf6AOH9a7NZ5TziA4NQKc7RhIPpGP1owtAEKUCwmxBLVdeTnKK0P76vHwKkmANRo2mpDh2KNGIWfCL92uapxZnJLnw139X4tK2+Y3e/B95VFLthmJaO39SyDg0Z5+tGbOM07O5az6Bxd0U+tyn50DgcDR+n1fXEnYKzZZ6RwXtAmfsKaxnILTxWkuQIDAQABo4IBzzCCAcswHwYDVR0jBBgwFoAUZ/2IIBQnmMcJ0iUZu+lREWN1UGIwHQYDVR0OBBYEFHUjEnJ9NYIsk9drv73ycdYQMcAJMCEGA1UdEQQaMBiCFndlYnByb3h5c3J2LnVuaWFydHMuc2UwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vVEVSRU5BU1NMQ0EzLmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1RFUkVOQVNTTENBMy5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwbgYIKwYBBQUHAQEEYjBgMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOAYIKwYBBQUHMAKGLGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xDQTMuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBAHAYQ5i9Ruevq0Md4Y5DD7HIjyXfO8rG0iuSTN6og6w7Wnpz4ZgSp/EQfTG+bItV9CoiFlIDOSDMPwYSPeZNo2LPOuCfDtGs5eQWKOBR/3SBm6I8gqkpm1WR7Qr7DjX4Tdpp+GhLmygb/95p0jVCH86PFj67LvOKq1DnVossZ+WdxbnYyEviiXSTEcDsCBMKPSFKy8732SkncX76blNFGKaFtaLYsZg4nAVn39sPOGd1EzrZBq/FYxKlteWKyJRR919W/qi15UbMUx4cvHjjWrXwoHWSatlSu9qKG68blkseUmtN/YQAQh9JyynE0Y/ovNLEs7wKi1X5O/KnSahXUg4=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIFUDCCBDigAwIBAgIQDjYX0Tt8ykO4l5acarpnTDANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wgQ0EgMzAeFw0xNTEwMjgwMDAwMDBaFw0xODExMDExMjAwMDBaMIGQMQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xKzApBgNVBAoMIlN0b2NraG9sbXMga29uc3Ruw6RybGlnYSBow7Znc2tvbGExCzAJBgNVBAsTAklUMR8wHQYDVQQDExZ3ZWJwcm94eXNydi51bmlhcnRzLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAph5zfUwm/ttNeSs235cO+bVcGVQN7KZ0fCNbrcdIIczu428JAWxQNtLXr1XFryearsfSCYMxTNxfL80so7f+h/wXh98GYI6l0oYKUxRBtWNPuaGPS1Zj8c8dP+rTur+n5B8Y+oi2lJZyUCpx37zsIDpnWWVmRf6AOH9a7NZ5TziA4NQKc7RhIPpGP1owtAEKUCwmxBLVdeTnKK0P76vHwKkmANRo2mpDh2KNGIWfCL92uapxZnJLnw139X4tK2+Y3e/B95VFLthmJaO39SyDg0Z5+tGbOM07O5az6Bxd0U+tyn50DgcDR+n1fXEnYKzZZ6RwXtAmfsKaxnILTxWkuQIDAQABo4IBzzCCAcswHwYDVR0jBBgwFoAUZ/2IIBQnmMcJ0iUZu+lREWN1UGIwHQYDVR0OBBYEFHUjEnJ9NYIsk9drv73ycdYQMcAJMCEGA1UdEQQaMBiCFndlYnByb3h5c3J2LnVuaWFydHMuc2UwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vVEVSRU5BU1NMQ0EzLmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1RFUkVOQVNTTENBMy5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwbgYIKwYBBQUHAQEEYjBgMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOAYIKwYBBQUHMAKGLGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xDQTMuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBAHAYQ5i9Ruevq0Md4Y5DD7HIjyXfO8rG0iuSTN6og6w7Wnpz4ZgSp/EQfTG+bItV9CoiFlIDOSDMPwYSPeZNo2LPOuCfDtGs5eQWKOBR/3SBm6I8gqkpm1WR7Qr7DjX4Tdpp+GhLmygb/95p0jVCH86PFj67LvOKq1DnVossZ+WdxbnYyEviiXSTEcDsCBMKPSFKy8732SkncX76blNFGKaFtaLYsZg4nAVn39sPOGd1EzrZBq/FYxKlteWKyJRR919W/qi15UbMUx4cvHjjWrXwoHWSatlSu9qKG68blkseUmtN/YQAQh9JyynE0Y/ovNLEs7wKi1X5O/KnSahXUg4=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://webproxysrv.uniarts.se/adfs/ls/"/>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://webproxysrv.uniarts.se/adfs/ls/"/>
- <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
- <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://webproxysrv.uniarts.se/adfs/ls/" index="0" isDefault="true"/>
- <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://webproxysrv.uniarts.se/adfs/ls/" index="1"/>
- </SPSSODescriptor>
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<Extensions>
<shibmd:Scope xmlns="" regexp="false">uniarts.se</shibmd:Scope>
@@ -660,72 +34,6 @@
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://webproxysrv.uniarts.se/adfs/ls/"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://webproxysrv.uniarts.se/adfs/ls/"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Registered User"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration DisplayName"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS type"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS Version"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Managed Device"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Forwarded Client IP"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Application"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client User Agent"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client IP"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Endpoint Path"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Proxy"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application policies"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authority Key Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Basic Constraint"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Enhanced Key Usage"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Key Usage"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not After"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not Before"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Policies"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Public Key"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Raw Data"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Alternative Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Serial Number"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Signature Algorithm"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Key Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V2 Template Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V1 Template Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Thumbprint"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="X.509 Version"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Inside Corporate Network"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Time"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Days"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Update Password URL"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication Methods References"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Request ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2013/11/alternateloginid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Alternate Login ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/eduPersonScopedAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonScopedAffiliation"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/employeeid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="norEduPersonNIN"/>
</IDPSSODescriptor>
<Organization>
<OrganizationName xml:lang="sv">Stockholms konstnärliga högskola</OrganizationName>
diff --git a/swamid-2.0/www.itslearning.com-integrations-samlmetadata-saml2v2-extensions-1.xml b/swamid-2.0/www.itslearning.com-integrations-samlmetadata-saml2v2-extensions-1.xml
new file mode 100644
index 00000000..17aadd9d
--- /dev/null
+++ b/swamid-2.0/www.itslearning.com-integrations-samlmetadata-saml2v2-extensions-1.xml
@@ -0,0 +1,134 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://www.itslearning.com/integrations/samlmetadata/saml2v2/extensions/1">
+ <Extensions>
+ <attr:EntityAttributes xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+ <samla:AttributeValue>http://www.swamid.se/category/eu-adequate-protection</samla:AttributeValue>
+ </samla:Attribute>
+ </attr:EntityAttributes>
+ </Extensions>
+ <SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="en">itslearning</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="sv">itslearning</mdui:DisplayName>
+ <mdui:Description xml:lang="en">itslearning is a cloud-based LMS that connects people with passions, ideas, and each other.</mdui:Description>
+ <mdui:Description xml:lang="sv">itslearning is a cloud-based LMS that connects people with passions, ideas, and each other.</mdui:Description>
+ <mdui:InformationURL xml:lang="sv">https://itslearning.com/global/higher-education/lms-overview/</mdui:InformationURL>
+ <mdui:InformationURL xml:lang="en">https://itslearning.com/global/higher-education/lms-overview/</mdui:InformationURL>
+ <mdui:PrivacyStatementURL xml:lang="sv">https://itslearning.com/global/privacy-policy/</mdui:PrivacyStatementURL>
+ <mdui:PrivacyStatementURL xml:lang="en">https://itslearning.com/global/privacy-policy/</mdui:PrivacyStatementURL>
+ </mdui:UIInfo>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>MIIHlTCCBn2gAwIBAgIQP+NA0KNpKn1K1cqIg6opAjANBgkqhkiG9w0BAQsFADCB
+ljELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxPDA6BgNV
+BAMTM0NPTU9ETyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl
+cnZlciBDQTAeFw0xODA1MTYwMDAwMDBaFw0yMDA3MTIyMzU5NTlaMIH5MQswCQYD
+VQQGEwJOTzENMAsGA1UEERMENTA1ODESMBAGA1UECBMJSG9yZGFsYW5kMQ8wDQYD
+VQQHEwZCZXJnZW4xGTAXBgNVBAkTEFNvbGhlaW1zZ2F0ZW4gN0QxFzAVBgNVBAoT
+Dkl0c2xlYXJuaW5nIEFTMRQwEgYDVQQLEwtFbmdpbmVlcmluZzE0MDIGA1UECxMr
+SXNzdWVkIHRocm91Z2ggSXRzbGVhcm5pbmcgQVMgRS1QS0kgTWFuYWdlcjEXMBUG
+A1UECxMOSW5zdGFudFNTTCBQcm8xHTAbBgNVBAMTFGF1dGguaXRzbGVhcm5pbmcu
+Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnL3Ce3rHV+lFOBev
+YHDvE35mN548WlVj5EZ59qSAdi43mvb1VSk0cQOyXkFs3AlvhGwjDhlD8xHZlY95
+WXjUjiyTsl3jfNOpfBZXW19tElKSpLP/3sKkPCOm8LE+mjH0Jut+BFkvsVMHm5CU
+1uoUjtRwqPc9GWQhbP7aNO6OvMTi/wDixuNr1y4Sxt8ssKJXwApW27bMlglxg6zo
+uq9V/L96e5OjupiIa7ijUT/WYPyn4JIGwImkZF6IMQBj3YlV8AnshQUwdFsF1NLJ
+SxzklleuZrSbsdNI8xMHAe/XtDJnU8l/OvJzOFxHlRLyE5wA/5PPsZSN0N1zDqiX
+A8ScZQIDAQABo4IDeDCCA3QwHwYDVR0jBBgwFoAUmvMr2s+tT7YvuypISCoStxtC
+wSQwHQYDVR0OBBYEFNaycWFeuFE1hKeVCODgJ4n9BU3PMA4GA1UdDwEB/wQEAwIF
+oDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBQ
+BgNVHSAESTBHMDsGDCsGAQQBsjEBAgEDBDArMCkGCCsGAQUFBwIBFh1odHRwczov
+L3NlY3VyZS5jb21vZG8uY29tL0NQUzAIBgZngQwBAgIwWgYDVR0fBFMwUTBPoE2g
+S4ZJaHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPUlNBT3JnYW5pemF0aW9u
+VmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBiwYIKwYBBQUHAQEEfzB9MFUG
+CCsGAQUFBzAChklodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9SU0FPcmdh
+bml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQGCCsGAQUFBzAB
+hhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wOQYDVR0RBDIwMIIUYXV0aC5pdHNs
+ZWFybmluZy5jb22CGHd3dy5hdXRoLml0c2xlYXJuaW5nLmNvbTCCAXwGCisGAQQB
+1nkCBAIEggFsBIIBaAFmAHUA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo
+/csAAAFjaTlcbwAABAMARjBEAiBRV9veyNwZtaj3ZexTcKre6ym6JxlFqZRkGWFq
+e3/vfAIgGxI4b/Eti7nqIcZvITs5Wc8533Hr0neltIT2yoO8c6AAdgBep3P531bA
+57U2SH3QSeAyepGaDIShEhKEGHWWgXFFWAAAAWNpOVy1AAAEAwBHMEUCIQDorbHP
+ACo344R70Nsqj/yR3mFD9rMMFtHk/rh05NZeSgIgSL1WkhcxSGGS/xa/50O/MmCw
+4+pdNbDl3pS7JHljb4kAdQBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZ
+EwAAAWNpOVyrAAAEAwBGMEQCIF5BrhHAPwfg0OwGXoZtQXzyxnpbGUI3P1Ymw/x0
+3YTTAiBTljVCbwKXsQwIxfyXdtQd+bqbfjOrNdNvZuxeP53tUTANBgkqhkiG9w0B
+AQsFAAOCAQEAQnj3qAwRvND9Yax6CbVIafBLrM5fjHisBnFtwenCrUoqklmp5dQR
+fDAD1Xtwt/Wkq5r3bIib/5G1zn6k4c0dCVV9/n2L2/QmWgzpU+c2NtuzohWSw3wX
+wUcb5n/1paq94ghOBtKgGlzXPwjsCZMkeUTDFjKixcDMjH/FIVbYqVYCHcOWGKuH
+MyIHFtqoK7v6gY3RAZxSuuFZw7O4BZ9wibfGKY0VLxW3HE0a6Fz9EpG2fDKBvHKt
+Zit0Oo8ffXXp4SorTdYx5FYi465WzExrKcKOvfxgsCoCpLENi5R4RSDZfMNLe3lN
+BZ3nmbrlzGnKqIX5ScicLNLtdVyxUJXoAA==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="encryption">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>MIIHlTCCBn2gAwIBAgIQP+NA0KNpKn1K1cqIg6opAjANBgkqhkiG9w0BAQsFADCB
+ljELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxPDA6BgNV
+BAMTM0NPTU9ETyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl
+cnZlciBDQTAeFw0xODA1MTYwMDAwMDBaFw0yMDA3MTIyMzU5NTlaMIH5MQswCQYD
+VQQGEwJOTzENMAsGA1UEERMENTA1ODESMBAGA1UECBMJSG9yZGFsYW5kMQ8wDQYD
+VQQHEwZCZXJnZW4xGTAXBgNVBAkTEFNvbGhlaW1zZ2F0ZW4gN0QxFzAVBgNVBAoT
+Dkl0c2xlYXJuaW5nIEFTMRQwEgYDVQQLEwtFbmdpbmVlcmluZzE0MDIGA1UECxMr
+SXNzdWVkIHRocm91Z2ggSXRzbGVhcm5pbmcgQVMgRS1QS0kgTWFuYWdlcjEXMBUG
+A1UECxMOSW5zdGFudFNTTCBQcm8xHTAbBgNVBAMTFGF1dGguaXRzbGVhcm5pbmcu
+Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnL3Ce3rHV+lFOBev
+YHDvE35mN548WlVj5EZ59qSAdi43mvb1VSk0cQOyXkFs3AlvhGwjDhlD8xHZlY95
+WXjUjiyTsl3jfNOpfBZXW19tElKSpLP/3sKkPCOm8LE+mjH0Jut+BFkvsVMHm5CU
+1uoUjtRwqPc9GWQhbP7aNO6OvMTi/wDixuNr1y4Sxt8ssKJXwApW27bMlglxg6zo
+uq9V/L96e5OjupiIa7ijUT/WYPyn4JIGwImkZF6IMQBj3YlV8AnshQUwdFsF1NLJ
+SxzklleuZrSbsdNI8xMHAe/XtDJnU8l/OvJzOFxHlRLyE5wA/5PPsZSN0N1zDqiX
+A8ScZQIDAQABo4IDeDCCA3QwHwYDVR0jBBgwFoAUmvMr2s+tT7YvuypISCoStxtC
+wSQwHQYDVR0OBBYEFNaycWFeuFE1hKeVCODgJ4n9BU3PMA4GA1UdDwEB/wQEAwIF
+oDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBQ
+BgNVHSAESTBHMDsGDCsGAQQBsjEBAgEDBDArMCkGCCsGAQUFBwIBFh1odHRwczov
+L3NlY3VyZS5jb21vZG8uY29tL0NQUzAIBgZngQwBAgIwWgYDVR0fBFMwUTBPoE2g
+S4ZJaHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPUlNBT3JnYW5pemF0aW9u
+VmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBiwYIKwYBBQUHAQEEfzB9MFUG
+CCsGAQUFBzAChklodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9SU0FPcmdh
+bml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQGCCsGAQUFBzAB
+hhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wOQYDVR0RBDIwMIIUYXV0aC5pdHNs
+ZWFybmluZy5jb22CGHd3dy5hdXRoLml0c2xlYXJuaW5nLmNvbTCCAXwGCisGAQQB
+1nkCBAIEggFsBIIBaAFmAHUA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo
+/csAAAFjaTlcbwAABAMARjBEAiBRV9veyNwZtaj3ZexTcKre6ym6JxlFqZRkGWFq
+e3/vfAIgGxI4b/Eti7nqIcZvITs5Wc8533Hr0neltIT2yoO8c6AAdgBep3P531bA
+57U2SH3QSeAyepGaDIShEhKEGHWWgXFFWAAAAWNpOVy1AAAEAwBHMEUCIQDorbHP
+ACo344R70Nsqj/yR3mFD9rMMFtHk/rh05NZeSgIgSL1WkhcxSGGS/xa/50O/MmCw
+4+pdNbDl3pS7JHljb4kAdQBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZ
+EwAAAWNpOVyrAAAEAwBGMEQCIF5BrhHAPwfg0OwGXoZtQXzyxnpbGUI3P1Ymw/x0
+3YTTAiBTljVCbwKXsQwIxfyXdtQd+bqbfjOrNdNvZuxeP53tUTANBgkqhkiG9w0B
+AQsFAAOCAQEAQnj3qAwRvND9Yax6CbVIafBLrM5fjHisBnFtwenCrUoqklmp5dQR
+fDAD1Xtwt/Wkq5r3bIib/5G1zn6k4c0dCVV9/n2L2/QmWgzpU+c2NtuzohWSw3wX
+wUcb5n/1paq94ghOBtKgGlzXPwjsCZMkeUTDFjKixcDMjH/FIVbYqVYCHcOWGKuH
+MyIHFtqoK7v6gY3RAZxSuuFZw7O4BZ9wibfGKY0VLxW3HE0a6Fz9EpG2fDKBvHKt
+Zit0Oo8ffXXp4SorTdYx5FYi465WzExrKcKOvfxgsCoCpLENi5R4RSDZfMNLe3lN
+BZ3nmbrlzGnKqIX5ScicLNLtdVyxUJXoAA==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.itslearning.com/elogin/SingleLogoutHandler.aspx"/>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService index="0" isDefault="true" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.itslearning.com/eLogin/AssertionConsumerService.aspx"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">itslearning</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">itslearning</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://itslearning.com</OrganizationURL>
+ </Organization>
+ <ContactPerson xml:lang="en" contactType="technical">
+ <EmailAddress>support@itslearning.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson xml:lang="en" contactType="support">
+ <EmailAddress>support@itslearning.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
diff --git a/swamid-2.0/www.mediafora.net-simplesaml-module.php-saml-sp-metadata.php-media-network-sp.xml b/swamid-2.0/www.mediafora.net-simplesaml-module.php-saml-sp-metadata.php-media-network-sp.xml
index 31b13c35..ef7edd32 100644
--- a/swamid-2.0/www.mediafora.net-simplesaml-module.php-saml-sp-metadata.php-media-network-sp.xml
+++ b/swamid-2.0/www.mediafora.net-simplesaml-module.php-saml-sp-metadata.php-media-network-sp.xml
@@ -48,6 +48,11 @@
<md:RequestedAttribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
</md:AttributeConsumingService>
</md:SPSSODescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">Danish e-Infrastructure Cooperation</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="en">Danish e-Infrastructure Cooperation (DeIC)</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">https://www.deic.dk</md:OrganizationURL>
+ </md:Organization>
<md:ContactPerson contactType="technical">
<md:GivenName>Administrator</md:GivenName>
<md:EmailAddress>mailto:netdrift@deic.dk</md:EmailAddress>
diff --git a/swamid-2.0/www.scalable-learning.com.xml b/swamid-2.0/www.scalable-learning.com.xml
index f84682bf..41be2b69 100644
--- a/swamid-2.0/www.scalable-learning.com.xml
+++ b/swamid-2.0/www.scalable-learning.com.xml
@@ -27,25 +27,25 @@
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
- MIIDjDCCAnQCCQDC601Yku4SKjANBgkqhkiG9w0BAQsFADCBhzELMAkGA1UEBhMC
- U0UxEjAQBgNVBAgMCVNUT0NLSE9MTTESMBAGA1UEBwwJU1RPQ0tIT0xNMRowGAYD
- VQQKDBFTQ0FMQUJMRSBMRUFSTklORzEQMA4GA1UECwwHc2NhbGVhcjEiMCAGA1UE
- AwwZd3d3LnNjYWxhYmxlLWxlYXJuaW5nLmNvbTAeFw0xNzA5MjcwODI0MjVaFw0x
- ODA5MjcwODI0MjVaMIGHMQswCQYDVQQGEwJTRTESMBAGA1UECAwJU1RPQ0tIT0xN
- MRIwEAYDVQQHDAlTVE9DS0hPTE0xGjAYBgNVBAoMEVNDQUxBQkxFIExFQVJOSU5H
- MRAwDgYDVQQLDAdzY2FsZWFyMSIwIAYDVQQDDBl3d3cuc2NhbGFibGUtbGVhcm5p
- bmcuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAut3wWgrigP2C
- L8zUlER/YfTtQCvExXxCBRLtP9pxHb4q3a+PkJvy+xUD4TZhtLu5rdMqXvSfrCCC
- K6FO+MoLmVu7BzANl2RW37FUtkc2oyDD79hVwyZkcb3VSbYe3v4E5wwyEr40EZuY
- VK8VvGXZWCj1jw3wWfqU8Y683luDvRq7B7dlRDkzV5NfuOhk0Ghq3WoqPX//1+TE
- hWrFXJw/t/KVIatePcOFUj2q8+fvAfVgJ/RS7NKCqbmcm7dYR38QptWXpK22FDEh
- 9QNFFXLahLK/g52rMdonlL646TgXfHcYdK3h9uHkh0d2cTaNFUisho/RQ706GwOV
- rrmfMjKXrQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQApgL+f6XwcQ13PWxKJemFK
- QqIZQbsADqK+KOlpOWFO8aNbvDd5WsFgvQEbKwbPeGIfp7Nb0/5gtabWBwOs0dA3
- 3llHJeGzWH5NMr0R/2+N8z2XY50Z8a5w38vSvgHwFgJh1HEsFhx5zFOsHjSYI3PD
- +vyDMuhCPe1UhoTeffBmmH97Oe1DBVlzDwTD9ZdcAaiGB9XbaLP6gDFuBjU/GBd3
- Ngbl+ZAuTcGpNzUYfuNC9MXHcn3/SKyl5NnL4wEe1j9sL0JnDYwvSTlnovqOVHY4
- nCMfHlNippwYPVOHUqOxAnKoInWIxsKiyQkFsjG/sbIwCc7rTwpdn9jtTAnvZkPn
+MIIDjDCCAnQCCQCh7bSsfobdQTANBgkqhkiG9w0BAQsFADCBhzELMAkGA1UEBhMC
+U0UxEjAQBgNVBAgMCVNUT0NLSE9MTTESMBAGA1UEBwwJU1RPQ0tIT0xNMRowGAYD
+VQQKDBFTQ0FMQUJMRSBMRUFSTklORzEQMA4GA1UECwwHc2NhbGVhcjEiMCAGA1UE
+AwwZd3d3LnNjYWxhYmxlLWxlYXJuaW5nLmNvbTAeFw0xODA2MjAwOTM4NTRaFw0y
+ODA2MTcwOTM4NTRaMIGHMQswCQYDVQQGEwJTRTESMBAGA1UECAwJU1RPQ0tIT0xN
+MRIwEAYDVQQHDAlTVE9DS0hPTE0xGjAYBgNVBAoMEVNDQUxBQkxFIExFQVJOSU5H
+MRAwDgYDVQQLDAdzY2FsZWFyMSIwIAYDVQQDDBl3d3cuc2NhbGFibGUtbGVhcm5p
+bmcuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAut3wWgrigP2C
+L8zUlER/YfTtQCvExXxCBRLtP9pxHb4q3a+PkJvy+xUD4TZhtLu5rdMqXvSfrCCC
+K6FO+MoLmVu7BzANl2RW37FUtkc2oyDD79hVwyZkcb3VSbYe3v4E5wwyEr40EZuY
+VK8VvGXZWCj1jw3wWfqU8Y683luDvRq7B7dlRDkzV5NfuOhk0Ghq3WoqPX//1+TE
+hWrFXJw/t/KVIatePcOFUj2q8+fvAfVgJ/RS7NKCqbmcm7dYR38QptWXpK22FDEh
+9QNFFXLahLK/g52rMdonlL646TgXfHcYdK3h9uHkh0d2cTaNFUisho/RQ706GwOV
+rrmfMjKXrQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQC2ZNlfR4tmpPP+IKSy+vyw
+KHJPktZ2K7MeOyNTTqALvehn6ocwAXYqZC3WzF8XRfylBDw0B8p+0X5n0zHur4SW
+k2wQZYqucXlSI4ieM09zjbMZ6L9KCmWKRgRSXrFKZBBIu2mKJOmNczjnMJA6Sv+H
+MPc3VCi4C5rN7EetQsGuorktolOdQFZRbL0loG2Z8/CAbW05/bZOLJ9BBoaw1iZn
+9o6ziZGDvSVeC5Fb//N8RvyNUtBJ503MoM2uHJnLUZSpc0tHqr30AXAuC7TYDqWU
+0tJT075eMQgPc8Mbxt8zlCui3nWZdWQ+3ynJsGuNl8yy1GX1xxN6bXdyOPHCpEY9
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
diff --git a/swamid-idp-2.0.mxml b/swamid-idp-2.0.mxml
index ccc9add9..0c1d77d8 100644
--- a/swamid-idp-2.0.mxml
+++ b/swamid-idp-2.0.mxml
@@ -7,9 +7,9 @@
<!-- Opt-out from eduGAIN IDP:s -->
<xi:include href="swamid-2.0/shibboleth.uhr.se-idp-shibboleth.xml"/>
<xi:include href="swamid-2.0/idp.qa.lnu.se-idp-shibboleth.xml"/>
- <xi:include href="swamid-2.0/adfs01.fhs.se-adfs-services-trust.xml"/>
<xi:include href="swamid-2.0/idp.antagning.se-aws-idp.xml"/>
<xi:include href="swamid-2.0/adfs2.gu.se-adfs-services-trust.xml"/>
<xi:include href="swamid-2.0/weblogin.smhi.se-idp-shibboleth.xml"/>
<xi:include href="swamid-2.0/idp.umu.se-saml2-idp-metadata.php.xml"/>
+ <xi:include href="swamid-2.0/siths-idp.sunet.se-saml2-idp-metadata.php.xml"/>
</md:EntitiesDescriptor>
diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml
index 68ca4f80..cce14ad2 100644
--- a/swamid-sp-2.0.mxml
+++ b/swamid-sp-2.0.mxml
@@ -626,7 +626,6 @@
<xi:include href="swamid-2.0/pingpong.hj.se-Shibboleth.sso-Metadata.xml"/>
<xi:include href="swamid-2.0/redcap.ki.se-shibboleth.xml"/>
<xi:include href="swamid-2.0/redcap.tst.ki.se-shibboleth.xml"/>
- <xi:include href="swamid-2.0/itslearning.com.xml"/>
<xi:include href="swamid-2.0/test.itslearning.com.xml"/>
<xi:include href="swamid-2.0/test-rkh.pingpong.net-Shibboleth.sso-Metadata.xml"/>
<xi:include href="swamid-2.0/diskus-demo.ub.uu.se-saml-metadata.xml"/>
@@ -659,7 +658,6 @@
<xi:include href="swamid-2.0/administrationsverktyg.umu.se-shibboleth.xml"/>
<xi:include href="swamid-2.0/administrationsverktyg.test.umu.se-shibboleth.xml"/>
<xi:include href="swamid-2.0/nfg.su.se-shibboleth.sso.xml"/>
- <xi:include href="swamid-2.0/test-lubcat.lub.lu.se-shibboleth.xml"/>
<xi:include href="swamid-2.0/studium.uu.se-studium.xml"/>
<xi:include href="swamid-2.0/valda.uhr.se-shibboleth.xml"/>
<xi:include href="swamid-2.0/sunet.my.salesforce.com.xml"/>
@@ -708,4 +706,20 @@
<xi:include href="swamid-2.0/luplay.education.lu.se-shibboleth.xml"/>
<xi:include href="swamid-2.0/play.kth.se-external-kaltura.nordu.net.xml"/>
<xi:include href="swamid-2.0/hvplay.hv.se.xml"/>
+ <xi:include href="swamid-2.0/swamid-2.grandid.com-module.php-saml-sp-metadata.php-gu-swamid-draftit.xml"/>
+ <xi:include href="swamid-2.0/play.mau.se.xml"/>
+ <xi:include href="swamid-2.0/kauplay.kau.se.xml"/>
+ <xi:include href="swamid-2.0/play.ju.se.xml"/>
+ <xi:include href="swamid-2.0/indico.test.uu.se-shibboleth.xml"/>
+ <xi:include href="swamid-2.0/ra.se-leg.se-shibboleth.xml"/>
+ <xi:include href="swamid-2.0/hkrplay.hkr.se.xml"/>
+ <xi:include href="swamid-2.0/app.sh.se.xml"/>
+ <xi:include href="swamid-2.0/lubcat.lub.lu.se-shibboleth.xml"/>
+ <xi:include href="swamid-2.0/play.shh.se.xml"/>
+ <xi:include href="swamid-2.0/www.itslearning.com-integrations-samlmetadata-saml2v2-extensions-1.xml"/>
+ <xi:include href="swamid-2.0/337-mediaspace.kaltura.nordu.net.xml"/>
+ <xi:include href="swamid-2.0/medlem.lintek.liu.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml"/>
+ <xi:include href="swamid-2.0/medlem.stuff.liu.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml"/>
+ <xi:include href="swamid-2.0/medlem.consensus.liu.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml"/>
+ <xi:include href="swamid-2.0/medlem.gotastudentkar.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml"/>
</md:EntitiesDescriptor>
diff --git a/swamid-testing-idp-1.0.mxml b/swamid-testing-idp-1.0.mxml
index e6873af5..a950b1c7 100644
--- a/swamid-testing-idp-1.0.mxml
+++ b/swamid-testing-idp-1.0.mxml
@@ -18,15 +18,12 @@
<xi:include href="swamid-2.0/idp-test.nordu.net-simplesaml-saml2-idp-metadata.php.xml"/>
<xi:include href="swamid-2.0/idp2-test.slu.se-idp-shibboleth.xml"/>
<xi:include href="swamid-2.0/idp2.test.umu.se-saml2-idp-metadata.php.xml"/>
- <xi:include href="swamid-2.0/idp-fre-1.eduid.se-idp.xml"/>
<xi:include href="swamid-2.0/selfservice.test.hb.se-shibboleth.xml"/>
<xi:include href="swamid-2.0/ladok3.its.umu.se-user-idp.xml"/>
<xi:include href="swamid-2.0/idp.esh.se-idp-shibboleth.xml"/>
<xi:include href="swamid-2.0/kitstidp01.tst.ki.se-idp-shibboleth.xml"/>
<xi:include href="swamid-2.0/swamid2.shh.se-idp-shibboleth.xml"/>
<xi:include href="swamid-2.0/shibboleth.umu.se-test.xml"/>
- <xi:include href="swamid-2.0/pilot.idp.eduid.se-idp.xml"/>
- <xi:include href="swamid-2.0/pilot.idp.eduid.se-idp.xml"/>
<xi:include href="swamid-2.0/idp-test.suni.se-adfs-services-trust.xml"/>
<xi:include href="swamid-2.0/demo.weblogin.uu.se-idp-shibboleth.xml"/>
<xi:include href="swamid-2.0/idpsimplesaml.irf.se-simplesaml-saml2-idp-metadata.php.xml"/>
@@ -55,7 +52,10 @@
<xi:include href="swamid-2.0/idp.hv.se-idp-shibboleth.xml"/>
<xi:include href="swamid-2.0/fs.test.ad.liu.se-adfs-services-trust.xml"/>
<xi:include href="swamid-2.0/adfs.tad.hv.se-adfs-services-trust.xml"/>
- <xi:include href="swamid-2.0/siths-idp.sunet.se-saml2-idp-metadata.php.xml"/>
<xi:include href="swamid-2.0/login1.fhs.se-adfs-services-trust.xml"/>
<xi:include href="swamid-2.0/idp.dev.eduid.se-idp.xml.xml"/>
+ <xi:include href="swamid-2.0/testidpv3.lu.se-idp-shibboleth.xml"/>
+ <xi:include href="swamid-2.0/idp-test.it.su.se.xml"/>
+ <xi:include href="swamid-2.0/adfs.test.umu.se-adfs-services-trust.xml"/>
+ <xi:include href="swamid-2.0/tsidp1.test.bth.se-idp-shibboleth.xml"/>
</EntitiesDescriptor>
diff --git a/swamid-testing-sp-1.0.mxml b/swamid-testing-sp-1.0.mxml
index 0ddef7fe..d3a9091c 100644
--- a/swamid-testing-sp-1.0.mxml
+++ b/swamid-testing-sp-1.0.mxml
@@ -46,5 +46,4 @@
<xi:include href="swamid-2.0/sp.haikom.com-saml-kph-test.xml"/>
<xi:include href="swamid-2.0/s2s.ifmsa.se-saml2-proxy_saml2_backend.xml"/>
<xi:include href="swamid-2.0/uppsala-test.blackboard.com-lms.xml"/>
- <xi:include href="swamid-2.0/ra.se-leg.se-shibboleth.xml"/>
</EntitiesDescriptor>