Merge branch 'master' of md-master.swamid.se:swamid-metadata

author: Leif Johansson <leifj@sunet.se> 2016-02-16 14:09:06 +0100
committer: Leif Johansson <leifj@sunet.se> 2016-02-16 14:09:06 +0100
commit: 60c5d42910991b2bac91a1768de0a96d34bcb3d1 (patch)
tree: 3977164e46a581c8926087ab9b5422a4216028c0
parent: 4b45d25af2ddd80e209eaf2f130469135aff8d8e (diff)
parent: 0e02e38ae4dc9e44b0b32cf1082f1f5211d57047 (diff)
3 files changed, 140 insertions, 2 deletions
diff --git a/swamid-2.0/luvit.education.lu.se-shibboleth.xml b/swamid-2.0/luvit.education.lu.se-shibboleth.xml
new file mode 100644
index 00000000..36cb1904
--- /dev/null
+++ b/swamid-2.0/luvit.education.lu.se-shibboleth.xml
@@ -0,0 +1,92 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://luvit.education.lu.se/shibboleth">
+  <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+    <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+      <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+        <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
+        <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+        <samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue>
+      </samla:Attribute>
+    </mdattr:EntityAttributes>
+  </md:Extensions>
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+    <md:Extensions>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="http://luvit.education.lu.se/Shibboleth.sso/Login-lu"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="http://luvit.education.lu.se/Shibboleth.sso/Login-swamid" index="1"/>
+      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+        <mdui:DisplayName xml:lang="sv">Lunds universitet LUVIT</mdui:DisplayName>
+        <mdui:DisplayName xml:lang="en">Lund University LUVIT</mdui:DisplayName>
+        <mdui:Description xml:lang="sv">Miljön är utformad för såväl kursdeltagare som utbildare och administratörer för att kunna skapa, hantera, få tillgång till, administrera och deltaga i nätbaserade kurser eller nätbaserade aktiviteter i blandade kurser.</mdui:Description>
+        <mdui:Description xml:lang="en">The environment is created for course participants as well as for educators and administrators in order to create, manage, overview, obtain, administrate and participate in online courses or in online course activities in mixed courses.</mdui:Description>
+      </mdui:UIInfo>
+    </md:Extensions>
+    <md:KeyDescriptor>
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:KeyName>uwap122.uw.lu.se</ds:KeyName>
+        <ds:X509Data>
+          <ds:X509SubjectName>CN=uwap122.uw.lu.se</ds:X509SubjectName>
+          <ds:X509Certificate>MIIC9zCCAd+gAwIBAgIJALDUiCW01jNBMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV
+BAMTEHV3YXAxMjIudXcubHUuc2UwHhcNMTUwNjEyMDU1ODQ5WhcNMjUwNjA5MDU1
+ODQ5WjAbMRkwFwYDVQQDExB1d2FwMTIyLnV3Lmx1LnNlMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAyIAAztvo5p1DLnAblJ7n2PVyA+zPuriChIeyguRF
+zHXXqWET0CrWeAmIHVS22WYT7cbVlnS0Y+82NOf0tJOaFO5EmTseozQzGHL5Dc4F
+dHFO92oo2YOLimXuuuTS8gCaTcbsFrKoLBcQHXCu8lHyMWE/zoRZJkqxRJCg0Mmu
+55jUaxUG5FSdw0kS5Td1GRALUEBzzvsS+LlLJEM7gK3cHs23qwng7mqiK2d/oSAR
+xzwHeaQqGFEBCKl3S4PHGweV8BdJVOeJzKSC7L7ND3BGWUqXq1j2XA2otRU2MZIc
+iHG0++I4ERw621OfYHduEqK7x9IcQVQWreCNEsTN3qkhFQIDAQABoz4wPDAbBgNV
+HREEFDASghB1d2FwMTIyLnV3Lmx1LnNlMB0GA1UdDgQWBBTuH02zf7l0oxRIzwqK
+RRDjwhC2ojANBgkqhkiG9w0BAQUFAAOCAQEAgiBlVk4LQDwbQ5skBi3tKk7FXK96
+yLiDgA4gR9XqD0Hq/l29Qzhya5mv3FBC9sgtV3ZJC9oH8H/jm4UuURg6iqKL7vmr
+wEGqG95E9xL2p6Jkcpi0CdjyUvkPcULlAKu/IRfRs/E1j/KtzacYEeQ3cDYD1d9F
+XvFIh3QzDURHqWL+ELZXMDSJYfjQe+7jP2w+Vu/TbF39otuREtJmYwcLOBxRvJYk
+6x3/BMwjSRXpDBttsVAClDS+Wm0A5jr5eCg7OoWNzdze74zGQpP4U7tWKZHT5bA4
+OTMXxdAawBca6aO1CpUMAwipgLVKJyNkmxV7+aPSdkp/U466LROEWhraZg==
+</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </md:KeyDescriptor>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://luvit.education.lu.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://luvit.education.lu.se/Shibboleth.sso/SLO/SOAP"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://luvit.education.lu.se/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://luvit.education.lu.se/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://luvit.education.lu.se/Shibboleth.sso/SLO/Artifact"/>
+    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://luvit.education.lu.se/Shibboleth.sso/NIM/SOAP"/>
+    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://luvit.education.lu.se/Shibboleth.sso/NIM/Redirect"/>
+    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://luvit.education.lu.se/Shibboleth.sso/NIM/POST"/>
+    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://luvit.education.lu.se/Shibboleth.sso/NIM/Artifact"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://luvit.education.lu.se/Shibboleth.sso/SAML2/POST" index="1"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://luvit.education.lu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="http://luvit.education.lu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://luvit.education.lu.se/Shibboleth.sso/SAML/POST" index="5"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://luvit.education.lu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+  </md:SPSSODescriptor>
+  <md:ContactPerson contactType="technical">
+    <md:GivenName>Sidika Basic</md:GivenName>
+    <md:EmailAddress>sidika.basic@ced.lu.se</md:EmailAddress>
+  </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/rkh.adfs-proxy-test.swamid.se-saml2idp-proxy.xml b/swamid-2.0/rkh.adfs-proxy-test.swamid.se-saml2idp-proxy.xml
index fbdc407e..1022aeef 100644
--- a/swamid-2.0/rkh.adfs-proxy-test.swamid.se-saml2idp-proxy.xml
+++ b/swamid-2.0/rkh.adfs-proxy-test.swamid.se-saml2idp-proxy.xml
@@ -1,4 +1,28 @@
-<ns0:EntityDescriptor xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ns1="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" entityID="https://rkh.adfs-proxy-test.swamid.se/Saml2IDP/proxy.xml"><ns0:Extensions><ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5" /><ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160" /><ns1:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /><ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224" /><ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" /><ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384" /><ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512" /><ns1:SigningMethod Algorithm="http,//www.w3.org/2000/09/xmldsig#dsa-sha1" /><ns1:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-md5" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160" /><ns1:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha224" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" /></ns0:Extensions><ns0:IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><ns0:KeyDescriptor use="signing"><ns2:KeyInfo><ns2:X509Data><ns2:X509Certificate>MIIEBjCCAu6gAwIBAgIJANwxpCjfD5fLMA0GCSqGSIb3DQEBBQUAMF8xCzAJBgNV
+<?xml version="1.0" encoding="UTF-8"?>
+<ns0:EntityDescriptor xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ns1="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" entityID="https://rkh.adfs-proxy-test.swamid.se/Saml2IDP/proxy.xml">
+  <ns0:Extensions>
+    <ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5"/>
+    <ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160"/>
+    <ns1:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <ns1:SigningMethod Algorithm="http,//www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+    <ns1:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-md5"/>
+    <ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160"/>
+    <ns1:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha224"/>
+    <ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+  </ns0:Extensions>
+  <ns0:IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <ns0:KeyDescriptor use="signing">
+      <ns2:KeyInfo>
+        <ns2:X509Data>
+          <ns2:X509Certificate>MIIEBjCCAu6gAwIBAgIJANwxpCjfD5fLMA0GCSqGSIb3DQEBBQUAMF8xCzAJBgNV
 BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
 aWRnaXRzIFB0eSBMdGQxGDAWBgNVBAMTD2xva2kuaXRzLnVtdS5zZTAeFw0xNTEy
 MTAxNDMzNTlaFw0yNTEyMDcxNDMzNTlaMF8xCzAJBgNVBAYTAkFVMRMwEQYDVQQI
@@ -20,4 +44,25 @@ XBJGBi+cuG4ggRZSvcmJLwJ1EpwWXNVekiIEQbW+mlwARLbM5N7btQRA3DWofbIx
 JLn4HckD/n5dq5ueniyDqDgc2o1V2/G/zpEg90lIN7gsSOOqsbttMZFvGq3m+t3E
 KxjpGx+7PhkGMf9zCVrXXztaqDyZjeNa/rpADj+kU6KudZ9eESvdppCBR0EiROm0
 8xZOMdYU6Sc6SJVa/W48bqJsv95pCZM6joU=
-</ns2:X509Certificate></ns2:X509Data></ns2:KeyInfo></ns0:KeyDescriptor><ns0:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</ns0:NameIDFormat><ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs-proxy-test.swamid.se:10000/Saml2/sso/post" /><ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs-proxy-test.swamid.se:10000/Saml2/sso/redirect" /></ns0:IDPSSODescriptor><ns0:Organization><ns0:OrganizationName xml:lang="en">RKH ADFS Test (IdP)</ns0:OrganizationName><ns0:OrganizationDisplayName xml:lang="en">RKH ADFS Test</ns0:OrganizationDisplayName><ns0:OrganizationURL xml:lang="en">https://example.com</ns0:OrganizationURL></ns0:Organization><ns0:ContactPerson contactType="technical"><ns0:GivenName>Technical</ns0:GivenName><ns0:EmailAddress>technical@example.com</ns0:EmailAddress></ns0:ContactPerson><ns0:ContactPerson contactType="support"><ns0:GivenName>Support</ns0:GivenName><ns0:EmailAddress>support@example.com</ns0:EmailAddress></ns0:ContactPerson></ns0:EntityDescriptor>
+</ns2:X509Certificate>
+        </ns2:X509Data>
+      </ns2:KeyInfo>
+    </ns0:KeyDescriptor>
+    <ns0:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</ns0:NameIDFormat>
+    <ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs-proxy-test.swamid.se:10000/Saml2/sso/post"/>
+    <ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs-proxy-test.swamid.se:10000/Saml2/sso/redirect"/>
+  </ns0:IDPSSODescriptor>
+  <ns0:Organization>
+    <ns0:OrganizationName xml:lang="en">RKH ADFS Test (IdP)</ns0:OrganizationName>
+    <ns0:OrganizationDisplayName xml:lang="en">RKH ADFS Test</ns0:OrganizationDisplayName>
+    <ns0:OrganizationURL xml:lang="en">https://example.com</ns0:OrganizationURL>
+  </ns0:Organization>
+  <ns0:ContactPerson contactType="technical">
+    <ns0:GivenName>Technical</ns0:GivenName>
+    <ns0:EmailAddress>technical@example.com</ns0:EmailAddress>
+  </ns0:ContactPerson>
+  <ns0:ContactPerson contactType="support">
+    <ns0:GivenName>Support</ns0:GivenName>
+    <ns0:EmailAddress>support@example.com</ns0:EmailAddress>
+  </ns0:ContactPerson>
+</ns0:EntityDescriptor>
diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml
index cefeecea..7b3b57f9 100644
--- a/swamid-sp-2.0.mxml
+++ b/swamid-sp-2.0.mxml
@@ -491,4 +491,5 @@
   <xi:include href="swamid-2.0/keystone.lab.cloud.ipnett.net-shibboleth.xml"/>
   <xi:include href="swamid-2.0/rkh.adfs-proxy-test.swamid.se-saml2idp-proxy.xml"/>
   <xi:include href="swamid-2.0/ni.sunet.se-saml2-metadata.xml"/>
+  <xi:include href="swamid-2.0/luvit.education.lu.se-shibboleth.xml"/>
 </md:EntitiesDescriptor>
author	Leif Johansson <leifj@sunet.se>	2016-02-16 14:09:06 +0100
committer	Leif Johansson <leifj@sunet.se>	2016-02-16 14:09:06 +0100
commit	60c5d42910991b2bac91a1768de0a96d34bcb3d1 (patch)
tree	3977164e46a581c8926087ab9b5422a4216028c0
parent	4b45d25af2ddd80e209eaf2f130469135aff8d8e (diff)
parent	0e02e38ae4dc9e44b0b32cf1082f1f5211d57047 (diff)