summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAnders Lördal <anders.lordal@hig.se>2014-07-03 12:49:18 +0200
committerAnders Lördal <anders.lordal@hig.se>2014-07-03 12:49:18 +0200
commit01be3cb246ee215c2c40b3f9359a1d2cbef35df6 (patch)
treeaae533b23cebb01e854d73cad4f7566acbd8a7b3
parent06108e3b23d676e5d81b319d7e187676dca953ef (diff)
Resolves SWAMIDOPS-7282
-rw-r--r--sp-with-simplesign1
-rw-r--r--swamid-2.0/bardo.kib.ki.se-shibboleth.xml112
2 files changed, 50 insertions, 63 deletions
diff --git a/sp-with-simplesign b/sp-with-simplesign
index 2bd6f6f3..56245fa4 100644
--- a/sp-with-simplesign
+++ b/sp-with-simplesign
@@ -16,7 +16,6 @@ aktivera.su.se-shibboleth.sso.xml
aktivering.db.umu.se-shibboleth.xml
alpha.kib.ki.se-shibboleth.xml
amiga.kib.ki.se-shibboleth.xml
-bardo.kib.ki.se-shibboleth.xml
bedomningshandboken.uhr.se-shibboleth.xml
beta.kib.ki.se-shibboleth.xml
beta.lobber.se-shibboleth.xml
diff --git a/swamid-2.0/bardo.kib.ki.se-shibboleth.xml b/swamid-2.0/bardo.kib.ki.se-shibboleth.xml
index 9c0cab75..f05685cb 100644
--- a/swamid-2.0/bardo.kib.ki.se-shibboleth.xml
+++ b/swamid-2.0/bardo.kib.ki.se-shibboleth.xml
@@ -1,6 +1,22 @@
<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://bardo.kib.ki.se/shibboleth">
- <md:Extensions>
+ <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+ <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+ <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+ <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+ <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+ <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
<mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
<samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
<samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
@@ -10,71 +26,44 @@
</mdattr:EntityAttributes>
</md:Extensions>
<md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
- <md:KeyDescriptor use="signing">
+ <md:Extensions>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://bardo.kib.ki.se/Shibboleth.sso/Login/KI"/>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://bardo.kib.ki.se/Shibboleth.sso/Login/idptest.sll.se"/>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://bardo.kib.ki.se/Shibboleth.sso/Login/idp.sll.se"/>
+ </md:Extensions>
+ <md:KeyDescriptor>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>bardo.kib.ki.se</ds:KeyName>
<ds:X509Data>
- <ds:X509SubjectName>emailAddress=ubitdos@kib.ki.se,OU=UNIVERSITY LIBRARY,O=Karolinska Institutet,L=Solna,ST=Some-State,C=SE</ds:X509SubjectName>
- <ds:X509Certificate>MIIEoTCCA4mgAwIBAgIJAPgJfZPJ50S3MA0GCSqGSIb3DQEBBQUAMIGRMQswCQYD
-VQQGEwJTRTETMBEGA1UECBMKU29tZS1TdGF0ZTEOMAwGA1UEBxMFU29sbmExHjAc
-BgNVBAoTFUthcm9saW5za2EgSW5zdGl0dXRldDEbMBkGA1UECxMSVU5JVkVSU0lU
-WSBMSUJSQVJZMSAwHgYJKoZIhvcNAQkBFhF1Yml0ZG9zQGtpYi5raS5zZTAeFw0x
-MDA0MjYxNTA3NDlaFw0yMDA0MjMxNTA3NDlaMIGRMQswCQYDVQQGEwJTRTETMBEG
-A1UECBMKU29tZS1TdGF0ZTEOMAwGA1UEBxMFU29sbmExHjAcBgNVBAoTFUthcm9s
-aW5za2EgSW5zdGl0dXRldDEbMBkGA1UECxMSVU5JVkVSU0lUWSBMSUJSQVJZMSAw
-HgYJKoZIhvcNAQkBFhF1Yml0ZG9zQGtpYi5raS5zZTCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAMguawtCfXJd8QvEcaJJRObZfUu9b6rNSzbD/oeC9F3C
-Xi8HL8CpxJrgVrGAf0e/Lo6+rsAkxDedhy9bDVQz/YRdNGeH1/iLMBkI2e/EHua8
-BPm+PQlgl+IpJxU7UJu8+w15ZWoMfsV/WIIdSEng5du3GzgNVsBcaiHEhaQEwkUR
-llXwU5qdcM0QPIwBG2gCARZbn71SEWc/RF5U4D7NLG5LmDViulyy7keN7cK1i3Zr
-o/ELQIPxg7TFqrd7FYkyuVCbZXnDYwC5lQryBkX6kgdqVMCWPEq+uP2RrKjG2HWf
-WOJLW6iP6WtDk0zNUawYVqtL2mAKJposchRXd0/Q0eUCAwEAAaOB+TCB9jAdBgNV
-HQ4EFgQUVlUIXb0klUOqoxNqV3UegOlhaF0wgcYGA1UdIwSBvjCBu4AUVlUIXb0k
-lUOqoxNqV3UegOlhaF2hgZekgZQwgZExCzAJBgNVBAYTAlNFMRMwEQYDVQQIEwpT
-b21lLVN0YXRlMQ4wDAYDVQQHEwVTb2xuYTEeMBwGA1UEChMVS2Fyb2xpbnNrYSBJ
-bnN0aXR1dGV0MRswGQYDVQQLExJVTklWRVJTSVRZIExJQlJBUlkxIDAeBgkqhkiG
-9w0BCQEWEXViaXRkb3NAa2liLmtpLnNlggkA+Al9k8nnRLcwDAYDVR0TBAUwAwEB
-/zANBgkqhkiG9w0BAQUFAAOCAQEASuzSo7iQmc/qRRUH/za/LCeeH1G6EAva6ces
-RVAYdCGdkQ/pqFugqWc6Qdq7mm/s+tBCMMOe3ccCF7o7XVRFdceZ9RCOpvHFvHz3
-tItH5Zg0P8c2y7t6mClGeCxWCJN+LTzJkvp98tLslcJTmovQP5yXk2/jv93BsFb2
-iIHG49rm09C2YWRUcZIB/XS51QbfVMKf/mj5IugY0GzkA4Xnyvci9QtDtIHVgR1H
-F7OS9qmtSRPsGKvvKYsjKq2BdMoSm1NNvklVEwuHKjVFkyjr3yt4ALR8uyASKUCj
-HVVQRnTpfX0jh7zIizoQL7IjwaYgz7X3qCu2b3JjZdz6gsuKNA==
-</ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- </md:KeyDescriptor>
- <md:KeyDescriptor use="encryption">
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:X509Data>
- <ds:X509SubjectName>emailAddress=ubitdos@kib.ki.se,OU=UNIVERSITY LIBRARY,O=Karolinska Institutet,L=Solna,ST=Some-State,C=SE</ds:X509SubjectName>
- <ds:X509Certificate>MIIEoTCCA4mgAwIBAgIJAPgJfZPJ50S3MA0GCSqGSIb3DQEBBQUAMIGRMQswCQYD
-VQQGEwJTRTETMBEGA1UECBMKU29tZS1TdGF0ZTEOMAwGA1UEBxMFU29sbmExHjAc
-BgNVBAoTFUthcm9saW5za2EgSW5zdGl0dXRldDEbMBkGA1UECxMSVU5JVkVSU0lU
-WSBMSUJSQVJZMSAwHgYJKoZIhvcNAQkBFhF1Yml0ZG9zQGtpYi5raS5zZTAeFw0x
-MDA0MjYxNTA3NDlaFw0yMDA0MjMxNTA3NDlaMIGRMQswCQYDVQQGEwJTRTETMBEG
-A1UECBMKU29tZS1TdGF0ZTEOMAwGA1UEBxMFU29sbmExHjAcBgNVBAoTFUthcm9s
-aW5za2EgSW5zdGl0dXRldDEbMBkGA1UECxMSVU5JVkVSU0lUWSBMSUJSQVJZMSAw
-HgYJKoZIhvcNAQkBFhF1Yml0ZG9zQGtpYi5raS5zZTCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAMguawtCfXJd8QvEcaJJRObZfUu9b6rNSzbD/oeC9F3C
-Xi8HL8CpxJrgVrGAf0e/Lo6+rsAkxDedhy9bDVQz/YRdNGeH1/iLMBkI2e/EHua8
-BPm+PQlgl+IpJxU7UJu8+w15ZWoMfsV/WIIdSEng5du3GzgNVsBcaiHEhaQEwkUR
-llXwU5qdcM0QPIwBG2gCARZbn71SEWc/RF5U4D7NLG5LmDViulyy7keN7cK1i3Zr
-o/ELQIPxg7TFqrd7FYkyuVCbZXnDYwC5lQryBkX6kgdqVMCWPEq+uP2RrKjG2HWf
-WOJLW6iP6WtDk0zNUawYVqtL2mAKJposchRXd0/Q0eUCAwEAAaOB+TCB9jAdBgNV
-HQ4EFgQUVlUIXb0klUOqoxNqV3UegOlhaF0wgcYGA1UdIwSBvjCBu4AUVlUIXb0k
-lUOqoxNqV3UegOlhaF2hgZekgZQwgZExCzAJBgNVBAYTAlNFMRMwEQYDVQQIEwpT
-b21lLVN0YXRlMQ4wDAYDVQQHEwVTb2xuYTEeMBwGA1UEChMVS2Fyb2xpbnNrYSBJ
-bnN0aXR1dGV0MRswGQYDVQQLExJVTklWRVJTSVRZIExJQlJBUlkxIDAeBgkqhkiG
-9w0BCQEWEXViaXRkb3NAa2liLmtpLnNlggkA+Al9k8nnRLcwDAYDVR0TBAUwAwEB
-/zANBgkqhkiG9w0BAQUFAAOCAQEASuzSo7iQmc/qRRUH/za/LCeeH1G6EAva6ces
-RVAYdCGdkQ/pqFugqWc6Qdq7mm/s+tBCMMOe3ccCF7o7XVRFdceZ9RCOpvHFvHz3
-tItH5Zg0P8c2y7t6mClGeCxWCJN+LTzJkvp98tLslcJTmovQP5yXk2/jv93BsFb2
-iIHG49rm09C2YWRUcZIB/XS51QbfVMKf/mj5IugY0GzkA4Xnyvci9QtDtIHVgR1H
-F7OS9qmtSRPsGKvvKYsjKq2BdMoSm1NNvklVEwuHKjVFkyjr3yt4ALR8uyASKUCj
-HVVQRnTpfX0jh7zIizoQL7IjwaYgz7X3qCu2b3JjZdz6gsuKNA==
+ <ds:X509SubjectName>CN=bardo.kib.ki.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC9DCCAdygAwIBAgIJAPZjQFtVqz2PMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
+BAMTD2JhcmRvLmtpYi5raS5zZTAeFw0xNDA3MDIxMjIyNThaFw0xOTA3MDExMjIy
+NThaMBoxGDAWBgNVBAMTD2JhcmRvLmtpYi5raS5zZTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAM/QFyHedNiaN6nhhdZ2uJ1kl3p31uy1b78Iy9skeCj7
+S4uD/yOH1qVd2xu7yg97UMRflgDVuhcdOC4klMaprKW+i3Z2JLZ/dR7FXkZyy5VZ
+J+2gFkgAtHzySA/O4/3uEVt3/43uBZUI3RUN4AgBtaFRkMki+7XUDOjKk1tiOHK7
+DMmkVeOB1NBnbLYYZoulbiF272DJlobOxg67pfw5VqIbQhjYlb7/klJhQioDCjon
+4vX5EsQEr+rW/3AXX2ECiJiJmudb0OFSxmhzUVXgoBcotjx/MrDFE//zP3O4ybPq
+ktn03Gt4s2lcgc78CCdXv4l5veiQQvmxmfmcYZhh8LUCAwEAAaM9MDswGgYDVR0R
+BBMwEYIPYmFyZG8ua2liLmtpLnNlMB0GA1UdDgQWBBTJvUGISs+SEdoa1jYpDfwt
+DBy4MjANBgkqhkiG9w0BAQUFAAOCAQEAJaDEAMprCXy6EEoM1nB+xQbFIcyUpxax
+60BnKFwmlLvbWqubyisgOmW/ZFmOi2LY8iGB2pcXzAyLp8nPu1HCp05U1TfOfGNz
+Tw9JDWmj+yHnh4TuSQuC5xs3da3Vdqb4o9GdDdNbHU/bxgrhyIQIM7JCovEgWXAo
+vJtVCWrL8e89gpMhTeTsyPBgEbTs9+2HjKfbu+dQlFlSbXMR0pYE6YTRKiMLjsVC
+lrsim9/AehfEEiDWFXGfGxYmQZdFQ/FGMiydBZsK6yBHqz0fbW9z0hJW5ZEBAlgq
+i+fNZbd6mId+n8+3g6+L2ogivB2ihvMvP1H7g1B48JzNFMpLbV3hQg==
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
</md:KeyDescriptor>
<md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://bardo.kib.ki.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://bardo.kib.ki.se/Shibboleth.sso/SLO/SOAP"/>
@@ -86,7 +75,6 @@ HVVQRnTpfX0jh7zIizoQL7IjwaYgz7X3qCu2b3JjZdz6gsuKNA==
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://bardo.kib.ki.se/Shibboleth.sso/NIM/POST"/>
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://bardo.kib.ki.se/Shibboleth.sso/NIM/Artifact"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://bardo.kib.ki.se/Shibboleth.sso/SAML2/POST" index="1"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://bardo.kib.ki.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://bardo.kib.ki.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://bardo.kib.ki.se/Shibboleth.sso/SAML2/ECP" index="4"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://bardo.kib.ki.se/Shibboleth.sso/SAML/POST" index="5"/>