summaryrefslogtreecommitdiff
path: root/swamid-2.0
diff options
context:
space:
mode:
authorLeif Johansson <leifj@sunet.se>2017-06-15 10:19:46 +0200
committerLeif Johansson <leifj@sunet.se>2017-06-15 10:19:46 +0200
commitf482ec076e0306978f8e3ee784050bc26fbe01ba (patch)
treead3bc405b1acc7678b2c28d4ad00138a24a9e0fe /swamid-2.0
parent05e99d078651208a4944fb1297fbe015c0ba60df (diff)
parent340ef5a189215f07afc8778295b4482b8ae46793 (diff)
Merge branch 'master' of md-master.swamid.se:swamid-metadata
Diffstat (limited to 'swamid-2.0')
-rw-r--r--swamid-2.0/acc-nais.uhr.se-shibboleth.xml5
-rw-r--r--swamid-2.0/adfs-gw.sunet.se-saml2idp-proxy.xml58
-rw-r--r--swamid-2.0/adfs.rkh.se-adfs-services-trust.xml8
-rw-r--r--swamid-2.0/captivelan-test.it.su.se-shibboleth.sso.xml57
-rw-r--r--swamid-2.0/crowd.ub.uu.se-crowd-plugins-servlet-ssocookie.xml71
-rw-r--r--swamid-2.0/dev.lararlyftet-validering.se-shibboleth.xml5
-rw-r--r--swamid-2.0/dev.nais.uhr.se-shibboleth.xml5
-rw-r--r--swamid-2.0/e5.onthehub.com.xml54
-rw-r--r--swamid-2.0/fs.liu.se-adfs-services-trust.xml8
-rw-r--r--swamid-2.0/fs.test.ad.liu.se-adfs-services-trust.xml773
-rw-r--r--swamid-2.0/hbidp.hb.se-idp-shibboleth.xml15
-rw-r--r--swamid-2.0/idp.hb.se-idp-shibboleth.xml8
-rw-r--r--swamid-2.0/idp.hv.se-idp-shibboleth.xml15
-rw-r--r--swamid-2.0/idp.lnu.se-idp-shibboleth.xml16
-rw-r--r--swamid-2.0/idp.mdh.se-idp-shibboleth.xml7
-rw-r--r--swamid-2.0/idp2.hv.se-idp-shibboleth.xml15
-rw-r--r--swamid-2.0/ilearn.dsv.su.se-shibboleth.xml77
-rw-r--r--swamid-2.0/indico.uu.se-shibboleth.xml12
-rw-r--r--swamid-2.0/juridicum.blackboard.com-auth-saml-saml-SSO.xml91
-rw-r--r--swamid-2.0/login.du.se-idp-shibboleth.xml1
-rw-r--r--swamid-2.0/login.it.liu.se-idp-shibboleth.xml4
-rw-r--r--swamid-2.0/luvit.ced.lu.se-shibboleth.xml91
-rw-r--r--swamid-2.0/luvit.education.lu.se-shibboleth.xml42
-rw-r--r--swamid-2.0/luvittest.ced.lu.se-shibboleth.xml91
-rw-r--r--swamid-2.0/medlem.disk.su.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml46
-rw-r--r--swamid-2.0/sp.snd.gu.se-module.php-saml-sp-metadata.php-default-sp.xml11
-rw-r--r--swamid-2.0/stipendier.uu.se-stipendium.xml51
-rw-r--r--swamid-2.0/sutest.dsv.su.se-shibboleth.xml75
-rw-r--r--swamid-2.0/tentaadmin.uhr.se-shibboleth.xml5
-rw-r--r--swamid-2.0/test-nais.i.uhr.se-shibboleth.xml5
-rw-r--r--swamid-2.0/test.account.hj.se-adfs-services-trust.xml243
-rw-r--r--swamid-2.0/test.lararlyftet-validering.se-shibboleth.xml5
-rw-r--r--swamid-2.0/uuc-web003-t.its.uu.se-shibboleth.xml7
-rw-r--r--swamid-2.0/weblogin.kau.se-idp-shibboleth.xml2
-rw-r--r--swamid-2.0/www.lararlyftet-validering.se-shibboleth.xml5
-rw-r--r--swamid-2.0/www.nais.uhr.se-shibboleth.xml5
-rw-r--r--swamid-2.0/www.tentaadmindev.uhr.se-shibboleth.xml5
37 files changed, 1276 insertions, 718 deletions
diff --git a/swamid-2.0/acc-nais.uhr.se-shibboleth.xml b/swamid-2.0/acc-nais.uhr.se-shibboleth.xml
index b8a3c011..6eac194d 100644
--- a/swamid-2.0/acc-nais.uhr.se-shibboleth.xml
+++ b/swamid-2.0/acc-nais.uhr.se-shibboleth.xml
@@ -87,4 +87,9 @@ BwquFopAQg==
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://acc-nais.uhr.se/Shibboleth.sso/SAML/POST" index="5"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://acc-nais.uhr.se/Shibboleth.sso/SAML/Artifact" index="6"/>
</md:SPSSODescriptor>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>Carina</md:GivenName>
+ <md:SurName>Lindström</md:SurName>
+ <md:EmailAddress>mailto:support@reqtest-services.com</md:EmailAddress>
+ </md:ContactPerson>
</md:EntityDescriptor>
diff --git a/swamid-2.0/adfs-gw.sunet.se-saml2idp-proxy.xml b/swamid-2.0/adfs-gw.sunet.se-saml2idp-proxy.xml
deleted file mode 100644
index 7ac00872..00000000
--- a/swamid-2.0/adfs-gw.sunet.se-saml2idp-proxy.xml
+++ /dev/null
@@ -1,58 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<ns0:EntityDescriptor xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ns1="http://www.w3.org/2000/09/xmldsig#" entityID="https://adfs-gw.sunet.se/Saml2IDP/proxy.xml">
- <ns0:IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
- <ns0:KeyDescriptor use="signing">
- <ns1:KeyInfo>
- <ns1:X509Data>
- <ns1:X509Certificate>MIIFkzCCA3ugAwIBAgIJAJUrDgyu7yXzMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNV
-BAYTAlNFMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
-aWRnaXRzIFB0eSBMdGQxGTAXBgNVBAMMEGFkZnMtZ3cuc3VuZXQuc2UwHhcNMTYw
-OTA3MDUwODIwWhcNMTcwOTA3MDUwODIwWjBgMQswCQYDVQQGEwJTRTETMBEGA1UE
-CAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRk
-MRkwFwYDVQQDDBBhZGZzLWd3LnN1bmV0LnNlMIICIjANBgkqhkiG9w0BAQEFAAOC
-Ag8AMIICCgKCAgEAwUO+Z4Jvr3CCmaZJTe0GDWk7jOqLsfQYT1VjhOv0b+zjnpCp
-JtQSTk5hM0TzGKUMXVDG16ORbRjTFaBDUWWo17tqu18SaFgvN6jPqn2fNo5Q7z1J
-Z7F+zRAIPypm1BIrJhJmcfDMq0yvMB9S+q5delMMbwKoz2JAriOP2F1yxkLoT7hQ
-4JeRVQUsf011UyWSVgwiOvs23NAtLY8kCeyIy8XXilboolkH0q8ub3hLFCreB3IL
-EccRWxb1JQJaG1lZ1xy+tlmgkjv+EYjO8FFUx/hqDXUDL6pJBKsDrptsxPKSa1Sw
-Vw0BkAky9dv4+mdleVwtWtf6jiAQexXVKh2TBOVXK1A+zRpIVNP/j63j2Up+uiCL
-4x0DXCriEBcpUD4l6otdIDWUjJRnQVjGtD5qZ6G3aTHg4SUMPL+dw40f99Y3kLN3
-keRjXqPKDRr6FrEppWawQ2PwDTRajT9qeOYMLQD6SHs7FNqlv+oiOQ1tEZYz2eZf
-I9ityETt5um/F/rabcdhweDa+g9F4G1Q4Lq8NPy6aYsT5nkrqiGmp6zidSbvJ2pY
-j68iYH55VgmC6Kol/Sb9CR9O6v5lwWc2Oy2TTKA5YLF5mR4iEWzzRpDVOEeHeUMg
-eFKksgU1AWeCJ+KzApNZKlkkwibSW0gQWchYcfxbgt6TS0PcVeKlLNHIvq0CAwEA
-AaNQME4wHQYDVR0OBBYEFHLtsqc7PiTu+8OcKtDPmYGtfUCoMB8GA1UdIwQYMBaA
-FHLtsqc7PiTu+8OcKtDPmYGtfUCoMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEL
-BQADggIBAMFAA0xYqaUNfiRqxWG3h3jx3zgfqZMP9Y4NQYGLH5ZzcOoBnWvH1p+l
-goCcWJSHW826m9S2u1r6PzQE6RWoZO+1+q/S9R9gZtYRCBgdbhH+XZEc3sZmsdO7
-iT9YGN40gKXAVJ6juAdzp16pLA5/aOGMcc+DYx1V9/rs1tcGmBPg+M17r3bqyhtM
-H5f0N8OhFVdYkZq82d3CT1WeGN3R49D5fCc9MhxjSMu+fxsnYiH3oHf4R2jmjljS
-5DqU6IfsOq9D3upMW1NOLsqBDCx/Ap4zzTiU0OHvgRBTvhTpTtggk7uD/uP/qUiG
-NVuerfpopRqyUIagZQGrIRf19vWSAZSa/Sp4brWT/hufEksXWrfFdesSF6045RsP
-ZvASdNALcpmM55r4scBbGcXRsExLfKBBsELP02f4BZxPoCaTN3eAQS/StuWI7xgZ
-eOI/NX5r1tVGqCxfL1guMuuCdNlvg8VvCAw9PM62Y5d+gziiEtQzFmQI7tzBMR0Y
-Fx/SP0qt5zxWLrFo1xqvdRf3zbQQTKQSdIblr3bOAii7L8wWp5tYh85q2Yo+nPrF
-TRWVSsfKr1SdH98LjgbjcrfX557o32iYESme7E4G3DG9Vc7tTOpVdS6wKPlpNg74
-mrJqbshpe6Zc8lDWFe9uAocKQxU35wa9x4P8DjI1STDZV8Rz7lmk
-</ns1:X509Certificate>
- </ns1:X509Data>
- </ns1:KeyInfo>
- </ns0:KeyDescriptor>
- <ns0:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</ns0:NameIDFormat>
- <ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs-gw.sunet.se/Saml2/sso/redirect"/>
- <ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs-gw.sunet.se/Saml2/sso/post"/>
- </ns0:IDPSSODescriptor>
- <ns0:Organization>
- <ns0:OrganizationName xml:lang="en">RKH ADFS Test (IdP)</ns0:OrganizationName>
- <ns0:OrganizationDisplayName xml:lang="en">RKH ADFS Test</ns0:OrganizationDisplayName>
- <ns0:OrganizationURL xml:lang="en">https://example.com</ns0:OrganizationURL>
- </ns0:Organization>
- <ns0:ContactPerson contactType="technical">
- <ns0:GivenName>Technical</ns0:GivenName>
- <ns0:EmailAddress>technical@example.com</ns0:EmailAddress>
- </ns0:ContactPerson>
- <ns0:ContactPerson contactType="support">
- <ns0:GivenName>Support</ns0:GivenName>
- <ns0:EmailAddress>support@example.com</ns0:EmailAddress>
- </ns0:ContactPerson>
-</ns0:EntityDescriptor>
diff --git a/swamid-2.0/adfs.rkh.se-adfs-services-trust.xml b/swamid-2.0/adfs.rkh.se-adfs-services-trust.xml
index e5b2b491..254d9506 100644
--- a/swamid-2.0/adfs.rkh.se-adfs-services-trust.xml
+++ b/swamid-2.0/adfs.rkh.se-adfs-services-trust.xml
@@ -604,6 +604,14 @@
<AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs.rkh.se/adfs/ls/" index="2"/>
</SPSSODescriptor>
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="sv">Röda Korsets Högskola</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Röda Korsets Högskola</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">ADFS Röda Korsets Högskola</mdui:Description>
+ <mdui:Description xml:lang="en">ADFS Röda Korsets Högskola</mdui:Description>
+ </mdui:UIInfo>
+ </Extensions>
<KeyDescriptor use="encryption">
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<X509Data>
diff --git a/swamid-2.0/captivelan-test.it.su.se-shibboleth.sso.xml b/swamid-2.0/captivelan-test.it.su.se-shibboleth.sso.xml
deleted file mode 100644
index 9e340309..00000000
--- a/swamid-2.0/captivelan-test.it.su.se-shibboleth.sso.xml
+++ /dev/null
@@ -1,57 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://captivelan-test.it.su.se/Shibboleth.sso">
- <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
- <md:Extensions>
- <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://captivelan-test.it.su.se/Shibboleth.sso/WAYF"/>
- <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://captivelan-test.it.su.se/Shibboleth.sso/WAYF" index="1"/>
- <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://captivelan-test.it.su.se/Shibboleth.sso/WAYF/wavelan"/>
- <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://captivelan-test.it.su.se/Shibboleth.sso/WAYF/wavelan" index="2"/>
- <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://captivelan-test.it.su.se/Shibboleth.sso/WAYF/idp.secure.su.se"/>
- <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://captivelan-test.it.su.se/Shibboleth.sso/WAYF/idp.it.su.se"/>
- <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://captivelan-test.it.su.se/Shibboleth.sso/SWAMID"/>
- <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://captivelan-test.it.su.se/Shibboleth.sso/WAYF/wavelan-test"/>
- <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://captivelan-test.it.su.se/Shibboleth.sso/WAYF/wavelan-test" index="3"/>
- </md:Extensions>
- <md:KeyDescriptor>
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:KeyName>cpgw-lab01.it.su.se</ds:KeyName>
- <ds:X509Data>
- <ds:X509SubjectName>CN=cpgw-lab01.it.su.se</ds:X509SubjectName>
- <ds:X509Certificate>MIIDADCCAeigAwIBAgIJALBncbJG3wsYMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
-BAMTE2NwZ3ctbGFiMDEuaXQuc3Uuc2UwHhcNMTIwMzEzMTQxOTI1WhcNMjIwMzEx
-MTQxOTI1WjAeMRwwGgYDVQQDExNjcGd3LWxhYjAxLml0LnN1LnNlMIIBIjANBgkq
-hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA56U5HB9fy3fqVfLdreUVdk/E5XMTZcLb
-RNxXOQM/Wmbg+daAIAPar49jDUZ+gJ3rS6Vn1KbNwaKerbGtutojdrtKPkHBWT7O
-/oLuBePY26+coYzHrjjVoRoIsCvpFpEq/e66HPP/Fb77Po2fI7lJgZ1daqLw2wWE
-HE/wj8sq+H6KQJzcS5ts4v7UxqSMy9pwG4sIc4BoGDJGq38ZFWhRFiyLFf6oshVW
-NRBXoH9DMCWcs8No6MROC/fTyRHl9zVBzcKvPl28hNkOdQLfMC/c9i2gLj+IC9yw
-mWQc7wOSV/clDbYwjl8+GPjLR1fFGA4DYzTo+tq+CI/gy26qXopeYQIDAQABo0Ew
-PzAeBgNVHREEFzAVghNjcGd3LWxhYjAxLml0LnN1LnNlMB0GA1UdDgQWBBTLWYM+
-qGSaqwwGeBogeJUkShYBlTANBgkqhkiG9w0BAQUFAAOCAQEATepYFMmK30pDq4I8
-bde/SrGXNIKqr3TB6wLXVMBrta1bwGmJmnxJBu4Cf17ShbEBRyjnKML7/oGs/p2r
-MsBu74xlWAett9sUkwOg0A2C2EzJB8OrO0pUaFgFYZbaW8OQVZvSqmkvTQcIh2ZC
-pFBtfAzUJ9y40T++z6D0P948oN3/4kbtkQvcllNVjxVfAG8eafGcrXJx60/aN7As
-p63AVSlYluX3+fdIHqVDx/AlXll4KlcPLiVRIXZd9C0WYi4I0hbw0GiWngU/GLaC
-+OAkMXA0RUsY5c2IBzCrkktrakl1fh3RnJZcvG8QDi6kz5WRbWD1z6HsFSNURiUf
-68eknw==
-</ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- </md:KeyDescriptor>
- <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://captivelan-test.it.su.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://captivelan-test.it.su.se/Shibboleth.sso/SLO/SOAP"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://captivelan-test.it.su.se/Shibboleth.sso/SLO/Redirect"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://captivelan-test.it.su.se/Shibboleth.sso/SLO/POST"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://captivelan-test.it.su.se/Shibboleth.sso/SLO/Artifact"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://captivelan-test.it.su.se/Shibboleth.sso/NIM/SOAP"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://captivelan-test.it.su.se/Shibboleth.sso/NIM/Redirect"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://captivelan-test.it.su.se/Shibboleth.sso/NIM/POST"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://captivelan-test.it.su.se/Shibboleth.sso/NIM/Artifact"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://captivelan-test.it.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://captivelan-test.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://captivelan-test.it.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://captivelan-test.it.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://captivelan-test.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://captivelan-test.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
- </md:SPSSODescriptor>
-</md:EntityDescriptor>
diff --git a/swamid-2.0/crowd.ub.uu.se-crowd-plugins-servlet-ssocookie.xml b/swamid-2.0/crowd.ub.uu.se-crowd-plugins-servlet-ssocookie.xml
new file mode 100644
index 00000000..8f9cb456
--- /dev/null
+++ b/swamid-2.0/crowd.ub.uu.se-crowd-plugins-servlet-ssocookie.xml
@@ -0,0 +1,71 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://crowd.ub.uu.se/crowd/plugins/servlet/ssocookie">
+ <Extensions>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+ <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
+ </samla:Attribute>
+ </mdattr:EntityAttributes>
+ </Extensions>
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="en">Common web services at UB</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="sv">Gemensamma webbtjänster vid UB</mdui:DisplayName>
+ <mdui:Description xml:lang="en">Common webservices at UB grants you access to services like UUB Wiki, JIRA, HipChat and more. </mdui:Description>
+ <mdui:Description xml:lang="sv">Gemensamma webbtjänster vid UB ger dig åtkomst till tjänster som UUB Wiki, JIRA, HipChat mfl.</mdui:Description>
+ <mdui:InformationURL xml:lang="en">https://wiki.ub.uu.se/x/_hfXAQ</mdui:InformationURL>
+ <mdui:InformationURL xml:lang="sv">https://wiki.ub.uu.se/x/_hfXAQ</mdui:InformationURL>
+ </mdui:UIInfo>
+ </Extensions>
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIID8TCCAlmgAwIBAgIJALTopuyTJrGHMA0GCSqGSIb3DQEBCwUAMBkxFzAVBgNV
+BAMTDlVVQi1TTC1DUk9XRDAxMB4XDTE3MDUyNDEwMDYzNFoXDTI3MDUyMjEwMDYz
+NFowGTEXMBUGA1UEAxMOVVVCLVNMLUNST1dEMDEwggGiMA0GCSqGSIb3DQEBAQUA
+A4IBjwAwggGKAoIBgQDxQNsbTakAOZK9ZKxP6U27T3BgQ3/7tcGYULq3ZEJVDRp5
+m1X1Sf5KvxN9qGVWmWzFJ31XJTZSEVs20RiPlMS7Mcjfba90dsJOTIN1BiEQDCkg
+LIBO5Wf2pi8fkPLLVxM4cMCJ5OZhCSno52SNDGt+UuzUW4Hi4IqJ/zHyfpAIazq8
+HWYBHqkljmMKisS+AcFOnq7geOpNMtZjXz6ztIMCRNxKxVtvzqTJOSArJlcCXllC
+5trrj+HgXOQzzf6Frm8F0sBrdlIkP0gJ/sfS95DpWPRZ/dD26BUl/obyRSpOZXEi
+++LrIq6XNIURFqynmtE2k49D7BcqjfTWt4lbYIlqh0cKbdgGsHtPH9TKYgTl+PMR
+EbnCw6ZKacoCm6vhLMj8ManpK5lL8LkA5dNClW8QVvqNcpBMPjpQYs2KkmotQKF+
+tGhk121AGIazmLY0u3h4Xx71X66C65Iz4wX+pbAlYCXY7xyRSAvyBke2fTK+alcL
+hIhQyzjjHo8hT3U77g8CAwEAAaM8MDowGQYDVR0RBBIwEIIOVVVCLVNMLUNST1dE
+MDEwHQYDVR0OBBYEFHGAkvhr6MgW2zRgPV+yvpC5UcEbMA0GCSqGSIb3DQEBCwUA
+A4IBgQAtHxlzxiU5PqpHvDr7sB5fVJxSDGaqRwZPd/jl4GvmM4iQ/eihO763Zdnz
+SpZ1k5wNR456c5DUDW6EbJ7Z7NBQyAY2Kku2zT2kt+AJkLS7Tuv0OUnncZS5SyK3
+gOIPkeQPpNmx5bDtEj98HZGeX1SWc8wMYtrD4ioiPzX4SqHTcioHIELhHltdCmPo
+C+HnB16co6iGoqdXweOJc0iF7q8EFLkywX7B24LlhzbXmfz0Ld3Q1sw5Tv2Hj52G
+8E1r4PfMgcM03s7mvtjVTyozXq7bMdnBPVrpmSyRb0jf+UM+R+ymAOdKrygP4LGJ
+EYBHpQMBIEZs5ZH9BDHvZxF5NONbq1BFszrMepwUnJagSL/oxqD1Z3lvgMnp5/CC
+pJZYJlFLUGecbAjM5od7cTTqz456CWvqKjSnaneKfNbAGM/KTbsHFIMm19YaTUay
+GQSdXrFMQ0uKLbmHgDC1bF24vUSWSwH1YiUqoTXcZDpCuJZ9Wj3HQroLeBoW3pVF
+KKh9ztE=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://crowd.ub.uu.se/Shibboleth.sso/SLO/Redirect"/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://crowd.ub.uu.se/Shibboleth.sso/SLO/POST"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://crowd.ub.uu.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://crowd.ub.uu.se/Shibboleth.sso/SAML2/ECP" index="2"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Uppsala University Library</OrganizationName>
+ <OrganizationName xml:lang="sv">Uppsala universitetsbibliotek</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Uppsala University Library</OrganizationDisplayName>
+ <OrganizationDisplayName xml:lang="sv">Uppsala universitetsbibliotek</OrganizationDisplayName>
+ <OrganizationURL xml:lang="sv">http://ub.uu.se</OrganizationURL>
+ <OrganizationURL xml:lang="en">http://ub.uu.se/?languageId=1</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Uppsala University Library</Company>
+ <GivenName>Rasmus</GivenName>
+ <SurName>Skagersten</SurName>
+ <EmailAddress>helpdesk@ub.uu.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
diff --git a/swamid-2.0/dev.lararlyftet-validering.se-shibboleth.xml b/swamid-2.0/dev.lararlyftet-validering.se-shibboleth.xml
index 6a85c3c9..5f4adf1f 100644
--- a/swamid-2.0/dev.lararlyftet-validering.se-shibboleth.xml
+++ b/swamid-2.0/dev.lararlyftet-validering.se-shibboleth.xml
@@ -89,4 +89,9 @@ JPCgGoM1ape2Nyf198u6F4qXp5MZsS+vBOXxAyvHzWOr5uMzxg0oAJQwpkVp/b2z
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://dev.lararlyftet-validering.se/Shibboleth.sso/SAML/POST" index="5"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://dev.lararlyftet-validering.se/Shibboleth.sso/SAML/Artifact" index="6"/>
</md:SPSSODescriptor>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>Carina</md:GivenName>
+ <md:SurName>Lindström</md:SurName>
+ <md:EmailAddress>mailto:valdasupport@uhr.se</md:EmailAddress>
+ </md:ContactPerson>
</md:EntityDescriptor>
diff --git a/swamid-2.0/dev.nais.uhr.se-shibboleth.xml b/swamid-2.0/dev.nais.uhr.se-shibboleth.xml
index e3fdfd56..550f7043 100644
--- a/swamid-2.0/dev.nais.uhr.se-shibboleth.xml
+++ b/swamid-2.0/dev.nais.uhr.se-shibboleth.xml
@@ -89,4 +89,9 @@ JPCgGoM1ape2Nyf198u6F4qXp5MZsS+vBOXxAyvHzWOr5uMzxg0oAJQwpkVp/b2z
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://dev.nais.uhr.se/Shibboleth.sso/SAML/POST" index="5"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://dev.nais.uhr.se/Shibboleth.sso/SAML/Artifact" index="6"/>
</md:SPSSODescriptor>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>Carina</md:GivenName>
+ <md:SurName>Lindström</md:SurName>
+ <md:EmailAddress>mailto:support@reqtest-services.com</md:EmailAddress>
+ </md:ContactPerson>
</md:EntityDescriptor>
diff --git a/swamid-2.0/e5.onthehub.com.xml b/swamid-2.0/e5.onthehub.com.xml
index 84bf1526..bbd08bbc 100644
--- a/swamid-2.0/e5.onthehub.com.xml
+++ b/swamid-2.0/e5.onthehub.com.xml
@@ -41,33 +41,6 @@ tsXRh8I9G2b+om6fhCjEUmM=
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
- <md:KeyDescriptor use="signing">
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:KeyName>e5.onthehub.com</ds:KeyName>
- <ds:KeyName>https://e5.onthehub.com</ds:KeyName>
- <ds:X509Data>
- <ds:X509SubjectName>CN=e5.onthehub.com</ds:X509SubjectName>
- <ds:X509Certificate>MIIDDTCCAfWgAwIBAgIJAKiojggOXwYSMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
-BAMTD2U1Lm9udGhlaHViLmNvbTAeFw0xMDAzMTkxODA0MjlaFw0xMzAzMTgxODA0
-MjlaMBoxGDAWBgNVBAMTD2U1Lm9udGhlaHViLmNvbTCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBALQ7NHoOjHN6VTNmMUBqlDXcbEbgjPcrjlMrW5s3JNWh
-61NT+AD+8+K0m4288Rc4yTuyaYcCc6K+erCPkivkktudh4rVProuClfpXTgEl+IF
-YkfHbeZHEc2tMLMrQ6zWpcUBiSPdKjhEgVWGe6q/lW2KWRsmbx2lCufhtSfAwyCb
-j/+Nt8tlF8+Tmi5SEZ1HbUhSRMdIKHU8epMkeRd7fPXgO/lqzKF1TIi3eO+L63KW
-4zC0O39Uh6ftULWvCvpyxVAhiQGId092CV8CxuqQPY4lXPDtTKcS0pZLtvlAAD3X
-UhdVOszNxL43oEVQyv/Vr5abab4C1ghZQ26KGaWpqDkCAwEAAaNWMFQwMwYDVR0R
-BCwwKoIPZTUub250aGVodWIuY29thhdodHRwczovL2U1Lm9udGhlaHViLmNvbTAd
-BgNVHQ4EFgQUiAUx8mQA/+5rLbZsyk/QgfTIKRgwDQYJKoZIhvcNAQEFBQADggEB
-AFl0fsWKeym+vqb8O7lPxICZpAMcr9hXn0/XA7FzTluuno4/+uRTljBn3rsPFoe5
-gxl+CtDFQnZ/ZKd6PAv6ulbj1w86JXiQ2dVjzPTSHnIzy408NLHiUKj5p7KmtvP6
-VUBknIxbt6krRtkAHWqpA4ykvAW5TyPSk7DFwFI+/lNlcegmMwlk9bVhIB9s6HdI
-K1+Mvw3ek0GCAlo2ucgpEIFXrRwMLLnucXLdWVug9w+ScsmKp19DlnpS2UMmRMfq
-eWPEpGoM/tepFG/JensNMEA41WKCXmmbruIGlh3TWFRE8s0JG3b8jy8aB3mgzq9T
-l8qQhkUldJphTqx2PEHORBM=
-</ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- </md:KeyDescriptor>
<md:KeyDescriptor use="encryption">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:KeyName>e5.onthehub.com</ds:KeyName>
@@ -95,33 +68,6 @@ tsXRh8I9G2b+om6fhCjEUmM=
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
- <md:KeyDescriptor use="encryption">
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:KeyName>e5.onthehub.com</ds:KeyName>
- <ds:KeyName>https://e5.onthehub.com</ds:KeyName>
- <ds:X509Data>
- <ds:X509SubjectName>CN=e5.onthehub.com</ds:X509SubjectName>
- <ds:X509Certificate>MIIDDTCCAfWgAwIBAgIJAKiojggOXwYSMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
-BAMTD2U1Lm9udGhlaHViLmNvbTAeFw0xMDAzMTkxODA0MjlaFw0xMzAzMTgxODA0
-MjlaMBoxGDAWBgNVBAMTD2U1Lm9udGhlaHViLmNvbTCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBALQ7NHoOjHN6VTNmMUBqlDXcbEbgjPcrjlMrW5s3JNWh
-61NT+AD+8+K0m4288Rc4yTuyaYcCc6K+erCPkivkktudh4rVProuClfpXTgEl+IF
-YkfHbeZHEc2tMLMrQ6zWpcUBiSPdKjhEgVWGe6q/lW2KWRsmbx2lCufhtSfAwyCb
-j/+Nt8tlF8+Tmi5SEZ1HbUhSRMdIKHU8epMkeRd7fPXgO/lqzKF1TIi3eO+L63KW
-4zC0O39Uh6ftULWvCvpyxVAhiQGId092CV8CxuqQPY4lXPDtTKcS0pZLtvlAAD3X
-UhdVOszNxL43oEVQyv/Vr5abab4C1ghZQ26KGaWpqDkCAwEAAaNWMFQwMwYDVR0R
-BCwwKoIPZTUub250aGVodWIuY29thhdodHRwczovL2U1Lm9udGhlaHViLmNvbTAd
-BgNVHQ4EFgQUiAUx8mQA/+5rLbZsyk/QgfTIKRgwDQYJKoZIhvcNAQEFBQADggEB
-AFl0fsWKeym+vqb8O7lPxICZpAMcr9hXn0/XA7FzTluuno4/+uRTljBn3rsPFoe5
-gxl+CtDFQnZ/ZKd6PAv6ulbj1w86JXiQ2dVjzPTSHnIzy408NLHiUKj5p7KmtvP6
-VUBknIxbt6krRtkAHWqpA4ykvAW5TyPSk7DFwFI+/lNlcegmMwlk9bVhIB9s6HdI
-K1+Mvw3ek0GCAlo2ucgpEIFXrRwMLLnucXLdWVug9w+ScsmKp19DlnpS2UMmRMfq
-eWPEpGoM/tepFG/JensNMEA41WKCXmmbruIGlh3TWFRE8s0JG3b8jy8aB3mgzq9T
-l8qQhkUldJphTqx2PEHORBM=
-</ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- </md:KeyDescriptor>
<md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://e5.onthehub.com/WebStore/Security/Shibboleth/SWAMID/Shibboleth.sso/Artifact/SOAP" index="1"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://e5.onthehub.com/WebStore/Security/Shibboleth/SWAMID/Shibboleth.sso/SLO/Artifact"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://e5.onthehub.com/WebStore/Security/Shibboleth/SWAMID/Shibboleth.sso/SLO/POST"/>
diff --git a/swamid-2.0/fs.liu.se-adfs-services-trust.xml b/swamid-2.0/fs.liu.se-adfs-services-trust.xml
index da03a752..f9214d77 100644
--- a/swamid-2.0/fs.liu.se-adfs-services-trust.xml
+++ b/swamid-2.0/fs.liu.se-adfs-services-trust.xml
@@ -1,5 +1,13 @@
<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="http://fs.liu.se/adfs/services/trust">
+ <Extensions>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml:AttributeValue>http://www.swamid.se/policy/assurance/al1</saml:AttributeValue>
+ <saml:AttributeValue>http://www.swamid.se/policy/assurance/al2</saml:AttributeValue>
+ </saml:Attribute>
+ </mdattr:EntityAttributes>
+ </Extensions>
<RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="fs.liu.se">
<KeyDescriptor use="encryption">
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
diff --git a/swamid-2.0/fs.test.ad.liu.se-adfs-services-trust.xml b/swamid-2.0/fs.test.ad.liu.se-adfs-services-trust.xml
new file mode 100644
index 00000000..c94c39ff
--- /dev/null
+++ b/swamid-2.0/fs.test.ad.liu.se-adfs-services-trust.xml
@@ -0,0 +1,773 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://fs.test.ad.liu.se/adfs/services/trust">
+ <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="Linköpings universitet">
+ <KeyDescriptor use="encryption">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIFUzCCBDugAwIBAgIQBrwqNmxAo59beehrk0v2iDANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wgQ0EgMzAeFw0xNzAxMTEwMDAwMDBaFw0yMDAxMTYxMjAwMDBaMIGRMQswCQYDVQQGEwJTRTEXMBUGA1UECAwOw5ZzdGVyZ8O2dGxhbmQxEzARBgNVBAcMCkxpbmvDtnBpbmcxIDAeBgNVBAoMF0xpbmvDtnBpbmdzIHVuaXZlcnNpdGV0MQ8wDQYDVQQLEwZMaVUtSVQxITAfBgNVBAMTGGZzZGVjcnlwdC50ZXN0LmFkLmxpdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL5HdRwreoPqeue6i43Oe1rQK59k3Ln23npqLOH1FmQJMS+L7sl3crsj2Ch9hUnYptXenbEa0mKaXf3zaUwrDa5skQZLpuVOULdw81/xNUFCqHJWbYL72699pN/3PauGQBE0R1wUu+SwtJ5gISpK9/qjY6XVIT51cfxudowgrnpyj8gqci/M43j1dakk0MesqC20AB4pfu+AmjsvcfIVZ+TLoaZy7VyV8NF/AywivdS73eJ8Xsanu3w3Xtvf7uyhTqudp5dZBgo7Ep4v7mLqja4dEaOWjnb5pQhI48DNkw0emBJ4l7ZN94BLIOI/aEsdRsRHBBzrvTdkiWB7seylHL0CAwEAAaOCAdEwggHNMB8GA1UdIwQYMBaAFGf9iCAUJ5jHCdIlGbvpURFjdVBiMB0GA1UdDgQWBBROjVmiFgVr649sDBsDiczPybJWEDAjBgNVHREEHDAaghhmc2RlY3J5cHQudGVzdC5hZC5saXUuc2UwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vVEVSRU5BU1NMQ0EzLmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1RFUkVOQVNTTENBMy5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwbgYIKwYBBQUHAQEEYjBgMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOAYIKwYBBQUHMAKGLGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xDQTMuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBADAACheuXdPONwqcxLP6GoNWa0RZaIEGX+1hNyo+wY/nZ4l+Zn5JJbVa3iA8bjIlWK78NrcVY0dEoZbUl7m8LXPU+P8CTNKkmuv0i1hxx3M7cdnttj4GfAPw5B67N+6DwuoFiqjfTUkCvsdmg0v4GQkkn98MrEJuqTvGKEDnhphUHgywS/CQ5m/dhz0EyXyLFcWBK53dih28ub8qbl6H4k531237CjEe7KgQPJYp+l+NLGL5/YRDbu88hnDezeu8xhAsddoDdAozHWsQA7czZ7hufB1TRWwLyhzyRsBm/XeomkdTXH3BrgND9iMraUrlDlwlsr3I/Mgk9cLxaDaImx4=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <fed:ClaimTypesRequested>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
+ <auth:DisplayName>E-Mail Address</auth:DisplayName>
+ <auth:Description>The e-mail address of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
+ <auth:DisplayName>Given Name</auth:DisplayName>
+ <auth:Description>The given name of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
+ <auth:DisplayName>Name</auth:DisplayName>
+ <auth:Description>The unique name of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
+ <auth:DisplayName>UPN</auth:DisplayName>
+ <auth:Description>The user principal name (UPN) of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
+ <auth:DisplayName>Common Name</auth:DisplayName>
+ <auth:Description>The common name of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
+ <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
+ <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
+ <auth:DisplayName>Group</auth:DisplayName>
+ <auth:Description>A group that the user is a member of</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
+ <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
+ <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
+ <auth:DisplayName>Role</auth:DisplayName>
+ <auth:Description>A role that the user has</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
+ <auth:DisplayName>Surname</auth:DisplayName>
+ <auth:Description>The surname of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
+ <auth:DisplayName>PPID</auth:DisplayName>
+ <auth:Description>The private identifier of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
+ <auth:DisplayName>Name ID</auth:DisplayName>
+ <auth:Description>The SAML name identifier of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
+ <auth:DisplayName>Authentication time stamp</auth:DisplayName>
+ <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
+ <auth:DisplayName>Authentication method</auth:DisplayName>
+ <auth:Description>The method used to authenticate the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
+ <auth:DisplayName>Deny only group SID</auth:DisplayName>
+ <auth:Description>The deny-only group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
+ <auth:DisplayName>Deny only primary SID</auth:DisplayName>
+ <auth:Description>The deny-only primary SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
+ <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
+ <auth:Description>The deny-only primary group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
+ <auth:DisplayName>Group SID</auth:DisplayName>
+ <auth:Description>The group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
+ <auth:DisplayName>Primary group SID</auth:DisplayName>
+ <auth:Description>The primary group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
+ <auth:DisplayName>Primary SID</auth:DisplayName>
+ <auth:Description>The primary SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
+ <auth:DisplayName>Windows account name</auth:DisplayName>
+ <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
+ <auth:DisplayName>Is Registered User</auth:DisplayName>
+ <auth:Description>User is registered to use this device</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
+ <auth:DisplayName>Device Identifier</auth:DisplayName>
+ <auth:Description>Identifier of the device</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
+ <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
+ <auth:Description>Identifier for Device Registration</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
+ <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
+ <auth:Description>Display name of Device Registration</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
+ <auth:DisplayName>Device OS type</auth:DisplayName>
+ <auth:Description>OS type of the device</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
+ <auth:DisplayName>Device OS Version</auth:DisplayName>
+ <auth:Description>OS version of the device</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
+ <auth:DisplayName>Is Managed Device</auth:DisplayName>
+ <auth:Description>Device is managed by a management service</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
+ <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
+ <auth:Description>IP address of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
+ <auth:DisplayName>Client Application</auth:DisplayName>
+ <auth:Description>Type of the Client Application</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
+ <auth:DisplayName>Client User Agent</auth:DisplayName>
+ <auth:Description>Device type the client is using to access the application</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
+ <auth:DisplayName>Client IP</auth:DisplayName>
+ <auth:Description>IP address of the client</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
+ <auth:DisplayName>Endpoint Path</auth:DisplayName>
+ <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
+ <auth:DisplayName>Proxy</auth:DisplayName>
+ <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
+ <auth:DisplayName>Application Identifier</auth:DisplayName>
+ <auth:Description>Identifier for the Relying Party</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
+ <auth:DisplayName>Application policies</auth:DisplayName>
+ <auth:Description>Application policies of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
+ <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
+ <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
+ <auth:DisplayName>Basic Constraint</auth:DisplayName>
+ <auth:Description>One of the basic constraints of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
+ <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
+ <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
+ <auth:DisplayName>Issuer</auth:DisplayName>
+ <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
+ <auth:DisplayName>Issuer Name</auth:DisplayName>
+ <auth:Description>The distinguished name of the certificate issuer</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
+ <auth:DisplayName>Key Usage</auth:DisplayName>
+ <auth:Description>One of the key usages of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
+ <auth:DisplayName>Not After</auth:DisplayName>
+ <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
+ <auth:DisplayName>Not Before</auth:DisplayName>
+ <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
+ <auth:DisplayName>Certificate Policies</auth:DisplayName>
+ <auth:Description>The policies under which the certificate has been issued</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
+ <auth:DisplayName>Public Key</auth:DisplayName>
+ <auth:Description>Public Key of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
+ <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
+ <auth:Description>The raw data of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
+ <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
+ <auth:Description>One of the alternative names of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
+ <auth:DisplayName>Serial Number</auth:DisplayName>
+ <auth:Description>The serial number of a certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
+ <auth:DisplayName>Signature Algorithm</auth:DisplayName>
+ <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
+ <auth:DisplayName>Subject</auth:DisplayName>
+ <auth:Description>The subject from the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
+ <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
+ <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
+ <auth:DisplayName>Subject Name</auth:DisplayName>
+ <auth:Description>The subject distinguished name from a certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
+ <auth:DisplayName>V2 Template Name</auth:DisplayName>
+ <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
+ <auth:DisplayName>V1 Template Name</auth:DisplayName>
+ <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
+ <auth:DisplayName>Thumbprint</auth:DisplayName>
+ <auth:Description>Thumbprint of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
+ <auth:DisplayName>X.509 Version</auth:DisplayName>
+ <auth:Description>The X.509 format version of a certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
+ <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
+ <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
+ <auth:DisplayName>Password Expiration Time</auth:DisplayName>
+ <auth:Description>Used to display the time when the password expires</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
+ <auth:DisplayName>Password Expiration Days</auth:DisplayName>
+ <auth:Description>Used to display the number of days to password expiry</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
+ <auth:DisplayName>Update Password URL</auth:DisplayName>
+ <auth:Description>Used to display the web address of update password service</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
+ <auth:DisplayName>Authentication Methods References</auth:DisplayName>
+ <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
+ <auth:DisplayName>Client Request ID</auth:DisplayName>
+ <auth:Description>Identifier for a user session</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2013/11/alternateloginid" Optional="true">
+ <auth:DisplayName>Alternate Login ID</auth:DisplayName>
+ <auth:Description>Alternate login ID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://liu.se/claims/eduPersonScopedAffiliation" Optional="true">
+ <auth:DisplayName>eduPersonScopedAffiliation</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://liu.se/claims/Department" Optional="true">
+ <auth:DisplayName>Department</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://liu.se/claims/IdentityNumber" Optional="true">
+ <auth:DisplayName>IdentityNumber</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/otherphone" Optional="true">
+ <auth:DisplayName>telephoneNumber</auth:DisplayName>
+ <auth:Description>(telephoneNumber in X.500 Person) Secondary or work telephone number of a subject. According to X.500(2001): “This attribute type specifies an office/campus telephone number associated with a person.” Attribute values should follow the agreed format for international telephone numbers, e.g. +44 71 123 4567.</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://liu.se/claims/norEduPersonNIN" Optional="true">
+ <auth:DisplayName>norEduPersonNIN</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://liu.se/claims/eduPersonPrimaryAffiliation" Optional="true">
+ <auth:DisplayName>eduPersonPrimaryAffiliation</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://liu.se/claims/norEduPersonLIN" Optional="true">
+ <auth:DisplayName>norEduPersonLIN</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://liu.se/claims/extensionAttribute8" Optional="true">
+ <auth:DisplayName>extensionAttribute8</auth:DisplayName>
+ </auth:ClaimType>
+ </fed:ClaimTypesRequested>
+ <fed:TargetScopes>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://fs.test.ad.liu.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
+ </EndpointReference>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://fs.test.ad.liu.se/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256</Address>
+ </EndpointReference>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://fs.test.ad.liu.se/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256</Address>
+ </EndpointReference>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://fs.test.ad.liu.se/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256</Address>
+ </EndpointReference>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://fs.test.ad.liu.se/adfs/ls/</Address>
+ </EndpointReference>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>http://fs.test.ad.liu.se/adfs/services/trust</Address>
+ </EndpointReference>
+ </fed:TargetScopes>
+ <fed:ApplicationServiceEndpoint>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://fs.test.ad.liu.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
+ </EndpointReference>
+ </fed:ApplicationServiceEndpoint>
+ <fed:PassiveRequestorEndpoint>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://fs.test.ad.liu.se/adfs/ls/</Address>
+ </EndpointReference>
+ </fed:PassiveRequestorEndpoint>
+ </RoleDescriptor>
+ <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:SecurityTokenServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="Linköpings universitet">
+ <KeyDescriptor use="signing">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIFUzCCBDugAwIBAgIQBzuoMX0xjHaf6wArG8vdqjANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wgQ0EgMzAeFw0xNzAxMTEwMDAwMDBaFw0yMDAxMTYxMjAwMDBaMIGRMQswCQYDVQQGEwJTRTEXMBUGA1UECAwOw5ZzdGVyZ8O2dGxhbmQxEzARBgNVBAcMCkxpbmvDtnBpbmcxIDAeBgNVBAoMF0xpbmvDtnBpbmdzIHVuaXZlcnNpdGV0MQ8wDQYDVQQLEwZMaVUtSVQxITAfBgNVBAMTGGZzc2lnbmluZy50ZXN0LmFkLmxpdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALwrweqNxDnIm4+yoRJkUDEWf13YCxSLQ0tbnkDkGNCF9Y5nWFSjHlAqFVG3iYebLI0TSaeFDpty4NFi2vmNi+gvRdQ0KIUcOC4ymu1KPN+6O5R4LaDBrOCtQ0pnoJa5BitOGMdA0UHmpuN2uoSgFQMizwhW3FswJAgcEpemZcqbMb0S/Tf0VHQHgsiX2KpiOxF5RhQ1qjz/Jc7F52lHQrceeLqbYC2jxKYNcfJ7UkTbYBA9QnkZxFKTLjgwGj3zfE4AHflFmVbQrrDzkVpOKj2GtTnNE5Nc91CboxV8aJpFcfOLJlOYgYfi0c9UgQJyr+vzFnGddsJG0hGwZxb4kfcCAwEAAaOCAdEwggHNMB8GA1UdIwQYMBaAFGf9iCAUJ5jHCdIlGbvpURFjdVBiMB0GA1UdDgQWBBR62VEsMVgmMYFGBD8dbSGoZOVFaTAjBgNVHREEHDAaghhmc3NpZ25pbmcudGVzdC5hZC5saXUuc2UwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vVEVSRU5BU1NMQ0EzLmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1RFUkVOQVNTTENBMy5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwbgYIKwYBBQUHAQEEYjBgMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOAYIKwYBBQUHMAKGLGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xDQTMuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBAHTy++Ov5ElGuiPdxcliIfjvWPiAWSCivCq1snZ9baLDYgkyg4Z0tZoF2a6lc5yTowXcggeoI+Z/KhI/RN2VuW+acNtyu2Zv+wQFcVHeZYy4rdIBzuxuLVJsGsnJXm2rxLNnDsTe+Q+gkgcMZMYaYKitDepHFLGvEN3uQTo7zbFf9qaZKjiZnFCr7KB1ShRlunU3QM6HcVLqADvDMX8zvY8iSDJffHI3c++Y50fd3o50QQxJ0XAYVJk04khDccGIYtpEG4g3wbszSowjjArJemauuSILxmWBz/yMpqwIYPgj8yDAdaDqqhSYDYon04f4hdTE9yKwH5DEwBLrPtd+u8o=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <fed:TokenTypesOffered>
+ <fed:TokenType Uri="urn:oasis:names:tc:SAML:2.0:assertion"/>
+ <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion"/>
+ </fed:TokenTypesOffered>
+ <fed:ClaimTypesOffered>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
+ <auth:DisplayName>E-Mail Address</auth:DisplayName>
+ <auth:Description>The e-mail address of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
+ <auth:DisplayName>Given Name</auth:DisplayName>
+ <auth:Description>The given name of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
+ <auth:DisplayName>Name</auth:DisplayName>
+ <auth:Description>The unique name of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
+ <auth:DisplayName>UPN</auth:DisplayName>
+ <auth:Description>The user principal name (UPN) of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
+ <auth:DisplayName>Common Name</auth:DisplayName>
+ <auth:Description>The common name of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
+ <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
+ <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
+ <auth:DisplayName>Group</auth:DisplayName>
+ <auth:Description>A group that the user is a member of</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
+ <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
+ <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
+ <auth:DisplayName>Role</auth:DisplayName>
+ <auth:Description>A role that the user has</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
+ <auth:DisplayName>Surname</auth:DisplayName>
+ <auth:Description>The surname of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
+ <auth:DisplayName>PPID</auth:DisplayName>
+ <auth:Description>The private identifier of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
+ <auth:DisplayName>Name ID</auth:DisplayName>
+ <auth:Description>The SAML name identifier of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
+ <auth:DisplayName>Authentication time stamp</auth:DisplayName>
+ <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
+ <auth:DisplayName>Authentication method</auth:DisplayName>
+ <auth:Description>The method used to authenticate the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
+ <auth:DisplayName>Deny only group SID</auth:DisplayName>
+ <auth:Description>The deny-only group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
+ <auth:DisplayName>Deny only primary SID</auth:DisplayName>
+ <auth:Description>The deny-only primary SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
+ <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
+ <auth:Description>The deny-only primary group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
+ <auth:DisplayName>Group SID</auth:DisplayName>
+ <auth:Description>The group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
+ <auth:DisplayName>Primary group SID</auth:DisplayName>
+ <auth:Description>The primary group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
+ <auth:DisplayName>Primary SID</auth:DisplayName>
+ <auth:Description>The primary SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
+ <auth:DisplayName>Windows account name</auth:DisplayName>
+ <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
+ <auth:DisplayName>Is Registered User</auth:DisplayName>
+ <auth:Description>User is registered to use this device</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
+ <auth:DisplayName>Device Identifier</auth:DisplayName>
+ <auth:Description>Identifier of the device</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
+ <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
+ <auth:Description>Identifier for Device Registration</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
+ <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
+ <auth:Description>Display name of Device Registration</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
+ <auth:DisplayName>Device OS type</auth:DisplayName>
+ <auth:Description>OS type of the device</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
+ <auth:DisplayName>Device OS Version</auth:DisplayName>
+ <auth:Description>OS version of the device</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
+ <auth:DisplayName>Is Managed Device</auth:DisplayName>
+ <auth:Description>Device is managed by a management service</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
+ <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
+ <auth:Description>IP address of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
+ <auth:DisplayName>Client Application</auth:DisplayName>
+ <auth:Description>Type of the Client Application</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
+ <auth:DisplayName>Client User Agent</auth:DisplayName>
+ <auth:Description>Device type the client is using to access the application</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
+ <auth:DisplayName>Client IP</auth:DisplayName>
+ <auth:Description>IP address of the client</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
+ <auth:DisplayName>Endpoint Path</auth:DisplayName>
+ <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
+ <auth:DisplayName>Proxy</auth:DisplayName>
+ <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
+ <auth:DisplayName>Application Identifier</auth:DisplayName>
+ <auth:Description>Identifier for the Relying Party</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
+ <auth:DisplayName>Application policies</auth:DisplayName>
+ <auth:Description>Application policies of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
+ <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
+ <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
+ <auth:DisplayName>Basic Constraint</auth:DisplayName>
+ <auth:Description>One of the basic constraints of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
+ <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
+ <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
+ <auth:DisplayName>Issuer</auth:DisplayName>
+ <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
+ <auth:DisplayName>Issuer Name</auth:DisplayName>
+ <auth:Description>The distinguished name of the certificate issuer</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
+ <auth:DisplayName>Key Usage</auth:DisplayName>
+ <auth:Description>One of the key usages of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
+ <auth:DisplayName>Not After</auth:DisplayName>
+ <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
+ <auth:DisplayName>Not Before</auth:DisplayName>
+ <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
+ <auth:DisplayName>Certificate Policies</auth:DisplayName>
+ <auth:Description>The policies under which the certificate has been issued</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
+ <auth:DisplayName>Public Key</auth:DisplayName>
+ <auth:Description>Public Key of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
+ <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
+ <auth:Description>The raw data of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
+ <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
+ <auth:Description>One of the alternative names of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
+ <auth:DisplayName>Serial Number</auth:DisplayName>
+ <auth:Description>The serial number of a certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
+ <auth:DisplayName>Signature Algorithm</auth:DisplayName>
+ <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
+ <auth:DisplayName>Subject</auth:DisplayName>
+ <auth:Description>The subject from the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
+ <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
+ <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
+ <auth:DisplayName>Subject Name</auth:DisplayName>
+ <auth:Description>The subject distinguished name from a certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
+ <auth:DisplayName>V2 Template Name</auth:DisplayName>
+ <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
+ <auth:DisplayName>V1 Template Name</auth:DisplayName>
+ <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
+ <auth:DisplayName>Thumbprint</auth:DisplayName>
+ <auth:Description>Thumbprint of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
+ <auth:DisplayName>X.509 Version</auth:DisplayName>
+ <auth:Description>The X.509 format version of a certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
+ <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
+ <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
+ <auth:DisplayName>Password Expiration Time</auth:DisplayName>
+ <auth:Description>Used to display the time when the password expires</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
+ <auth:DisplayName>Password Expiration Days</auth:DisplayName>
+ <auth:Description>Used to display the number of days to password expiry</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
+ <auth:DisplayName>Update Password URL</auth:DisplayName>
+ <auth:Description>Used to display the web address of update password service</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
+ <auth:DisplayName>Authentication Methods References</auth:DisplayName>
+ <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
+ <auth:DisplayName>Client Request ID</auth:DisplayName>
+ <auth:Description>Identifier for a user session</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2013/11/alternateloginid" Optional="true">
+ <auth:DisplayName>Alternate Login ID</auth:DisplayName>
+ <auth:Description>Alternate login ID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://liu.se/claims/eduPersonScopedAffiliation" Optional="true">
+ <auth:DisplayName>eduPersonScopedAffiliation</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://liu.se/claims/Department" Optional="true">
+ <auth:DisplayName>Department</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://liu.se/claims/IdentityNumber" Optional="true">
+ <auth:DisplayName>IdentityNumber</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/otherphone" Optional="true">
+ <auth:DisplayName>telephoneNumber</auth:DisplayName>
+ <auth:Description>(telephoneNumber in X.500 Person) Secondary or work telephone number of a subject. According to X.500(2001): “This attribute type specifies an office/campus telephone number associated with a person.” Attribute values should follow the agreed format for international telephone numbers, e.g. +44 71 123 4567.</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://liu.se/claims/norEduPersonNIN" Optional="true">
+ <auth:DisplayName>norEduPersonNIN</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://liu.se/claims/eduPersonPrimaryAffiliation" Optional="true">
+ <auth:DisplayName>eduPersonPrimaryAffiliation</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://liu.se/claims/norEduPersonLIN" Optional="true">
+ <auth:DisplayName>norEduPersonLIN</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://liu.se/claims/extensionAttribute8" Optional="true">
+ <auth:DisplayName>extensionAttribute8</auth:DisplayName>
+ </auth:ClaimType>
+ </fed:ClaimTypesOffered>
+ <fed:SecurityTokenServiceEndpoint>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://fs.test.ad.liu.se/adfs/services/trust/2005/certificatemixed</Address>
+ <Metadata>
+ <Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex">
+ <wsx:MetadataSection xmlns="" Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex">
+ <wsx:MetadataReference>
+ <Address xmlns="http://www.w3.org/2005/08/addressing">https://fs.test.ad.liu.se/adfs/services/trust/mex</Address>
+ </wsx:MetadataReference>
+ </wsx:MetadataSection>
+ </Metadata>
+ </Metadata>
+ </EndpointReference>
+ </fed:SecurityTokenServiceEndpoint>
+ <fed:PassiveRequestorEndpoint>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://fs.test.ad.liu.se/adfs/ls/</Address>
+ </EndpointReference>
+ </fed:PassiveRequestorEndpoint>
+ </RoleDescriptor>
+ <SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <KeyDescriptor use="encryption">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIFUzCCBDugAwIBAgIQBrwqNmxAo59beehrk0v2iDANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wgQ0EgMzAeFw0xNzAxMTEwMDAwMDBaFw0yMDAxMTYxMjAwMDBaMIGRMQswCQYDVQQGEwJTRTEXMBUGA1UECAwOw5ZzdGVyZ8O2dGxhbmQxEzARBgNVBAcMCkxpbmvDtnBpbmcxIDAeBgNVBAoMF0xpbmvDtnBpbmdzIHVuaXZlcnNpdGV0MQ8wDQYDVQQLEwZMaVUtSVQxITAfBgNVBAMTGGZzZGVjcnlwdC50ZXN0LmFkLmxpdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL5HdRwreoPqeue6i43Oe1rQK59k3Ln23npqLOH1FmQJMS+L7sl3crsj2Ch9hUnYptXenbEa0mKaXf3zaUwrDa5skQZLpuVOULdw81/xNUFCqHJWbYL72699pN/3PauGQBE0R1wUu+SwtJ5gISpK9/qjY6XVIT51cfxudowgrnpyj8gqci/M43j1dakk0MesqC20AB4pfu+AmjsvcfIVZ+TLoaZy7VyV8NF/AywivdS73eJ8Xsanu3w3Xtvf7uyhTqudp5dZBgo7Ep4v7mLqja4dEaOWjnb5pQhI48DNkw0emBJ4l7ZN94BLIOI/aEsdRsRHBBzrvTdkiWB7seylHL0CAwEAAaOCAdEwggHNMB8GA1UdIwQYMBaAFGf9iCAUJ5jHCdIlGbvpURFjdVBiMB0GA1UdDgQWBBROjVmiFgVr649sDBsDiczPybJWEDAjBgNVHREEHDAaghhmc2RlY3J5cHQudGVzdC5hZC5saXUuc2UwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vVEVSRU5BU1NMQ0EzLmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1RFUkVOQVNTTENBMy5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwbgYIKwYBBQUHAQEEYjBgMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOAYIKwYBBQUHMAKGLGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xDQTMuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBADAACheuXdPONwqcxLP6GoNWa0RZaIEGX+1hNyo+wY/nZ4l+Zn5JJbVa3iA8bjIlWK78NrcVY0dEoZbUl7m8LXPU+P8CTNKkmuv0i1hxx3M7cdnttj4GfAPw5B67N+6DwuoFiqjfTUkCvsdmg0v4GQkkn98MrEJuqTvGKEDnhphUHgywS/CQ5m/dhz0EyXyLFcWBK53dih28ub8qbl6H4k531237CjEe7KgQPJYp+l+NLGL5/YRDbu88hnDezeu8xhAsddoDdAozHWsQA7czZ7hufB1TRWwLyhzyRsBm/XeomkdTXH3BrgND9iMraUrlDlwlsr3I/Mgk9cLxaDaImx4=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIFUzCCBDugAwIBAgIQBzuoMX0xjHaf6wArG8vdqjANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wgQ0EgMzAeFw0xNzAxMTEwMDAwMDBaFw0yMDAxMTYxMjAwMDBaMIGRMQswCQYDVQQGEwJTRTEXMBUGA1UECAwOw5ZzdGVyZ8O2dGxhbmQxEzARBgNVBAcMCkxpbmvDtnBpbmcxIDAeBgNVBAoMF0xpbmvDtnBpbmdzIHVuaXZlcnNpdGV0MQ8wDQYDVQQLEwZMaVUtSVQxITAfBgNVBAMTGGZzc2lnbmluZy50ZXN0LmFkLmxpdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALwrweqNxDnIm4+yoRJkUDEWf13YCxSLQ0tbnkDkGNCF9Y5nWFSjHlAqFVG3iYebLI0TSaeFDpty4NFi2vmNi+gvRdQ0KIUcOC4ymu1KPN+6O5R4LaDBrOCtQ0pnoJa5BitOGMdA0UHmpuN2uoSgFQMizwhW3FswJAgcEpemZcqbMb0S/Tf0VHQHgsiX2KpiOxF5RhQ1qjz/Jc7F52lHQrceeLqbYC2jxKYNcfJ7UkTbYBA9QnkZxFKTLjgwGj3zfE4AHflFmVbQrrDzkVpOKj2GtTnNE5Nc91CboxV8aJpFcfOLJlOYgYfi0c9UgQJyr+vzFnGddsJG0hGwZxb4kfcCAwEAAaOCAdEwggHNMB8GA1UdIwQYMBaAFGf9iCAUJ5jHCdIlGbvpURFjdVBiMB0GA1UdDgQWBBR62VEsMVgmMYFGBD8dbSGoZOVFaTAjBgNVHREEHDAaghhmc3NpZ25pbmcudGVzdC5hZC5saXUuc2UwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vVEVSRU5BU1NMQ0EzLmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1RFUkVOQVNTTENBMy5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwbgYIKwYBBQUHAQEEYjBgMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOAYIKwYBBQUHMAKGLGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xDQTMuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBAHTy++Ov5ElGuiPdxcliIfjvWPiAWSCivCq1snZ9baLDYgkyg4Z0tZoF2a6lc5yTowXcggeoI+Z/KhI/RN2VuW+acNtyu2Zv+wQFcVHeZYy4rdIBzuxuLVJsGsnJXm2rxLNnDsTe+Q+gkgcMZMYaYKitDepHFLGvEN3uQTo7zbFf9qaZKjiZnFCr7KB1ShRlunU3QM6HcVLqADvDMX8zvY8iSDJffHI3c++Y50fd3o50QQxJ0XAYVJk04khDccGIYtpEG4g3wbszSowjjArJemauuSILxmWBz/yMpqwIYPgj8yDAdaDqqhSYDYon04f4hdTE9yKwH5DEwBLrPtd+u8o=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://fs.test.ad.liu.se/adfs/ls/"/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://fs.test.ad.liu.se/adfs/ls/"/>
+ <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://fs.test.ad.liu.se/adfs/ls/" index="0" isDefault="true"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://fs.test.ad.liu.se/adfs/ls/" index="1"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://fs.test.ad.liu.se/adfs/ls/" index="2"/>
+ </SPSSODescriptor>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="sv">SWAMID Operations</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">SWAMID Operations</mdui:DisplayName>
+ </mdui:UIInfo>
+ </Extensions>
+ <KeyDescriptor use="encryption">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIFUzCCBDugAwIBAgIQBrwqNmxAo59beehrk0v2iDANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wgQ0EgMzAeFw0xNzAxMTEwMDAwMDBaFw0yMDAxMTYxMjAwMDBaMIGRMQswCQYDVQQGEwJTRTEXMBUGA1UECAwOw5ZzdGVyZ8O2dGxhbmQxEzARBgNVBAcMCkxpbmvDtnBpbmcxIDAeBgNVBAoMF0xpbmvDtnBpbmdzIHVuaXZlcnNpdGV0MQ8wDQYDVQQLEwZMaVUtSVQxITAfBgNVBAMTGGZzZGVjcnlwdC50ZXN0LmFkLmxpdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL5HdRwreoPqeue6i43Oe1rQK59k3Ln23npqLOH1FmQJMS+L7sl3crsj2Ch9hUnYptXenbEa0mKaXf3zaUwrDa5skQZLpuVOULdw81/xNUFCqHJWbYL72699pN/3PauGQBE0R1wUu+SwtJ5gISpK9/qjY6XVIT51cfxudowgrnpyj8gqci/M43j1dakk0MesqC20AB4pfu+AmjsvcfIVZ+TLoaZy7VyV8NF/AywivdS73eJ8Xsanu3w3Xtvf7uyhTqudp5dZBgo7Ep4v7mLqja4dEaOWjnb5pQhI48DNkw0emBJ4l7ZN94BLIOI/aEsdRsRHBBzrvTdkiWB7seylHL0CAwEAAaOCAdEwggHNMB8GA1UdIwQYMBaAFGf9iCAUJ5jHCdIlGbvpURFjdVBiMB0GA1UdDgQWBBROjVmiFgVr649sDBsDiczPybJWEDAjBgNVHREEHDAaghhmc2RlY3J5cHQudGVzdC5hZC5saXUuc2UwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vVEVSRU5BU1NMQ0EzLmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1RFUkVOQVNTTENBMy5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwbgYIKwYBBQUHAQEEYjBgMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOAYIKwYBBQUHMAKGLGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xDQTMuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBADAACheuXdPONwqcxLP6GoNWa0RZaIEGX+1hNyo+wY/nZ4l+Zn5JJbVa3iA8bjIlWK78NrcVY0dEoZbUl7m8LXPU+P8CTNKkmuv0i1hxx3M7cdnttj4GfAPw5B67N+6DwuoFiqjfTUkCvsdmg0v4GQkkn98MrEJuqTvGKEDnhphUHgywS/CQ5m/dhz0EyXyLFcWBK53dih28ub8qbl6H4k531237CjEe7KgQPJYp+l+NLGL5/YRDbu88hnDezeu8xhAsddoDdAozHWsQA7czZ7hufB1TRWwLyhzyRsBm/XeomkdTXH3BrgND9iMraUrlDlwlsr3I/Mgk9cLxaDaImx4=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIFUzCCBDugAwIBAgIQBzuoMX0xjHaf6wArG8vdqjANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wgQ0EgMzAeFw0xNzAxMTEwMDAwMDBaFw0yMDAxMTYxMjAwMDBaMIGRMQswCQYDVQQGEwJTRTEXMBUGA1UECAwOw5ZzdGVyZ8O2dGxhbmQxEzARBgNVBAcMCkxpbmvDtnBpbmcxIDAeBgNVBAoMF0xpbmvDtnBpbmdzIHVuaXZlcnNpdGV0MQ8wDQYDVQQLEwZMaVUtSVQxITAfBgNVBAMTGGZzc2lnbmluZy50ZXN0LmFkLmxpdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALwrweqNxDnIm4+yoRJkUDEWf13YCxSLQ0tbnkDkGNCF9Y5nWFSjHlAqFVG3iYebLI0TSaeFDpty4NFi2vmNi+gvRdQ0KIUcOC4ymu1KPN+6O5R4LaDBrOCtQ0pnoJa5BitOGMdA0UHmpuN2uoSgFQMizwhW3FswJAgcEpemZcqbMb0S/Tf0VHQHgsiX2KpiOxF5RhQ1qjz/Jc7F52lHQrceeLqbYC2jxKYNcfJ7UkTbYBA9QnkZxFKTLjgwGj3zfE4AHflFmVbQrrDzkVpOKj2GtTnNE5Nc91CboxV8aJpFcfOLJlOYgYfi0c9UgQJyr+vzFnGddsJG0hGwZxb4kfcCAwEAAaOCAdEwggHNMB8GA1UdIwQYMBaAFGf9iCAUJ5jHCdIlGbvpURFjdVBiMB0GA1UdDgQWBBR62VEsMVgmMYFGBD8dbSGoZOVFaTAjBgNVHREEHDAaghhmc3NpZ25pbmcudGVzdC5hZC5saXUuc2UwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vVEVSRU5BU1NMQ0EzLmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL1RFUkVOQVNTTENBMy5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwbgYIKwYBBQUHAQEEYjBgMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOAYIKwYBBQUHMAKGLGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9URVJFTkFTU0xDQTMuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBAHTy++Ov5ElGuiPdxcliIfjvWPiAWSCivCq1snZ9baLDYgkyg4Z0tZoF2a6lc5yTowXcggeoI+Z/KhI/RN2VuW+acNtyu2Zv+wQFcVHeZYy4rdIBzuxuLVJsGsnJXm2rxLNnDsTe+Q+gkgcMZMYaYKitDepHFLGvEN3uQTo7zbFf9qaZKjiZnFCr7KB1ShRlunU3QM6HcVLqADvDMX8zvY8iSDJffHI3c++Y50fd3o50QQxJ0XAYVJk04khDccGIYtpEG4g3wbszSowjjArJemauuSILxmWBz/yMpqwIYPgj8yDAdaDqqhSYDYon04f4hdTE9yKwH5DEwBLrPtd+u8o=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://fs.test.ad.liu.se/adfs/services/trust/artifactresolution" index="0"/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://fs.test.ad.liu.se/adfs/ls/"/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://fs.test.ad.liu.se/adfs/ls/"/>
+ <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://fs.test.ad.liu.se/adfs/ls/"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://fs.test.ad.liu.se/adfs/ls/"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Registered User"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Identifier"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration Identifier"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration DisplayName"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS type"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS Version"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Managed Device"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Forwarded Client IP"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Application"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client User Agent"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client IP"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Endpoint Path"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Proxy"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application Identifier"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application policies"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authority Key Identifier"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Basic Constraint"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Enhanced Key Usage"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Key Usage"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not After"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not Before"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Policies"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Public Key"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Raw Data"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Alternative Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Serial Number"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Signature Algorithm"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Key Identifier"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V2 Template Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V1 Template Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Thumbprint"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="X.509 Version"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Inside Corporate Network"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Time"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Days"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Update Password URL"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication Methods References"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Request ID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2013/11/alternateloginid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Alternate Login ID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://liu.se/claims/eduPersonScopedAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonScopedAffiliation"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://liu.se/claims/Department" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Department"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://liu.se/claims/IdentityNumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="IdentityNumber"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/otherphone" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="telephoneNumber"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://liu.se/claims/norEduPersonNIN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="norEduPersonNIN"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://liu.se/claims/eduPersonPrimaryAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonPrimaryAffiliation"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://liu.se/claims/norEduPersonLIN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="norEduPersonLIN"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://liu.se/claims/extensionAttribute8" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="extensionAttribute8"/>
+ </IDPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="sv">SWAMID Operations</OrganizationName>
+ <OrganizationName xml:lang="en">SWAMID Operations</OrganizationName>
+ <OrganizationDisplayName xml:lang="sv">SWAMID Operations</OrganizationDisplayName>
+ <OrganizationDisplayName xml:lang="en">SWAMID Operations</OrganizationDisplayName>
+ <OrganizationURL xml:lang="sv">http://www.example.com/</OrganizationURL>
+ </Organization>
+</EntityDescriptor>
diff --git a/swamid-2.0/hbidp.hb.se-idp-shibboleth.xml b/swamid-2.0/hbidp.hb.se-idp-shibboleth.xml
index ed05fb1f..363b70e2 100644
--- a/swamid-2.0/hbidp.hb.se-idp-shibboleth.xml
+++ b/swamid-2.0/hbidp.hb.se-idp-shibboleth.xml
@@ -1,11 +1,18 @@
<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" entityID="https://hbidp.hb.se/idp/shibboleth">
+ <Extensions>
+ <attr:EntityAttributes xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <saml:AttributeValue>http://refeds.org/category/hide-from-discovery</saml:AttributeValue>
+ </saml:Attribute>
+ </attr:EntityAttributes>
+ </Extensions>
<IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
<Extensions>
<shibmd:Scope regexp="false">hb.se</shibmd:Scope>
<mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
- <mdui:DisplayName xml:lang="sv">Högskolan i Borås</mdui:DisplayName>
- <mdui:DisplayName xml:lang="en">University of Borås</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="sv">Högskolan i Borås - Old</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">University of Borås - Old</mdui:DisplayName>
<mdui:Description xml:lang="sv">Identity Provider för anställda och studenter vid Högskolan i Borås.</mdui:Description>
<mdui:Description xml:lang="en">Identity Provider for employees and students at Borås University.</mdui:Description>
<mdui:InformationURL xml:lang="sv">http://www.hb.se/Om-hogskolan/</mdui:InformationURL>
@@ -129,8 +136,8 @@ NtlzTU8oxWfErMa+Y2BMXWIALruQgeQrFxbO/k4RoPBHRvCul0uUsxak1IFtfT0x
</AttributeAuthorityDescriptor>
<Organization>
<OrganizationName xml:lang="en">HB</OrganizationName>
- <OrganizationDisplayName xml:lang="sv">Högskolan i Borås</OrganizationDisplayName>
- <OrganizationDisplayName xml:lang="en">University of Borås</OrganizationDisplayName>
+ <OrganizationDisplayName xml:lang="sv">Högskolan i Borås - Old</OrganizationDisplayName>
+ <OrganizationDisplayName xml:lang="en">University of Borås - Old</OrganizationDisplayName>
<OrganizationURL xml:lang="en">http://www.hb.se</OrganizationURL>
</Organization>
<ContactPerson contactType="administrative">
diff --git a/swamid-2.0/idp.hb.se-idp-shibboleth.xml b/swamid-2.0/idp.hb.se-idp-shibboleth.xml
index e62183c9..5454bc56 100644
--- a/swamid-2.0/idp.hb.se-idp-shibboleth.xml
+++ b/swamid-2.0/idp.hb.se-idp-shibboleth.xml
@@ -4,8 +4,8 @@
<Extensions>
<shibmd:Scope regexp="false">hb.se</shibmd:Scope>
<mdui:UIInfo>
- <mdui:DisplayName xml:lang="sv">Högskolan i Borås - Test</mdui:DisplayName>
- <mdui:DisplayName xml:lang="en">University of Borås - Test</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="sv">Högskolan i Borås</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">University of Borås</mdui:DisplayName>
<mdui:Description xml:lang="sv">Identity Provider för anställda och studenter vid Högskolan i Borås.</mdui:Description>
<mdui:Description xml:lang="en">Identity Provider for employees and students at Borås University.</mdui:Description>
<mdui:InformationURL xml:lang="sv">http://www.hb.se/Om-hogskolan/</mdui:InformationURL>
@@ -208,8 +208,8 @@ hdayeb3tw8qRMHjEVgFSXDHRlA==
</AttributeAuthorityDescriptor>
<Organization>
<OrganizationName xml:lang="en">HB</OrganizationName>
- <OrganizationDisplayName xml:lang="sv">Högskolan i Borås - Test</OrganizationDisplayName>
- <OrganizationDisplayName xml:lang="en">University of Borås - Test</OrganizationDisplayName>
+ <OrganizationDisplayName xml:lang="sv">Högskolan i Borås</OrganizationDisplayName>
+ <OrganizationDisplayName xml:lang="en">University of Borås</OrganizationDisplayName>
<OrganizationURL xml:lang="en">http://www.hb.se</OrganizationURL>
</Organization>
<ContactPerson contactType="administrative">
diff --git a/swamid-2.0/idp.hv.se-idp-shibboleth.xml b/swamid-2.0/idp.hv.se-idp-shibboleth.xml
index ed54accf..d0e32328 100644
--- a/swamid-2.0/idp.hv.se-idp-shibboleth.xml
+++ b/swamid-2.0/idp.hv.se-idp-shibboleth.xml
@@ -1,18 +1,11 @@
<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://idp.hv.se/idp/shibboleth">
- <Extensions>
- <attr:EntityAttributes xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute">
- <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
- <saml:AttributeValue>http://refeds.org/category/hide-from-discovery</saml:AttributeValue>
- </saml:Attribute>
- </attr:EntityAttributes>
- </Extensions>
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
<Extensions>
<shibmd:Scope regexp="false">hv.se</shibmd:Scope>
<mdui:UIInfo>
- <mdui:DisplayName xml:lang="sv">Högskolan Väst ny</mdui:DisplayName>
- <mdui:DisplayName xml:lang="en">University West new</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="sv">Högskolan Väst</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">University West</mdui:DisplayName>
<mdui:Description xml:lang="sv">Identity Provider för Högskolan Väst</mdui:Description>
<mdui:Description xml:lang="en">Identity Provider for University West</mdui:Description>
<mdui:InformationURL xml:lang="sv">http://www.hv.se</mdui:InformationURL>
@@ -199,8 +192,8 @@ UPUl28rgefbQLT1QQewXqiTPqg==
<Organization>
<OrganizationName xml:lang="sv">HV</OrganizationName>
<OrganizationName xml:lang="en">HV</OrganizationName>
- <OrganizationDisplayName xml:lang="sv">Högskolan Väst ny</OrganizationDisplayName>
- <OrganizationDisplayName xml:lang="en">University West new</OrganizationDisplayName>
+ <OrganizationDisplayName xml:lang="sv">Högskolan Väst</OrganizationDisplayName>
+ <OrganizationDisplayName xml:lang="en">University West</OrganizationDisplayName>
<OrganizationURL xml:lang="sv">http://www.hv.se</OrganizationURL>
<OrganizationURL xml:lang="en">http://www.hv.se</OrganizationURL>
</Organization>
diff --git a/swamid-2.0/idp.lnu.se-idp-shibboleth.xml b/swamid-2.0/idp.lnu.se-idp-shibboleth.xml
index cf6e803f..973fc07c 100644
--- a/swamid-2.0/idp.lnu.se-idp-shibboleth.xml
+++ b/swamid-2.0/idp.lnu.se-idp-shibboleth.xml
@@ -1,5 +1,13 @@
<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" entityID="https://idp.lnu.se/idp/shibboleth">
+ <Extensions>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml:AttributeValue>http://www.swamid.se/policy/assurance/al1</saml:AttributeValue>
+ <saml:AttributeValue>http://www.swamid.se/policy/assurance/al2</saml:AttributeValue>
+ </saml:Attribute>
+ </mdattr:EntityAttributes>
+ </Extensions>
<IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
<Extensions>
<shibmd:Scope regexp="false">lnu.se</shibmd:Scope>
@@ -9,10 +17,10 @@
<mdui:Description xml:lang="sv">Identity Provider för anställda och studenter vid Linnéuniversitetet.</mdui:Description>
<mdui:Description xml:lang="en">The Linnaeus University Identity Provider is used by employees and students at the university.</mdui:Description>
<mdui:InformationURL xml:lang="sv">https://lnu.se/</mdui:InformationURL>
- <mdui:InformationURL xml:lang="en">https://lnu.se/?l=en</mdui:InformationURL>
- <mdui:Logo height="55" width="361">https://idp.qa.lnu.se/logo_swamid.png</mdui:Logo>
- <mdui:Logo xml:lang="sv" height="55" width="361">https://idp.qa.lnu.se/logo_swamid.png</mdui:Logo>
- <mdui:Logo xml:lang="en" height="55" width="361">https://idp.qa.lnu.se/logo_swamid.png</mdui:Logo>
+ <mdui:InformationURL xml:lang="en">https://lnu.se/en</mdui:InformationURL>
+ <mdui:Logo height="55" width="361">https://idp.lnu.se/logo_swamid.png</mdui:Logo>
+ <mdui:Logo xml:lang="sv" height="55" width="361">https://idp.lnu.se/logo_swamid.png</mdui:Logo>
+ <mdui:Logo xml:lang="en" height="55" width="361">https://idp.lnu.se/logo_swamid_en.png</mdui:Logo>
<mdui:Keywords xml:lang="sv">lnu linné linnæus linne linnaeus linneuniversitetet linnaeus+university</mdui:Keywords>
<mdui:Keywords xml:lang="en">lnu linné linnæus linne linnaeus linneuniversitetet linnaeus+university</mdui:Keywords>
</mdui:UIInfo>
diff --git a/swamid-2.0/idp.mdh.se-idp-shibboleth.xml b/swamid-2.0/idp.mdh.se-idp-shibboleth.xml
index f831711e..6a4a63df 100644
--- a/swamid-2.0/idp.mdh.se-idp-shibboleth.xml
+++ b/swamid-2.0/idp.mdh.se-idp-shibboleth.xml
@@ -1,12 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://idp.mdh.se/idp/shibboleth">
- <Extensions>
- <attr:EntityAttributes xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute">
- <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
- <saml:AttributeValue>http://refeds.org/category/hide-from-discovery</saml:AttributeValue>
- </saml:Attribute>
- </attr:EntityAttributes>
- </Extensions>
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
<Extensions>
<shibmd:Scope regexp="false">mdh.se</shibmd:Scope>
diff --git a/swamid-2.0/idp2.hv.se-idp-shibboleth.xml b/swamid-2.0/idp2.hv.se-idp-shibboleth.xml
index 6e1227d3..aee524e7 100644
--- a/swamid-2.0/idp2.hv.se-idp-shibboleth.xml
+++ b/swamid-2.0/idp2.hv.se-idp-shibboleth.xml
@@ -1,11 +1,18 @@
<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" entityID="https://idp2.hv.se/idp/shibboleth">
+ <Extensions>
+ <attr:EntityAttributes xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <saml:AttributeValue>http://refeds.org/category/hide-from-discovery</saml:AttributeValue>
+ </saml:Attribute>
+ </attr:EntityAttributes>
+ </Extensions>
<IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
<Extensions>
<shibmd:Scope regexp="false">hv.se</shibmd:Scope>
<mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
- <mdui:DisplayName xml:lang="sv">Högskolan Väst</mdui:DisplayName>
- <mdui:DisplayName xml:lang="en">University West</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="sv">Högskolan Väst gammal</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">University West old</mdui:DisplayName>
<mdui:Description xml:lang="sv">Identity Provider för Högskolan Väst</mdui:Description>
<mdui:Description xml:lang="en">Identity Provider for University West</mdui:Description>
<mdui:InformationURL xml:lang="sv">http://www.hv.se</mdui:InformationURL>
@@ -100,8 +107,8 @@ aRQKNbVQdPN5ht6TrINjDQ==
<Organization>
<OrganizationName xml:lang="sv">HV</OrganizationName>
<OrganizationName xml:lang="en">HV</OrganizationName>
- <OrganizationDisplayName xml:lang="sv">Högskolan Väst</OrganizationDisplayName>
- <OrganizationDisplayName xml:lang="en">University West</OrganizationDisplayName>
+ <OrganizationDisplayName xml:lang="sv">Högskolan Väst gammal</OrganizationDisplayName>
+ <OrganizationDisplayName xml:lang="en">University West old</OrganizationDisplayName>
<OrganizationURL xml:lang="sv">http://www.hv.se</OrganizationURL>
<OrganizationURL xml:lang="en">http://www.hv.se</OrganizationURL>
</Organization>
diff --git a/swamid-2.0/ilearn.dsv.su.se-shibboleth.xml b/swamid-2.0/ilearn.dsv.su.se-shibboleth.xml
deleted file mode 100644
index 4bfc76d3..00000000
--- a/swamid-2.0/ilearn.dsv.su.se-shibboleth.xml
+++ /dev/null
@@ -1,77 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://ilearn.dsv.su.se/shibboleth">
- <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
- <md:KeyDescriptor use="signing">
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:KeyName>pan.dsv.su.se</ds:KeyName>
- <ds:X509Data>
- <ds:X509SubjectName>CN=pan.dsv.su.se</ds:X509SubjectName>
- <ds:X509IssuerSerial>
- <ds:X509IssuerName>CN=pan.dsv.su.se</ds:X509IssuerName>
- <ds:X509SerialNumber>13417180552340548855</ds:X509SerialNumber>
- </ds:X509IssuerSerial>
- <ds:X509Certificate>MIIC7jCCAdagAwIBAgIJALozZqAFiaz3MA0GCSqGSIb3DQEBBQUAMBgxFjAUBgNV
-BAMTDXBhbi5kc3Yuc3Uuc2UwHhcNMTAwNjA0MDgwMDUzWhcNMjAwNjAxMDgwMDUz
-WjAYMRYwFAYDVQQDEw1wYW4uZHN2LnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEAv0jTLfuWDkerKBwzpSnFgaA5hwn4/HqbRlPFpS2uuCLGf4V+
-fuVNPITYSNQNRgtguX2jicL9H7epbVal5H8EqV1lnvhfBrtyc6VjYZmPGPg4mZKL
-tTdjXbFh+Ox7GAlv1VlddDCzt21Dpwcd/XwYLLiOl9rrrOfw7XdI3VTUvruqddid
-Ti9BB3Cz0H7dAXC0Ov3yHtTwxha7LYnfgU9IKpwLbatAnkb+cLqpR4p6s2oQdifs
-xB3qvamwfeJCgON/YLlMs39flPWBAj3S6IZf+Yoj8eJTcMl6vg7fwzJq57k9PytH
-zcp8RlmkhKnEsBhQzlMdaCgLGwdh+hz9DTeb8wIDAQABozswOTAYBgNVHREEETAP
-gg1wYW4uZHN2LnN1LnNlMB0GA1UdDgQWBBQnmOAsunBuQ8CYD5q2lBGvcS3F+TAN
-BgkqhkiG9w0BAQUFAAOCAQEAQ930qHYaweXcDHv0S83I6EPkSUztAhVh1uIUEbaQ
-a9ArOWNkw57SZgZnizzObYAB01RKVW/jLcvdLHaaZVWjrQr8Xfg/Z8D9cqPed9oc
-PcabZ3dJCvMWKa8x/HWcuGPngPfJs/qj0ISRPNjUTijKNrqSu7SzPC+ai05nYzv1
-UBxxfbelEckoB4Dow/dp0LQlNY3xmW/EYi/LEBGyHbflfqyOPzlVtbPH27SgGCYk
-OcpK5+wCC4cqL9AEJyAIhV+B5/BdGMcrFA7xaGxzO6fOM/9Ggkm3cXNm0TpVe/pG
-TBh7fImpEOudLS4QjaA5rtWj2ytVmBe/91pCYVUjqef5JA==
-</ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- </md:KeyDescriptor>
- <md:KeyDescriptor use="encryption">
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:KeyName>pan.dsv.su.se</ds:KeyName>
- <ds:X509Data>
- <ds:X509SubjectName>CN=pan.dsv.su.se</ds:X509SubjectName>
- <ds:X509IssuerSerial>
- <ds:X509IssuerName>CN=pan.dsv.su.se</ds:X509IssuerName>
- <ds:X509SerialNumber>13417180552340548855</ds:X509SerialNumber>
- </ds:X509IssuerSerial>
- <ds:X509Certificate>MIIC7jCCAdagAwIBAgIJALozZqAFiaz3MA0GCSqGSIb3DQEBBQUAMBgxFjAUBgNV
-BAMTDXBhbi5kc3Yuc3Uuc2UwHhcNMTAwNjA0MDgwMDUzWhcNMjAwNjAxMDgwMDUz
-WjAYMRYwFAYDVQQDEw1wYW4uZHN2LnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEAv0jTLfuWDkerKBwzpSnFgaA5hwn4/HqbRlPFpS2uuCLGf4V+
-fuVNPITYSNQNRgtguX2jicL9H7epbVal5H8EqV1lnvhfBrtyc6VjYZmPGPg4mZKL
-tTdjXbFh+Ox7GAlv1VlddDCzt21Dpwcd/XwYLLiOl9rrrOfw7XdI3VTUvruqddid
-Ti9BB3Cz0H7dAXC0Ov3yHtTwxha7LYnfgU9IKpwLbatAnkb+cLqpR4p6s2oQdifs
-xB3qvamwfeJCgON/YLlMs39flPWBAj3S6IZf+Yoj8eJTcMl6vg7fwzJq57k9PytH
-zcp8RlmkhKnEsBhQzlMdaCgLGwdh+hz9DTeb8wIDAQABozswOTAYBgNVHREEETAP
-gg1wYW4uZHN2LnN1LnNlMB0GA1UdDgQWBBQnmOAsunBuQ8CYD5q2lBGvcS3F+TAN
-BgkqhkiG9w0BAQUFAAOCAQEAQ930qHYaweXcDHv0S83I6EPkSUztAhVh1uIUEbaQ
-a9ArOWNkw57SZgZnizzObYAB01RKVW/jLcvdLHaaZVWjrQr8Xfg/Z8D9cqPed9oc
-PcabZ3dJCvMWKa8x/HWcuGPngPfJs/qj0ISRPNjUTijKNrqSu7SzPC+ai05nYzv1
-UBxxfbelEckoB4Dow/dp0LQlNY3xmW/EYi/LEBGyHbflfqyOPzlVtbPH27SgGCYk
-OcpK5+wCC4cqL9AEJyAIhV+B5/BdGMcrFA7xaGxzO6fOM/9Ggkm3cXNm0TpVe/pG
-TBh7fImpEOudLS4QjaA5rtWj2ytVmBe/91pCYVUjqef5JA==
-</ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- </md:KeyDescriptor>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ilearn.dsv.su.se/Shibboleth.sso/SLO/SOAP"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://ilearn.dsv.su.se/Shibboleth.sso/SLO/Redirect"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ilearn.dsv.su.se/Shibboleth.sso/SLO/POST"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ilearn.dsv.su.se/Shibboleth.sso/SLO/Artifact"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ilearn.dsv.su.se/Shibboleth.sso/NIM/SOAP"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://ilearn.dsv.su.se/Shibboleth.sso/NIM/Redirect"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ilearn.dsv.su.se/Shibboleth.sso/NIM/POST"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ilearn.dsv.su.se/Shibboleth.sso/NIM/Artifact"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ilearn.dsv.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://ilearn.dsv.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ilearn.dsv.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://ilearn.dsv.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ilearn.dsv.su.se/Shibboleth.sso/SAML/POST" index="5"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://ilearn.dsv.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
- </md:SPSSODescriptor>
-</md:EntityDescriptor>
diff --git a/swamid-2.0/indico.uu.se-shibboleth.xml b/swamid-2.0/indico.uu.se-shibboleth.xml
index c4b1f617..5226b6d3 100644
--- a/swamid-2.0/indico.uu.se-shibboleth.xml
+++ b/swamid-2.0/indico.uu.se-shibboleth.xml
@@ -22,6 +22,7 @@
<samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
<samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
<samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue>
+ <samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue>
</samla:Attribute>
</mdattr:EntityAttributes>
</md:Extensions>
@@ -34,7 +35,11 @@
<mdui:DisplayName xml:lang="en">Indico</mdui:DisplayName>
<mdui:Description xml:lang="sv">Indico är ett evenemangshanteringssystem för möten, konferenser och föreläsningar.</mdui:Description>
<mdui:Description xml:lang="en">Indico is an event management system for meetings, conferences and lectures.</mdui:Description>
- <mdui:Logo height="52" width="196">https://indico.uu.se/images/logo_indico.png</mdui:Logo>
+ <mdui:Logo xml:lang="sv" height="52" width="196">https://indico.uu.se/images/logo_indico.png</mdui:Logo>
+ <mdui:Logo xml:lang="en" height="52" width="196">https://indico.uu.se/images/logo_indico.png</mdui:Logo>
+ <mdui:InformationURL xml:lang="en">https://indico.uu.se/about</mdui:InformationURL>
+ <mdui:PrivacyStatementURL xml:lang="en">https://indico.uu.se/static/custom/privacy-policy-en</mdui:PrivacyStatementURL>
+ <mdui:PrivacyStatementURL xml:lang="sv">https://indico.uu.se/static/custom/privacy-policy-sv</mdui:PrivacyStatementURL>
</mdui:UIInfo>
</md:Extensions>
<md:KeyDescriptor>
@@ -101,4 +106,9 @@ S8+ySBPOBAlDD/+hnhDiWa82S9gWdmu9m9eFNZhK65BrqXq6ogD9wpznTB/+AbQ=
<md:SurName>Wiberg</md:SurName>
<md:EmailAddress>mailto:bjorn.wiberg@uadm.uu.se</md:EmailAddress>
</md:ContactPerson>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>Björn</md:GivenName>
+ <md:SurName>Wiberg</md:SurName>
+ <md:EmailAddress>mailto:bjorn.wiberg@uadm.uu.se</md:EmailAddress>
+ </md:ContactPerson>
</md:EntityDescriptor>
diff --git a/swamid-2.0/juridicum.blackboard.com-auth-saml-saml-SSO.xml b/swamid-2.0/juridicum.blackboard.com-auth-saml-saml-SSO.xml
new file mode 100644
index 00000000..26a8528e
--- /dev/null
+++ b/swamid-2.0/juridicum.blackboard.com-auth-saml-saml-SSO.xml
@@ -0,0 +1,91 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://juridicum.blackboard.com/auth-saml/saml/SSO">
+ <md:Extensions>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <saml:AttributeValue>http://refeds.org/category/research-and-scholarship</saml:AttributeValue>
+ <saml:AttributeValue>http://www.swamid.se/category/research-and-education</saml:AttributeValue>
+ <saml:AttributeValue>http://www.swamid.se/category/sfs-1993-1153</saml:AttributeValue>
+ </saml:Attribute>
+ </mdattr:EntityAttributes>
+ </md:Extensions>
+ <md:SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <idpdisco:DiscoveryResponse xmlns:idpdisco="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://juridicum.blackboard.com/auth-saml/saml/login?disco=true" index="1"/>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="en">Juridiska fakultetens läroplattform</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="sv">Learning management system for the Faculty of Law</mdui:DisplayName>
+ <mdui:Description xml:lang="en">Juridiska fakultetens läroplattform</mdui:Description>
+ <mdui:Description xml:lang="sv">Juridiska fakultetens läroplattform</mdui:Description>
+ </mdui:UIInfo>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>MIICrTCCAZWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9CbGFja2JvYXJkIFNB
+TUwwHhcNMTcwNTMxMTQwNzIyWhcNMjcwNTMxMTQwNzIyWjAaMRgwFgYDVQQDEw9CbGFja2JvYXJk
+IFNBTUwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVuC7Xp2wi/98w0yyaA1OaJeoB
+Nn94jYZVlz6713LE/rnFBZZltkYpCJuMId75a7oplJsFTEFYC8jpXOeQ0G31lsyx6RvdoGiVVg+/
+/WUeixjU69I8pwhaGQIr4gEgmU8FWyvGaK0O/LpRw/OdvrGeDi/xTkVPD2mlpOuBX8SHJOlN0oKs
+156F/Zi9IT1TYVWK584yO6951CqLcI2t5U9MAseJNXmOywMrEw9Z1ecZncosjT35jZyLWCzUtXz2
+/y1NpKqcxqYvN6TDsl7VFGadJEIX6lQv8sEhjek5AaVkFxi5UHBpu1PmtuL3umPAW0Nj9M6peE1s
+aBb02VV8gDLFAgMBAAEwDQYJKoZIhvcNAQELBQADggEBACIbJPspFmNmUUCStIc4+zisnoeEHY5W
+9VojrugTF8sxa+b3CQG3lXUE8noaZXrDhqZ6m744rp14Hd1z/RufQ4EXZiy01EozIy5N74KDL9VA
+Ql60gANUbdBJS8xIdNe87hJQW/5zsBGPcpc3Sl8YnRhw1q1hx9of1NVKhjetWK846FJyG+ikKaY1
+UNnvJmUo4l69EduSLCWCi6GzCy56BC/E2g+utifY4RDiRhfFr1myMK2Xn0iiFZnUo4Q2Iseb6DpD
+0TeAvrYx85tPLHLWxaBBE/zum3Sw37DTOejigTjgWjm5lVYcsGS93L3XTiOBZSDzOh7ZtVnn/o+t
+PTppbqE=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>MIICrTCCAZWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9CbGFja2JvYXJkIFNB
+TUwwHhcNMTcwNTMxMTQwNzIyWhcNMjcwNTMxMTQwNzIyWjAaMRgwFgYDVQQDEw9CbGFja2JvYXJk
+IFNBTUwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVuC7Xp2wi/98w0yyaA1OaJeoB
+Nn94jYZVlz6713LE/rnFBZZltkYpCJuMId75a7oplJsFTEFYC8jpXOeQ0G31lsyx6RvdoGiVVg+/
+/WUeixjU69I8pwhaGQIr4gEgmU8FWyvGaK0O/LpRw/OdvrGeDi/xTkVPD2mlpOuBX8SHJOlN0oKs
+156F/Zi9IT1TYVWK584yO6951CqLcI2t5U9MAseJNXmOywMrEw9Z1ecZncosjT35jZyLWCzUtXz2
+/y1NpKqcxqYvN6TDsl7VFGadJEIX6lQv8sEhjek5AaVkFxi5UHBpu1PmtuL3umPAW0Nj9M6peE1s
+aBb02VV8gDLFAgMBAAEwDQYJKoZIhvcNAQELBQADggEBACIbJPspFmNmUUCStIc4+zisnoeEHY5W
+9VojrugTF8sxa+b3CQG3lXUE8noaZXrDhqZ6m744rp14Hd1z/RufQ4EXZiy01EozIy5N74KDL9VA
+Ql60gANUbdBJS8xIdNe87hJQW/5zsBGPcpc3Sl8YnRhw1q1hx9of1NVKhjetWK846FJyG+ikKaY1
+UNnvJmUo4l69EduSLCWCi6GzCy56BC/E2g+utifY4RDiRhfFr1myMK2Xn0iiFZnUo4Q2Iseb6DpD
+0TeAvrYx85tPLHLWxaBBE/zum3Sw37DTOejigTjgWjm5lVYcsGS93L3XTiOBZSDzOh7ZtVnn/o+t
+PTppbqE=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://juridicum.blackboard.com/auth-saml/saml/SingleLogout"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://juridicum.blackboard.com/auth-saml/saml/SingleLogout"/>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName</md:NameIDFormat>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://juridicum.blackboard.com/auth-saml/saml/SSO" index="0" isDefault="true"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://juridicum.blackboard.com/auth-saml/saml/SSO" index="1"/>
+ </md:SPSSODescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">LU</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="sv">Lunds universitet</md:OrganizationDisplayName>
+ <md:OrganizationDisplayName xml:lang="en">Lund University</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">http://www.lu.se/</md:OrganizationURL>
+ </md:Organization>
+ <md:ContactPerson contactType="administrative">
+ <md:Company>Lund University</md:Company>
+ <md:SurName>Stefan Bengtsson</md:SurName>
+ <md:EmailAddress>mailto:stefan.bengtsson@jur.lu.se</md:EmailAddress>
+ </md:ContactPerson>
+ <md:ContactPerson contactType="technical">
+ <md:Company>Lund University</md:Company>
+ <md:SurName>Stefan Bengtsson</md:SurName>
+ <md:EmailAddress>mailto:stefan.bengtsson@jur.lu.se</md:EmailAddress>
+ </md:ContactPerson>
+ <md:ContactPerson contactType="support">
+ <md:Company>Lund University</md:Company>
+ <md:SurName>Stefan Bengtsson</md:SurName>
+ <md:EmailAddress>mailto:stefan.bengtsson@jur.lu.se</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/login.du.se-idp-shibboleth.xml b/swamid-2.0/login.du.se-idp-shibboleth.xml
index 2871d85d..83ba9043 100644
--- a/swamid-2.0/login.du.se-idp-shibboleth.xml
+++ b/swamid-2.0/login.du.se-idp-shibboleth.xml
@@ -4,6 +4,7 @@
<attr:EntityAttributes xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute">
<saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml:AttributeValue>http://www.swamid.se/policy/assurance/al1</saml:AttributeValue>
+ <saml:AttributeValue>http://www.swamid.se/policy/assurance/al2</saml:AttributeValue>
</saml:Attribute>
</attr:EntityAttributes>
</Extensions>
diff --git a/swamid-2.0/login.it.liu.se-idp-shibboleth.xml b/swamid-2.0/login.it.liu.se-idp-shibboleth.xml
index 51174d9a..0a75155e 100644
--- a/swamid-2.0/login.it.liu.se-idp-shibboleth.xml
+++ b/swamid-2.0/login.it.liu.se-idp-shibboleth.xml
@@ -2,6 +2,10 @@
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://login.it.liu.se/idp/shibboleth">
<md:Extensions>
<mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
+ <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml:AttributeValue>http://www.swamid.se/policy/assurance/al1</saml:AttributeValue>
+ <saml:AttributeValue>http://www.swamid.se/policy/assurance/al2</saml:AttributeValue>
+ </saml:Attribute>
<saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category-support">
<saml:AttributeValue>http://refeds.org/category/research-and-scholarship</saml:AttributeValue>
<saml:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</saml:AttributeValue>
diff --git a/swamid-2.0/luvit.ced.lu.se-shibboleth.xml b/swamid-2.0/luvit.ced.lu.se-shibboleth.xml
deleted file mode 100644
index 211ee568..00000000
--- a/swamid-2.0/luvit.ced.lu.se-shibboleth.xml
+++ /dev/null
@@ -1,91 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://luvit.ced.lu.se/shibboleth">
- <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
- <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
- <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
- <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
- <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
- <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
- <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
- <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
- <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
- </samla:Attribute>
- </mdattr:EntityAttributes>
- </md:Extensions>
- <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
- <md:Extensions>
- <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="http://luvit.ced.lu.se/Shibboleth.sso/Login-lu"/>
- <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="http://luvit.ced.lu.se/Shibboleth.sso/Login-swamid" index="1"/>
- <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
- <mdui:DisplayName xml:lang="sv">Lunds universitet LUVIT</mdui:DisplayName>
- <mdui:DisplayName xml:lang="en">Lund University LUVIT</mdui:DisplayName>
- <mdui:Description xml:lang="sv">Miljön är utformad för såväl kursdeltagare som utbildare och administratörer för att kunna skapa, hantera, få tillgång till, administrera och deltaga i nätbaserade kurser eller nätbaserade aktiviteter i blandade kurser.</mdui:Description>
- <mdui:Description xml:lang="en">The environment is created for course participants as well as for educators and administrators in order to create, manage, overview, obtain, administrate and participate in online courses or in online course activities in mixed courses.</mdui:Description>
- </mdui:UIInfo>
- </md:Extensions>
- <md:KeyDescriptor>
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:KeyName>uwap122.uw.lu.se</ds:KeyName>
- <ds:X509Data>
- <ds:X509SubjectName>CN=uwap122.uw.lu.se</ds:X509SubjectName>
- <ds:X509Certificate>MIIC9zCCAd+gAwIBAgIJALDUiCW01jNBMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV
-BAMTEHV3YXAxMjIudXcubHUuc2UwHhcNMTUwNjEyMDU1ODQ5WhcNMjUwNjA5MDU1
-ODQ5WjAbMRkwFwYDVQQDExB1d2FwMTIyLnV3Lmx1LnNlMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEAyIAAztvo5p1DLnAblJ7n2PVyA+zPuriChIeyguRF
-zHXXqWET0CrWeAmIHVS22WYT7cbVlnS0Y+82NOf0tJOaFO5EmTseozQzGHL5Dc4F
-dHFO92oo2YOLimXuuuTS8gCaTcbsFrKoLBcQHXCu8lHyMWE/zoRZJkqxRJCg0Mmu
-55jUaxUG5FSdw0kS5Td1GRALUEBzzvsS+LlLJEM7gK3cHs23qwng7mqiK2d/oSAR
-xzwHeaQqGFEBCKl3S4PHGweV8BdJVOeJzKSC7L7ND3BGWUqXq1j2XA2otRU2MZIc
-iHG0++I4ERw621OfYHduEqK7x9IcQVQWreCNEsTN3qkhFQIDAQABoz4wPDAbBgNV
-HREEFDASghB1d2FwMTIyLnV3Lmx1LnNlMB0GA1UdDgQWBBTuH02zf7l0oxRIzwqK
-RRDjwhC2ojANBgkqhkiG9w0BAQUFAAOCAQEAgiBlVk4LQDwbQ5skBi3tKk7FXK96
-yLiDgA4gR9XqD0Hq/l29Qzhya5mv3FBC9sgtV3ZJC9oH8H/jm4UuURg6iqKL7vmr
-wEGqG95E9xL2p6Jkcpi0CdjyUvkPcULlAKu/IRfRs/E1j/KtzacYEeQ3cDYD1d9F
-XvFIh3QzDURHqWL+ELZXMDSJYfjQe+7jP2w+Vu/TbF39otuREtJmYwcLOBxRvJYk
-6x3/BMwjSRXpDBttsVAClDS+Wm0A5jr5eCg7OoWNzdze74zGQpP4U7tWKZHT5bA4
-OTMXxdAawBca6aO1CpUMAwipgLVKJyNkmxV7+aPSdkp/U466LROEWhraZg==
-</ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
- </md:KeyDescriptor>
- <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://luvit.ced.lu.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://luvit.ced.lu.se/Shibboleth.sso/SLO/SOAP"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://luvit.ced.lu.se/Shibboleth.sso/SLO/Redirect"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://luvit.ced.lu.se/Shibboleth.sso/SLO/POST"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://luvit.ced.lu.se/Shibboleth.sso/SLO/Artifact"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://luvit.ced.lu.se/Shibboleth.sso/NIM/SOAP"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://luvit.ced.lu.se/Shibboleth.sso/NIM/Redirect"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://luvit.ced.lu.se/Shibboleth.sso/NIM/POST"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://luvit.ced.lu.se/Shibboleth.sso/NIM/Artifact"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://luvit.ced.lu.se/Shibboleth.sso/SAML2/POST" index="1"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://luvit.ced.lu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="http://luvit.ced.lu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://luvit.ced.lu.se/Shibboleth.sso/SAML/POST" index="5"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://luvit.ced.lu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
- </md:SPSSODescriptor>
- <md:ContactPerson contactType="technical">
- <md:GivenName>Sidika Basic</md:GivenName>
- <md:EmailAddress>sidika.basic@ced.lu.se</md:EmailAddress>
- </md:ContactPerson>
-</md:EntityDescriptor>
diff --git a/swamid-2.0/luvit.education.lu.se-shibboleth.xml b/swamid-2.0/luvit.education.lu.se-shibboleth.xml
index 05440de2..8a363f79 100644
--- a/swamid-2.0/luvit.education.lu.se-shibboleth.xml
+++ b/swamid-2.0/luvit.education.lu.se-shibboleth.xml
@@ -26,8 +26,8 @@
</md:Extensions>
<md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
<md:Extensions>
- <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="http://luvit.education.lu.se/Shibboleth.sso/Login-lu"/>
- <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="http://luvit.education.lu.se/Shibboleth.sso/Login-swamid" index="1"/>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://luvit.education.lu.se/Shibboleth.sso/Login-lu"/>
+ <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://luvit.education.lu.se/Shibboleth.sso/Login-swamid" index="1"/>
<mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
<mdui:DisplayName xml:lang="sv">Lunds universitet LUVIT</mdui:DisplayName>
<mdui:DisplayName xml:lang="en">Lund University LUVIT</mdui:DisplayName>
@@ -69,23 +69,29 @@ OTMXxdAawBca6aO1CpUMAwipgLVKJyNkmxV7+aPSdkp/U466LROEWhraZg==
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
</md:KeyDescriptor>
- <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://luvit.education.lu.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://luvit.education.lu.se/Shibboleth.sso/SLO/SOAP"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://luvit.education.lu.se/Shibboleth.sso/SLO/Redirect"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://luvit.education.lu.se/Shibboleth.sso/SLO/POST"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://luvit.education.lu.se/Shibboleth.sso/SLO/Artifact"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://luvit.education.lu.se/Shibboleth.sso/NIM/SOAP"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://luvit.education.lu.se/Shibboleth.sso/NIM/Redirect"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://luvit.education.lu.se/Shibboleth.sso/NIM/POST"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://luvit.education.lu.se/Shibboleth.sso/NIM/Artifact"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://luvit.education.lu.se/Shibboleth.sso/SAML2/POST" index="1"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://luvit.education.lu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="http://luvit.education.lu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://luvit.education.lu.se/Shibboleth.sso/SAML/POST" index="5"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://luvit.education.lu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://luvit.education.lu.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://luvit.education.lu.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://luvit.education.lu.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://luvit.education.lu.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://luvit.education.lu.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://luvit.education.lu.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://luvit.education.lu.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://luvit.education.lu.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://luvit.education.lu.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://luvit.education.lu.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://luvit.education.lu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://luvit.education.lu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://luvit.education.lu.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://luvit.education.lu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
</md:SPSSODescriptor>
+ <md:ContactPerson contactType="administrative">
+ <md:GivenName>Sidika</md:GivenName>
+ <md:SurName>Basic</md:SurName>
+ <md:EmailAddress>mailto:sidika.basic@ahu.lu.se</md:EmailAddress>
+ </md:ContactPerson>
<md:ContactPerson contactType="technical">
- <md:GivenName>Sidika Basic</md:GivenName>
- <md:EmailAddress>sidika.basic@ced.lu.se</md:EmailAddress>
+ <md:GivenName>Peter</md:GivenName>
+ <md:SurName>Nilsson</md:SurName>
+ <md:EmailAddress>mailto:peter.nilsson@grade.com</md:EmailAddress>
</md:ContactPerson>
</md:EntityDescriptor>
diff --git a/swamid-2.0/luvittest.ced.lu.se-shibboleth.xml b/swamid-2.0/luvittest.ced.lu.se-shibboleth.xml
deleted file mode 100644
index 73824107..00000000
--- a/swamid-2.0/luvittest.ced.lu.se-shibboleth.xml
+++ /dev/null
@@ -1,91 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://luvittest.ced.lu.se/shibboleth">
- <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
- <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
- <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
- <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
- <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
- <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
- <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
- <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
- <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
- <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
- </samla:Attribute>
- </mdattr:EntityAttributes>
- </md:Extensions>
- <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
- <md:Extensions>
- <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="http://luvittest.ced.lu.se/Shibboleth.sso/Login-lu"/>
- <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="http://luvittest.ced.lu.se/Shibboleth.sso/Login-swamid" index="1"/>
- <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
- <mdui:DisplayName xml:lang="sv">Luvit test</mdui:DisplayName>
- <mdui:DisplayName xml:lang="en">Luvit test</mdui:DisplayName>
- <mdui:Description xml:lang="sv">Testinstallation för utbildningsplattformen Luvit</mdui:Description>
- <mdui:Description xml:lang="en">Testinstallation for the e-learning platform Luvit</mdui:Description>
- </mdui:UIInfo>
- </md:Extensions>
- <md:KeyDescriptor>
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:KeyName>uwap122.uw.lu.se</ds:KeyName>
- <ds:X509Data>
- <ds:X509SubjectName>CN=uwap122.uw.lu.se</ds:X509SubjectName>
- <ds:X509Certificate>MIIC9zCCAd+gAwIBAgIJALDUiCW01jNBMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV
-BAMTEHV3YXAxMjIudXcubHUuc2UwHhcNMTUwNjEyMDU1ODQ5WhcNMjUwNjA5MDU1
-ODQ5WjAbMRkwFwYDVQQDExB1d2FwMTIyLnV3Lmx1LnNlMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEAyIAAztvo5p1DLnAblJ7n2PVyA+zPuriChIeyguRF
-zHXXqWET0CrWeAmIHVS22WYT7cbVlnS0Y+82NOf0tJOaFO5EmTseozQzGHL5Dc4F
-dHFO92oo2YOLimXuuuTS8gCaTcbsFrKoLBcQHXCu8lHyMWE/zoRZJkqxRJCg0Mmu
-55jUaxUG5FSdw0kS5Td1GRALUEBzzvsS+LlLJEM7gK3cHs23qwng7mqiK2d/oSAR
-xzwHeaQqGFEBCKl3S4PHGweV8BdJVOeJzKSC7L7ND3BGWUqXq1j2XA2otRU2MZIc
-iHG0++I4ERw621OfYHduEqK7x9IcQVQWreCNEsTN3qkhFQIDAQABoz4wPDAbBgNV
-HREEFDASghB1d2FwMTIyLnV3Lmx1LnNlMB0GA1UdDgQWBBTuH02zf7l0oxRIzwqK
-RRDjwhC2ojANBgkqhkiG9w0BAQUFAAOCAQEAgiBlVk4LQDwbQ5skBi3tKk7FXK96
-yLiDgA4gR9XqD0Hq/l29Qzhya5mv3FBC9sgtV3ZJC9oH8H/jm4UuURg6iqKL7vmr
-wEGqG95E9xL2p6Jkcpi0CdjyUvkPcULlAKu/IRfRs/E1j/KtzacYEeQ3cDYD1d9F
-XvFIh3QzDURHqWL+ELZXMDSJYfjQe+7jP2w+Vu/TbF39otuREtJmYwcLOBxRvJYk
-6x3/BMwjSRXpDBttsVAClDS+Wm0A5jr5eCg7OoWNzdze74zGQpP4U7tWKZHT5bA4
-OTMXxdAawBca6aO1CpUMAwipgLVKJyNkmxV7+aPSdkp/U466LROEWhraZg==
-</ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
- <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
- </md:KeyDescriptor>
- <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://luvittest.ced.lu.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://luvittest.ced.lu.se/Shibboleth.sso/SLO/SOAP"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://luvittest.ced.lu.se/Shibboleth.sso/SLO/Redirect"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://luvittest.ced.lu.se/Shibboleth.sso/SLO/POST"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://luvittest.ced.lu.se/Shibboleth.sso/SLO/Artifact"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://luvittest.ced.lu.se/Shibboleth.sso/NIM/SOAP"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://luvittest.ced.lu.se/Shibboleth.sso/NIM/Redirect"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://luvittest.ced.lu.se/Shibboleth.sso/NIM/POST"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://luvittest.ced.lu.se/Shibboleth.sso/NIM/Artifact"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://luvittest.ced.lu.se/Shibboleth.sso/SAML2/POST" index="1"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://luvittest.ced.lu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="http://luvittest.ced.lu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://luvittest.ced.lu.se/Shibboleth.sso/SAML/POST" index="5"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://luvittest.ced.lu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
- </md:SPSSODescriptor>
- <md:ContactPerson contactType="technical">
- <md:GivenName>Peter Nilsson</md:GivenName>
- <md:EmailAddress>peter.nilsson@grade.com</md:EmailAddress>
- </md:ContactPerson>
-</md:EntityDescriptor>
diff --git a/swamid-2.0/medlem.disk.su.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml b/swamid-2.0/medlem.disk.su.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml
new file mode 100644
index 00000000..59759cb5
--- /dev/null
+++ b/swamid-2.0/medlem.disk.su.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://medlem.disk.su.se/saml/simplesamlwww/module.php/saml/sp/metadata.php/AgeraMedlem">
+ <md:Extensions>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+ <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
+ </samla:Attribute>
+ </mdattr:EntityAttributes>
+ </md:Extensions>
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="sv">Medlemsportal DISK</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Member portal DISK</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Medlemsportalen för Studentkåren DISK</mdui:Description>
+ <mdui:Description xml:lang="en">Member Portal for Student Union DISK</mdui:Description>
+ </mdui:UIInfo>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>MIID8TCCAtmgAwIBAgIJAKBlXNmonPUeMA0GCSqGSIb3DQEBCwUAMIGOMQswCQYDVQQGEwJTRTEXMBUGA1UECAwOU3RvY2tob2xtcyBMYW4xDjAMBgNVBAcMBUtpc3RhMRowGAYDVQQKDBFTdHVkZW50a2FyZW4gRElTSzEaMBgGA1UEAwwRbWVkbGVtLmRpc2suc3Uuc2UxHjAcBgkqhkiG9w0BCQEWD2luZm9AZGlzay5zdS5zZTAeFw0xNzA1MzAxMjE0MjZaFw0yNzA1MzAxMjE0MjZaMIGOMQswCQYDVQQGEwJTRTEXMBUGA1UECAwOU3RvY2tob2xtcyBMYW4xDjAMBgNVBAcMBUtpc3RhMRowGAYDVQQKDBFTdHVkZW50a2FyZW4gRElTSzEaMBgGA1UEAwwRbWVkbGVtLmRpc2suc3Uuc2UxHjAcBgkqhkiG9w0BCQEWD2luZm9AZGlzay5zdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMxCx1SHIK/64uIhrmb8JotTrE8FdMUYDyxYHbb8xGK0Ac949J0oKmAhHHI07uTZ6tARuH5/9sat2bwN7ORH7s1ZjXKloBl/Nz1wlpTTK+88nnyfr07Eyo0uyaOL8vcbkwpYj5it9oH7n9kn26hNMedGe0h1xGgojw66G4YgmEfqN6dbU/OZrhJu45RGQ4BwrUw/pg7ZSHVGaPCb3OP9hhQqfwwu4e+LcWvjAICzlG0QqBNPnXO9yLX7m9KGkX3jkRynb4ILdhaqPUrjNwsXjM4Omw/tIlYJRh406QCEYOCjGbvEu31QREViN/xzX60BdaRi9jWJwySOLhGaPfmDa70CAwEAAaNQME4wHQYDVR0OBBYEFNpE+EY7yNaL68f2x1E0wTD0ObpOMB8GA1UdIwQYMBaAFNpE+EY7yNaL68f2x1E0wTD0ObpOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAF4ffGzMvnlEin4o14JZGVe/Zh0O8iZVw3iEwUHoJWbG5gB0uB7mM3Shg7cN++SIY7oUrKF+M0R7qwVE4I+DRWmfsPAI7PdiWBCa+oAlGhtsR6x9yPc+mv9foO55S+RgBMU0iMwmmqpUjkwBWwVJUXxE7MqDlGW6G1O4ZLxdGZm4aX4eGmYsf2whp0CUX8503EOUpyVczIm9jxJ9Nh9hntkpOdX13MweXbrnYo2lQ33uKRWLUlwfcZAw0YexTdHGCRt3Idu2yWiz9Gpx49aKMmwbMPb2AdeFYXJEPTpMcrR4delGx6ICiKNflfFpqh0blTmTJg1YqRvmt3+uCu4N3n0=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>MIID8TCCAtmgAwIBAgIJAKBlXNmonPUeMA0GCSqGSIb3DQEBCwUAMIGOMQswCQYDVQQGEwJTRTEXMBUGA1UECAwOU3RvY2tob2xtcyBMYW4xDjAMBgNVBAcMBUtpc3RhMRowGAYDVQQKDBFTdHVkZW50a2FyZW4gRElTSzEaMBgGA1UEAwwRbWVkbGVtLmRpc2suc3Uuc2UxHjAcBgkqhkiG9w0BCQEWD2luZm9AZGlzay5zdS5zZTAeFw0xNzA1MzAxMjE0MjZaFw0yNzA1MzAxMjE0MjZaMIGOMQswCQYDVQQGEwJTRTEXMBUGA1UECAwOU3RvY2tob2xtcyBMYW4xDjAMBgNVBAcMBUtpc3RhMRowGAYDVQQKDBFTdHVkZW50a2FyZW4gRElTSzEaMBgGA1UEAwwRbWVkbGVtLmRpc2suc3Uuc2UxHjAcBgkqhkiG9w0BCQEWD2luZm9AZGlzay5zdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMxCx1SHIK/64uIhrmb8JotTrE8FdMUYDyxYHbb8xGK0Ac949J0oKmAhHHI07uTZ6tARuH5/9sat2bwN7ORH7s1ZjXKloBl/Nz1wlpTTK+88nnyfr07Eyo0uyaOL8vcbkwpYj5it9oH7n9kn26hNMedGe0h1xGgojw66G4YgmEfqN6dbU/OZrhJu45RGQ4BwrUw/pg7ZSHVGaPCb3OP9hhQqfwwu4e+LcWvjAICzlG0QqBNPnXO9yLX7m9KGkX3jkRynb4ILdhaqPUrjNwsXjM4Omw/tIlYJRh406QCEYOCjGbvEu31QREViN/xzX60BdaRi9jWJwySOLhGaPfmDa70CAwEAAaNQME4wHQYDVR0OBBYEFNpE+EY7yNaL68f2x1E0wTD0ObpOMB8GA1UdIwQYMBaAFNpE+EY7yNaL68f2x1E0wTD0ObpOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAF4ffGzMvnlEin4o14JZGVe/Zh0O8iZVw3iEwUHoJWbG5gB0uB7mM3Shg7cN++SIY7oUrKF+M0R7qwVE4I+DRWmfsPAI7PdiWBCa+oAlGhtsR6x9yPc+mv9foO55S+RgBMU0iMwmmqpUjkwBWwVJUXxE7MqDlGW6G1O4ZLxdGZm4aX4eGmYsf2whp0CUX8503EOUpyVczIm9jxJ9Nh9hntkpOdX13MweXbrnYo2lQ33uKRWLUlwfcZAw0YexTdHGCRt3Idu2yWiz9Gpx49aKMmwbMPb2AdeFYXJEPTpMcrR4delGx6ICiKNflfFpqh0blTmTJg1YqRvmt3+uCu4N3n0=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://medlem.disk.su.se/saml/simplesamlwww/module.php/saml/sp/saml2-logout.php/AgeraMedlem"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://medlem.disk.su.se/saml/simplesamlwww/module.php/saml/sp/saml2-acs.php/AgeraMedlem" index="0"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://medlem.disk.su.se/saml/simplesamlwww/module.php/saml/sp/saml1-acs.php/AgeraMedlem" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://medlem.disk.su.se/saml/simplesamlwww/module.php/saml/sp/saml2-acs.php/AgeraMedlem" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://medlem.disk.su.se/saml/simplesamlwww/module.php/saml/sp/saml1-acs.php/AgeraMedlem/artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser" Location="https://medlem.disk.su.se/saml/simplesamlwww/module.php/saml/sp/saml2-acs.php/AgeraMedlem" index="4"/>
+ </md:SPSSODescriptor>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>Johan</md:GivenName>
+ <md:SurName>Sölve</md:SurName>
+ <md:EmailAddress>mailto:johan@montania.se</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/sp.snd.gu.se-module.php-saml-sp-metadata.php-default-sp.xml b/swamid-2.0/sp.snd.gu.se-module.php-saml-sp-metadata.php-default-sp.xml
index 957efc4a..2397ce91 100644
--- a/swamid-2.0/sp.snd.gu.se-module.php-saml-sp-metadata.php-default-sp.xml
+++ b/swamid-2.0/sp.snd.gu.se-module.php-saml-sp-metadata.php-default-sp.xml
@@ -37,6 +37,17 @@
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sp.snd.gu.se/module.php/saml/sp/saml1-acs.php/default-sp" index="1"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.snd.gu.se/module.php/saml/sp/saml2-acs.php/default-sp" index="2"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://sp.snd.gu.se/module.php/saml/sp/saml1-acs.php/default-sp/artifact" index="3"/>
+ <md:AttributeConsumingService index="1">
+ <md:ServiceName xml:lang="en">Swedish National Data Service</md:ServiceName>
+ <md:ServiceName xml:lang="sv">Svensk Nationell Datatjänst</md:ServiceName>
+ <md:ServiceDescription xml:lang="sv">På Svensk nationell datatjänst tar vi emot forskningsdata för bevarande med syfte att göra dem tillgängliga för ny forskning.</md:ServiceDescription>
+ <md:ServiceDescription xml:lang="en">SND is a national resource that facilitates access to new and existing Swedish research data within and outside of Sweden.</md:ServiceDescription>
+ <md:RequestedAttribute FriendlyName="eduPersonPrincipalName" isRequired="true" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <md:RequestedAttribute FriendlyName="mail" isRequired="false" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <md:RequestedAttribute FriendlyName="sn" isRequired="false" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <md:RequestedAttribute FriendlyName="cn" isRequired="false" Name="urn:oid:2.5.4.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <md:RequestedAttribute FriendlyName="givenName" isRequired="false" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ </md:AttributeConsumingService>
</md:SPSSODescriptor>
<md:ContactPerson contactType="technical">
<md:GivenName>Pablo</md:GivenName>
diff --git a/swamid-2.0/stipendier.uu.se-stipendium.xml b/swamid-2.0/stipendier.uu.se-stipendium.xml
index 56910c80..cdf1d8b9 100644
--- a/swamid-2.0/stipendier.uu.se-stipendium.xml
+++ b/swamid-2.0/stipendier.uu.se-stipendium.xml
@@ -14,42 +14,32 @@
<mdui:UIInfo>
<mdui:DisplayName xml:lang="en">Scholarship</mdui:DisplayName>
<mdui:DisplayName xml:lang="sv">Stipendiehantering</mdui:DisplayName>
- <mdui:Description xml:lang="sv">
- System för att söka och hantera stipendium vid Uppsala universitet
- </mdui:Description>
- <mdui:Description xml:lang="en">
- Scholarship management system at Uppsala university
- </mdui:Description>
- <mdui:Logo height="125" width="125">
- https://stipendier.uu.se/stipendium/img/UU-logga_125x125.png
- </mdui:Logo>
- <mdui:InformationURL xml:lang="en">
- http://stipendier.uu.se/stipendium/stipac/login?lang=en
- </mdui:InformationURL>
- <mdui:InformationURL xml:lang="sv">
- http://stipendier.uu.se/stipendium/stipac/login
- </mdui:InformationURL>
+ <mdui:Description xml:lang="sv">System för att söka och hantera stipendium vid Uppsala universitet</mdui:Description>
+ <mdui:Description xml:lang="en">Scholarship management system at Uppsala university</mdui:Description>
+ <mdui:Logo height="125" width="125">https://stipendier.uu.se/stipendium/img/UU-logga_125x125.png</mdui:Logo>
+ <mdui:InformationURL xml:lang="en">http://stipendier.uu.se/stipendium/stipac/login?lang=en</mdui:InformationURL>
+ <mdui:InformationURL xml:lang="sv">http://stipendier.uu.se/stipendium/stipac/login</mdui:InformationURL>
</mdui:UIInfo>
</md:Extensions>
<md:KeyDescriptor>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
- <ds:X509Certificate>MIIDYzCCAkugAwIBAgIEXsncWDANBgkqhkiG9w0BAQsFADBiMQswCQYDVQQGEwJzZTEQMA4GA1UE
+ <ds:X509Certificate>MIIDYzCCAkugAwIBAgIEfScBOzANBgkqhkiG9w0BAQsFADBiMQswCQYDVQQGEwJzZTEQMA4GA1UE
CBMHU3ZlcmlnZTEQMA4GA1UEBxMHVXBwc2FsYTELMAkGA1UEChMCVVUxCzAJBgNVBAsTAklUMRUw
- EwYDVQQDEwxUb21teSBTdGVudmkwHhcNMTQwMTIxMTIzMzIxWhcNMTcxMDEyMTIzMzIxWjBiMQsw
+ EwYDVQQDEwxUb21teSBTdGVudmkwHhcNMTcwMzAzMDcwMDA3WhcNMzcwMjI2MDcwMDA3WjBiMQsw
CQYDVQQGEwJzZTEQMA4GA1UECBMHU3ZlcmlnZTEQMA4GA1UEBxMHVXBwc2FsYTELMAkGA1UEChMC
VVUxCzAJBgNVBAsTAklUMRUwEwYDVQQDEwxUb21teSBTdGVudmkwggEiMA0GCSqGSIb3DQEBAQUA
- A4IBDwAwggEKAoIBAQCYm9zOwWOyPzD3W2ophyDRR2YKEuWdP1ZzQAUf7nwBRa0sf62UODcvavGJ
- FK+yVjdtDayls5KPyIfHiW0vJAjWPrhCRE/Nk4pCyPhEbVhBtSA/JfXUEtB9Otf79G8PmxCJGfUN
- TeaFIl1PhEjQtQGS9IHe/N0P/Gxn9hJL+452ePbScB0hpC2/Z61GV2GDmz8l8g2FS4BXC/OxpqkR
- TfWqVvO7h8UJrrPfntqLTEHpD9Ex0LAy9RBXAj/4eUt8obzr84IJLITF875icjXyRcq0510gtGAr
- LytJxy/5KQ/Y2rUVfVBSg3m4C5BRiTAKjNncx+JFhq665tyiLtOTITxPAgMBAAGjITAfMB0GA1Ud
- DgQWBBTFo53xd9YijvyHlNUZ6Gt1YLLjQTANBgkqhkiG9w0BAQsFAAOCAQEAEFmcm96wM5/SwNCj
- i5uX3XFkQ2IDqeVmAAOmY/3cRh/kXxSM1OR1rifCl4kQlHHxV/9+r1EwiJ+LIhhnBHwJLM2TVFKD
- DRm5Lq9ghRzjiKponRltsGQzdZx5b5dAsG+J3J0TWJCp+HXoO6FNbIs0WAPm2nGkICyUi+ZBmdM1
- NHqA2JtG95d1VrNeZMmou7CdUBqRIWSlQPcGhawq4tKrs/6C79JLwfDhIPidJ3V0gkVSjm1FSNC5
- DJLTyRKIJB8d1r0/RpePenawO79D5eJlDeUTpu0LcPMyCKPGVT0tFaU/TyF6Jn8CJ2ZIlybtdXtp
- lQDSN7w4inBTDBIKvjWfVg==
+ A4IBDwAwggEKAoIBAQCcxAvJuFC8orIPNpsam9iXZJekHs2dSmDd/ex50A0vf3l60cpkxg3cAMcR
+ EH5Bk+h9PSO0eRjj7pzPFE1Ok0MQEsmCljXQPcMfOOXGAD6g+cR3ZyLqiZ7k8/oog5G+S5HFAY+4
+ 7y6loEkYsJ1iLTPhgBLeoWjFP2T8S67l5WSHAeeUVEyeXfodxGA4zee3w3V9XtaNc/ldiEZnF905
+ dITQX4D5gew3Tb9ezP79+GrHQwv3Q3xWjU4EILJ6uGFcBhO0fbj7hS7GGvmzMgI9vyq10xVdUAY6
+ kFpwwnfFiJm3gkusTvluuWnyscA3RTzrNab290jrXzHQQcP1AoeA/WdjAgMBAAGjITAfMB0GA1Ud
+ DgQWBBTCDLvl0/fpImvNkS9Wsg1fZ+fu1jANBgkqhkiG9w0BAQsFAAOCAQEAHXbUQzYX7q5tE7f6
+ VuU2YtI+XFOBdrw4SE1uDcd1XeWMcBsMvcEFbeWrwhYdVlv9+ni1A3/pGgy6Do9EvJfu79Jj6QgQ
+ GdbL+RJ/8oBt09w+zGJ00m86g5JpN5l19CIi+yIVBGL1v+aK6c3AHC+9y8f2965mHk/YZknIw1xR
+ 1EXQ1/KXwlHzvBpEU3EfWRxhZ+B66zWHfekr659A3T5wCUpPWrzVCTaXh2ZNEBY95bGhuECZnVVY
+ yRw902t0AGgUk9jhJ83aMPdrSk3IZTFa5YOC9OQcwJ6nfAGXNgsn/taFleA8+GaIBwhKF95s8h1J
+ l+6u+L3FBjFOWmy9EQZdyA==
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
@@ -72,4 +62,9 @@
<md:AssertionConsumerService xmlns:hoksso="urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser" Binding="urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser" Location="https://stipendier.uu.se:443/stipendium/saml/HoKSSO/alias/defaultAlias" hoksso:ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" index="3"/>
<md:AssertionConsumerService xmlns:hoksso="urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser" Binding="urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser" Location="https://stipendier.uu.se:443/stipendium/saml/HoKSSO/alias/defaultAlias" hoksso:ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" index="4"/>
</md:SPSSODescriptor>
+ <md:ContactPerson contactType="administrative">
+ <md:GivenName>Magnus</md:GivenName>
+ <md:SurName>Stenvi</md:SurName>
+ <md:EmailAddress>mailto:tommy.stenvi@uadm.uu.se</md:EmailAddress>
+ </md:ContactPerson>
</md:EntityDescriptor>
diff --git a/swamid-2.0/sutest.dsv.su.se-shibboleth.xml b/swamid-2.0/sutest.dsv.su.se-shibboleth.xml
deleted file mode 100644
index 7f9ef5cc..00000000
--- a/swamid-2.0/sutest.dsv.su.se-shibboleth.xml
+++ /dev/null
@@ -1,75 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://sutest.dsv.su.se/shibboleth">
- <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
- <md:Extensions>
- <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sutest.dsv.su.se/Shibboleth.sso/DS/DSV" index="1"/>
- <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sutest.dsv.su.se/Shibboleth.sso/DS/SU" index="2"/>
- <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sutest.dsv.su.se/Shibboleth.sso/DS/SWAMID" index="3"/>
- </md:Extensions>
- <md:KeyDescriptor use="signing">
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:KeyName>sutest.dsv.su.se</ds:KeyName>
- <ds:X509Data>
- <ds:X509SubjectName>CN=sutest.dsv.su.se</ds:X509SubjectName>
- <ds:X509Certificate>MIIC9zCCAd+gAwIBAgIJANFaQko5QEDsMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV
-BAMTEHN1dGVzdC5kc3Yuc3Uuc2UwHhcNMTEwNjE0MTUxMDI5WhcNMjEwNjExMTUx
-MDI5WjAbMRkwFwYDVQQDExBzdXRlc3QuZHN2LnN1LnNlMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEA9dKcFUqB+h9m4Ce2+30IxJWbSuCup9EQIWDD15Ni
-u7LgB5v1lmPJvz3dNAO8oLGZc2GZ1MGC4LMTjOsOxyVBI3kK+sstXZ5HCcEXHGnN
-dawOEwMpAge81J/SU4py7fxb028I7CxBnyVTD0nQeaXYl8TwA9/Wi0fqdQrOpNY4
-Hmd2izAT3+lPSWplNYQRdiZpDmpJ5Kpe0fqvwYk7IZ0yAePBVlmNMUO7Um6ONjM8
-RiD/F0Kvl2TycXa3fHZWP5QhF8Ovkg2l+bpbr78Nvj/oqY3jGAXnCnK2qoYmb6/N
-82kJ+53n55a/2YWS71Co2L6GcdXK9RD6J6GIO5F99VLFHwIDAQABoz4wPDAbBgNV
-HREEFDASghBzdXRlc3QuZHN2LnN1LnNlMB0GA1UdDgQWBBQsUNUB8MuUgg3w4rVX
-HCQfNaFJbDANBgkqhkiG9w0BAQUFAAOCAQEATmRML430Yi9BjDHVyEpYY3mEZkYT
-LhoFdN1yC8E37VG7ilUh/rI/BSvCrxt8KSZQ+5OusLq+4jVrNsESXD7PHDFAmQZ9
-5DMGnlZnYHbi9s2Eck8Na/c/jxza0gxaXG0IGmgYkVvcbHZ4HVNM1XOrn/EbtayE
-TRrcLGU0e+HjsbcULaB40DPyKJTPJrp+77H7560BQZXylxoDpTNuiKE7lvygoSbu
-HvZVD47jmfXvB9EmZnrzECl2gYKn3BJSbXFcvFnd8346qDw0p8mOxmiFu+5GRO7d
-Ipamop1r0dxsmADb5Z3TF29YvB5OuZFPPwLKKg1tX9Nw+9199lffGUhEPg==
-</ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- </md:KeyDescriptor>
- <md:KeyDescriptor use="encryption">
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:KeyName>sutest.dsv.su.se</ds:KeyName>
- <ds:X509Data>
- <ds:X509SubjectName>CN=sutest.dsv.su.se</ds:X509SubjectName>
- <ds:X509Certificate>MIIC9zCCAd+gAwIBAgIJANFaQko5QEDsMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV
-BAMTEHN1dGVzdC5kc3Yuc3Uuc2UwHhcNMTEwNjE0MTUxMDI5WhcNMjEwNjExMTUx
-MDI5WjAbMRkwFwYDVQQDExBzdXRlc3QuZHN2LnN1LnNlMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEA9dKcFUqB+h9m4Ce2+30IxJWbSuCup9EQIWDD15Ni
-u7LgB5v1lmPJvz3dNAO8oLGZc2GZ1MGC4LMTjOsOxyVBI3kK+sstXZ5HCcEXHGnN
-dawOEwMpAge81J/SU4py7fxb028I7CxBnyVTD0nQeaXYl8TwA9/Wi0fqdQrOpNY4
-Hmd2izAT3+lPSWplNYQRdiZpDmpJ5Kpe0fqvwYk7IZ0yAePBVlmNMUO7Um6ONjM8
-RiD/F0Kvl2TycXa3fHZWP5QhF8Ovkg2l+bpbr78Nvj/oqY3jGAXnCnK2qoYmb6/N
-82kJ+53n55a/2YWS71Co2L6GcdXK9RD6J6GIO5F99VLFHwIDAQABoz4wPDAbBgNV
-HREEFDASghBzdXRlc3QuZHN2LnN1LnNlMB0GA1UdDgQWBBQsUNUB8MuUgg3w4rVX
-HCQfNaFJbDANBgkqhkiG9w0BAQUFAAOCAQEATmRML430Yi9BjDHVyEpYY3mEZkYT
-LhoFdN1yC8E37VG7ilUh/rI/BSvCrxt8KSZQ+5OusLq+4jVrNsESXD7PHDFAmQZ9
-5DMGnlZnYHbi9s2Eck8Na/c/jxza0gxaXG0IGmgYkVvcbHZ4HVNM1XOrn/EbtayE
-TRrcLGU0e+HjsbcULaB40DPyKJTPJrp+77H7560BQZXylxoDpTNuiKE7lvygoSbu
-HvZVD47jmfXvB9EmZnrzECl2gYKn3BJSbXFcvFnd8346qDw0p8mOxmiFu+5GRO7d
-Ipamop1r0dxsmADb5Z3TF29YvB5OuZFPPwLKKg1tX9Nw+9199lffGUhEPg==
-</ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- </md:KeyDescriptor>
- <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sutest.dsv.su.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sutest.dsv.su.se/Shibboleth.sso/SLO/SOAP"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sutest.dsv.su.se/Shibboleth.sso/SLO/Redirect"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sutest.dsv.su.se/Shibboleth.sso/SLO/POST"/>
- <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sutest.dsv.su.se/Shibboleth.sso/SLO/Artifact"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sutest.dsv.su.se/Shibboleth.sso/NIM/SOAP"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sutest.dsv.su.se/Shibboleth.sso/NIM/Redirect"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sutest.dsv.su.se/Shibboleth.sso/NIM/POST"/>
- <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sutest.dsv.su.se/Shibboleth.sso/NIM/Artifact"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sutest.dsv.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://sutest.dsv.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sutest.dsv.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://sutest.dsv.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sutest.dsv.su.se/Shibboleth.sso/SAML/POST" index="5"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://sutest.dsv.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
- </md:SPSSODescriptor>
-</md:EntityDescriptor>
diff --git a/swamid-2.0/tentaadmin.uhr.se-shibboleth.xml b/swamid-2.0/tentaadmin.uhr.se-shibboleth.xml
index 569c7a03..88d971d1 100644
--- a/swamid-2.0/tentaadmin.uhr.se-shibboleth.xml
+++ b/swamid-2.0/tentaadmin.uhr.se-shibboleth.xml
@@ -83,4 +83,9 @@ gA74GRgPQ3FGnqF2PkasBH+5Vkxk2rTdAroEO3WXRBOsk6JgO3lB/QY8x/lOfg==
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://tentaadmin.uhr.se/Shibboleth.sso/SAML/POST" index="5"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://tentaadmin.uhr.se/Shibboleth.sso/SAML/Artifact" index="6"/>
</md:SPSSODescriptor>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>Anders</md:GivenName>
+ <md:SurName>Möllström</md:SurName>
+ <md:EmailAddress>mailto:Anders.mollstrom@uhr.se</md:EmailAddress>
+ </md:ContactPerson>
</md:EntityDescriptor>
diff --git a/swamid-2.0/test-nais.i.uhr.se-shibboleth.xml b/swamid-2.0/test-nais.i.uhr.se-shibboleth.xml
index ec6a9940..d1511a89 100644
--- a/swamid-2.0/test-nais.i.uhr.se-shibboleth.xml
+++ b/swamid-2.0/test-nais.i.uhr.se-shibboleth.xml
@@ -90,4 +90,9 @@ BwquFopAQg==
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://test-nais.i.uhr.se/Shibboleth.sso/SAML/POST" index="5"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://test-nais.i.uhr.se/Shibboleth.sso/SAML/Artifact" index="6"/>
</md:SPSSODescriptor>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>Carina</md:GivenName>
+ <md:SurName>Lindström</md:SurName>
+ <md:EmailAddress>mailto:support@reqtest-services.com</md:EmailAddress>
+ </md:ContactPerson>
</md:EntityDescriptor>
diff --git a/swamid-2.0/test.account.hj.se-adfs-services-trust.xml b/swamid-2.0/test.account.hj.se-adfs-services-trust.xml
index a8dc4df2..e39bdb54 100644
--- a/swamid-2.0/test.account.hj.se-adfs-services-trust.xml
+++ b/swamid-2.0/test.account.hj.se-adfs-services-trust.xml
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
-<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://test.account.hj.se/adfs/services/trust">
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="http://test.account.hj.se/adfs/services/trust">
<Extensions>
<mdattr:EntityAttributes xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
<saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
@@ -12,6 +12,116 @@
</samla:Attribute>
</mdattr:EntityAttributes>
</Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope regexp="false">hj.se</shibmd:Scope>
+ <shibmd:Scope regexp="false">account.hj.se</shibmd:Scope>
+ <shibmd:Scope regexp="false">test.account.hj.se</shibmd:Scope>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="sv">Jönköping University - Test för kontohantering</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Jönköping University - Account management test</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Denna applikation används som test för kontohantering.</mdui:Description>
+ <mdui:Description xml:lang="en">This service is used for account management test.</mdui:Description>
+ <mdui:InformationURL xml:lang="sv">http://ju.se/it-helpdesk/faq---manualer/mitt-anvandarkonto.html</mdui:InformationURL>
+ <mdui:InformationURL xml:lang="en">http://ju.se/en/it-helpdesk/ju-faq---manuals/my-user-account.html</mdui:InformationURL>
+ <mdui:Logo height="21" width="187" xml:lang="sv">https://test.account.hj.se/logo.png</mdui:Logo>
+ <mdui:Logo height="21" width="187" xml:lang="en">https://test.account.hj.se/logo.png</mdui:Logo>
+ </mdui:UIInfo>
+ </Extensions>
+ <KeyDescriptor use="encryption">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIC5jCCAc6gAwIBAgIQJ6LjjqEWcpJFTvVMSkHi1DANBgkqhkiG9w0BAQsFADAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZXN0LmFjY291bnQuaGouc2UwHhcNMTYxMjA5MTQzMDMwWhcNMTkxMjA5MTQzMDMwWjAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZXN0LmFjY291bnQuaGouc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKeIg/zjQRwo2xTfCu1a+D51QeiD4FTJqsm0Avzhf/voxxhjbNWDa21QjezqpwgXEP7kVfXkEngzaW5wlraZdgZp44dkI0VnXAQ6U2XO0Rm3RX2ZOmYU5s23JwPeuYW5hHlSRpnLvSjiPahSZzeRR4Z2HuVwPOFaxQHxio2LM8YrjeJfUrznjipA4s8PaYoPs7wGe79FNRzVarAyIlmEJRFmNgYmaAJNVQUkQ+iappvq7vlkeXhGbxFOhhpvX7BMaNSDl+c4hATObtYENTPelA5Aiu5yZ3oAgt6fudkND9HNQQn7RMGMHVeRx6X13wzAetbhOMZQlx/I1jkcixiUiLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBADT+YOGXpr3WXIyZfZeQVZTaCFQcm05oxu4Uucc5rYfJTRxQSarYTc1KW94wemAbEFCOAJuwL8zxOcHnoghikBVZZ8uW1qG2Jw+Jo0uf6fbH1PljKMH2Xy2uZOUbyv262aLfZ0rTEr3rPL1SFCAUimcjhqE4Y2QcGol+gGYOk41wgKcW9zS0D7RnQLDBi6wInKjhHWiwVEnGgqwo3ieb0IWV070Aa2EhSWkprXgB6HmxK9uN/tAZcS8KqR3TQHEN8OuinSeGU9+37G9OC3GiAnYXk49S4FqlnY2HJt8CuN64eMYlvRRRtwQozVy/N2vGARRKP4uP5cKZJ2ELheMv38w=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIC4DCCAcigAwIBAgIQd01qp+Huh4lO3CS1QqGG4TANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZXN0LmFjY291bnQuaGouc2UwHhcNMTYxMjA5MTQzMDE3WhcNMTkxMjA5MTQzMDE3WjAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZXN0LmFjY291bnQuaGouc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1slHrM4Dwv7INShxBAIyO2SPMZ4j7Cj1349drtFYr0b5xW4OYXrbZlsjvFPoH/JiDkxFP6YuHCGFod+NKQ59Jcm5pSAq3W3gAeNpVnCLj4cvHWTn+IuRPGfNRlz4GLDT5NV+L16gYvZOvfTmaVv8WaB6morLyG7iACg2RaZ4I5WsoLdzHTtR667kXXnzols27ebMEqBVJ1UHEUXzN+KLyFN0m1kxXWnWsFlJRM+79+L2j6DPCTpV3akDlSRAL6hAi2Z2SkVXe3J5yTkD06f/TK7wzbyIPWyWcrTYYTjaCLdS/1pu2bgsjYnsfaYhatHaYW8HxmueXEcpVPrGAb/yjAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGmJUmIkyZlvSxVPiyo/3n+UqTX4WQM9VwQ7b3gk1xKqte4kqg4P8GkhMDlovIMd3Kmb1k9G6Qt0SpAgVoW9pjDx0dalT5S7mYAMqnhPLGWxxyfh/glUAj7s1enD7etuLhK+to6FVzCcljdtnh5pvzXxyKJ1Xt77S0aQONobOKkMc5WLGxiFEpeunYFAiP1EyD2mJBObwJmBjEC83Jhd34e0AbW39glUoOrRdNXYML8FbvhJlwoQnbnDDEGGLaKn6VgbJV7WZ7aerYoFrRvHS7izkmArvnPytk3V0ZiW8Z+jXEW7tss0hfezXFz7CtzS8NtK4UijcZMPFhXl5CLEghc=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test.account.hj.se/adfs/ls/"/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test.account.hj.se/adfs/ls/"/>
+ <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test.account.hj.se/adfs/ls/"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test.account.hj.se/adfs/ls/"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Registered User"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Identifier"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration Identifier"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration DisplayName"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS type"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS Version"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Managed Device"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Forwarded Client IP"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Application"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client User Agent"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client IP"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Endpoint Path"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Proxy"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application Identifier"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application policies"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authority Key Identifier"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Basic Constraint"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Enhanced Key Usage"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Key Usage"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not After"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not Before"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Policies"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Public Key"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Raw Data"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Alternative Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Serial Number"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Signature Algorithm"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Key Identifier"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V2 Template Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V1 Template Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Thumbprint"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="X.509 Version"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Inside Corporate Network"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Time"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Days"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Update Password URL"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication Methods References"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Request ID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.2.752.29.4.13" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU National civic registration number or code"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.3.6.1.4.1.2428.90.1.5" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU norEduPersonNIN"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU givenName"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU surName"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU Assurance-Certification"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.16" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU orcid"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU eduPersonAssurance"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU displayName"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU eduPersonTargetedID"/>
+ </IDPSSODescriptor>
<RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="TEST - Jönköping University">
<KeyDescriptor use="encryption">
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
@@ -649,137 +759,6 @@
</EndpointReference>
</fed:PassiveRequestorEndpoint>
</RoleDescriptor>
- <SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
- <Extensions>
- <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
- <mdui:DisplayName xml:lang="sv">Jönköping University - Test för kontohantering</mdui:DisplayName>
- <mdui:DisplayName xml:lang="en">Jönköping University - Account management test</mdui:DisplayName>
- <mdui:Description xml:lang="sv">Denna applikation används som test för kontohantering.</mdui:Description>
- <mdui:Description xml:lang="en">This service is used for account management test.</mdui:Description>
- <mdui:InformationURL xml:lang="sv">http://ju.se/it-helpdesk/faq---manualer/mitt-anvandarkonto.html</mdui:InformationURL>
- <mdui:InformationURL xml:lang="en">http://ju.se/en/it-helpdesk/ju-faq---manuals/my-user-account.html</mdui:InformationURL>
- <mdui:Logo height="21" width="187" xml:lang="sv">https://test.account.hj.se/logo.png</mdui:Logo>
- <mdui:Logo height="21" width="187" xml:lang="en">https://test.account.hj.se/logo.png</mdui:Logo>
- </mdui:UIInfo>
- </Extensions>
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC5jCCAc6gAwIBAgIQJ6LjjqEWcpJFTvVMSkHi1DANBgkqhkiG9w0BAQsFADAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZXN0LmFjY291bnQuaGouc2UwHhcNMTYxMjA5MTQzMDMwWhcNMTkxMjA5MTQzMDMwWjAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZXN0LmFjY291bnQuaGouc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKeIg/zjQRwo2xTfCu1a+D51QeiD4FTJqsm0Avzhf/voxxhjbNWDa21QjezqpwgXEP7kVfXkEngzaW5wlraZdgZp44dkI0VnXAQ6U2XO0Rm3RX2ZOmYU5s23JwPeuYW5hHlSRpnLvSjiPahSZzeRR4Z2HuVwPOFaxQHxio2LM8YrjeJfUrznjipA4s8PaYoPs7wGe79FNRzVarAyIlmEJRFmNgYmaAJNVQUkQ+iappvq7vlkeXhGbxFOhhpvX7BMaNSDl+c4hATObtYENTPelA5Aiu5yZ3oAgt6fudkND9HNQQn7RMGMHVeRx6X13wzAetbhOMZQlx/I1jkcixiUiLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBADT+YOGXpr3WXIyZfZeQVZTaCFQcm05oxu4Uucc5rYfJTRxQSarYTc1KW94wemAbEFCOAJuwL8zxOcHnoghikBVZZ8uW1qG2Jw+Jo0uf6fbH1PljKMH2Xy2uZOUbyv262aLfZ0rTEr3rPL1SFCAUimcjhqE4Y2QcGol+gGYOk41wgKcW9zS0D7RnQLDBi6wInKjhHWiwVEnGgqwo3ieb0IWV070Aa2EhSWkprXgB6HmxK9uN/tAZcS8KqR3TQHEN8OuinSeGU9+37G9OC3GiAnYXk49S4FqlnY2HJt8CuN64eMYlvRRRtwQozVy/N2vGARRKP4uP5cKZJ2ELheMv38w=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC4DCCAcigAwIBAgIQd01qp+Huh4lO3CS1QqGG4TANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZXN0LmFjY291bnQuaGouc2UwHhcNMTYxMjA5MTQzMDE3WhcNMTkxMjA5MTQzMDE3WjAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZXN0LmFjY291bnQuaGouc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1slHrM4Dwv7INShxBAIyO2SPMZ4j7Cj1349drtFYr0b5xW4OYXrbZlsjvFPoH/JiDkxFP6YuHCGFod+NKQ59Jcm5pSAq3W3gAeNpVnCLj4cvHWTn+IuRPGfNRlz4GLDT5NV+L16gYvZOvfTmaVv8WaB6morLyG7iACg2RaZ4I5WsoLdzHTtR667kXXnzols27ebMEqBVJ1UHEUXzN+KLyFN0m1kxXWnWsFlJRM+79+L2j6DPCTpV3akDlSRAL6hAi2Z2SkVXe3J5yTkD06f/TK7wzbyIPWyWcrTYYTjaCLdS/1pu2bgsjYnsfaYhatHaYW8HxmueXEcpVPrGAb/yjAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGmJUmIkyZlvSxVPiyo/3n+UqTX4WQM9VwQ7b3gk1xKqte4kqg4P8GkhMDlovIMd3Kmb1k9G6Qt0SpAgVoW9pjDx0dalT5S7mYAMqnhPLGWxxyfh/glUAj7s1enD7etuLhK+to6FVzCcljdtnh5pvzXxyKJ1Xt77S0aQONobOKkMc5WLGxiFEpeunYFAiP1EyD2mJBObwJmBjEC83Jhd34e0AbW39glUoOrRdNXYML8FbvhJlwoQnbnDDEGGLaKn6VgbJV7WZ7aerYoFrRvHS7izkmArvnPytk3V0ZiW8Z+jXEW7tss0hfezXFz7CtzS8NtK4UijcZMPFhXl5CLEghc=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test.account.hj.se/adfs/ls/"/>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test.account.hj.se/adfs/ls/"/>
- <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
- <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test.account.hj.se/adfs/ls/" index="0" isDefault="true"/>
- <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://test.account.hj.se/adfs/ls/" index="1"/>
- <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test.account.hj.se/adfs/ls/" index="2"/>
- </SPSSODescriptor>
- <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
- <KeyDescriptor use="encryption">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC5jCCAc6gAwIBAgIQJ6LjjqEWcpJFTvVMSkHi1DANBgkqhkiG9w0BAQsFADAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZXN0LmFjY291bnQuaGouc2UwHhcNMTYxMjA5MTQzMDMwWhcNMTkxMjA5MTQzMDMwWjAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZXN0LmFjY291bnQuaGouc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKeIg/zjQRwo2xTfCu1a+D51QeiD4FTJqsm0Avzhf/voxxhjbNWDa21QjezqpwgXEP7kVfXkEngzaW5wlraZdgZp44dkI0VnXAQ6U2XO0Rm3RX2ZOmYU5s23JwPeuYW5hHlSRpnLvSjiPahSZzeRR4Z2HuVwPOFaxQHxio2LM8YrjeJfUrznjipA4s8PaYoPs7wGe79FNRzVarAyIlmEJRFmNgYmaAJNVQUkQ+iappvq7vlkeXhGbxFOhhpvX7BMaNSDl+c4hATObtYENTPelA5Aiu5yZ3oAgt6fudkND9HNQQn7RMGMHVeRx6X13wzAetbhOMZQlx/I1jkcixiUiLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBADT+YOGXpr3WXIyZfZeQVZTaCFQcm05oxu4Uucc5rYfJTRxQSarYTc1KW94wemAbEFCOAJuwL8zxOcHnoghikBVZZ8uW1qG2Jw+Jo0uf6fbH1PljKMH2Xy2uZOUbyv262aLfZ0rTEr3rPL1SFCAUimcjhqE4Y2QcGol+gGYOk41wgKcW9zS0D7RnQLDBi6wInKjhHWiwVEnGgqwo3ieb0IWV070Aa2EhSWkprXgB6HmxK9uN/tAZcS8KqR3TQHEN8OuinSeGU9+37G9OC3GiAnYXk49S4FqlnY2HJt8CuN64eMYlvRRRtwQozVy/N2vGARRKP4uP5cKZJ2ELheMv38w=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <KeyDescriptor use="signing">
- <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
- <X509Data>
- <X509Certificate>MIIC4DCCAcigAwIBAgIQd01qp+Huh4lO3CS1QqGG4TANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZXN0LmFjY291bnQuaGouc2UwHhcNMTYxMjA5MTQzMDE3WhcNMTkxMjA5MTQzMDE3WjAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZXN0LmFjY291bnQuaGouc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1slHrM4Dwv7INShxBAIyO2SPMZ4j7Cj1349drtFYr0b5xW4OYXrbZlsjvFPoH/JiDkxFP6YuHCGFod+NKQ59Jcm5pSAq3W3gAeNpVnCLj4cvHWTn+IuRPGfNRlz4GLDT5NV+L16gYvZOvfTmaVv8WaB6morLyG7iACg2RaZ4I5WsoLdzHTtR667kXXnzols27ebMEqBVJ1UHEUXzN+KLyFN0m1kxXWnWsFlJRM+79+L2j6DPCTpV3akDlSRAL6hAi2Z2SkVXe3J5yTkD06f/TK7wzbyIPWyWcrTYYTjaCLdS/1pu2bgsjYnsfaYhatHaYW8HxmueXEcpVPrGAb/yjAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGmJUmIkyZlvSxVPiyo/3n+UqTX4WQM9VwQ7b3gk1xKqte4kqg4P8GkhMDlovIMd3Kmb1k9G6Qt0SpAgVoW9pjDx0dalT5S7mYAMqnhPLGWxxyfh/glUAj7s1enD7etuLhK+to6FVzCcljdtnh5pvzXxyKJ1Xt77S0aQONobOKkMc5WLGxiFEpeunYFAiP1EyD2mJBObwJmBjEC83Jhd34e0AbW39glUoOrRdNXYML8FbvhJlwoQnbnDDEGGLaKn6VgbJV7WZ7aerYoFrRvHS7izkmArvnPytk3V0ZiW8Z+jXEW7tss0hfezXFz7CtzS8NtK4UijcZMPFhXl5CLEghc=</X509Certificate>
- </X509Data>
- </KeyInfo>
- </KeyDescriptor>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test.account.hj.se/adfs/ls/"/>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test.account.hj.se/adfs/ls/"/>
- <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
- <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
- <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test.account.hj.se/adfs/ls/"/>
- <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test.account.hj.se/adfs/ls/"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Registered User"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration DisplayName"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS type"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS Version"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Managed Device"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Forwarded Client IP"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Application"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client User Agent"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client IP"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Endpoint Path"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Proxy"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application policies"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authority Key Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Basic Constraint"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Enhanced Key Usage"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Key Usage"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not After"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not Before"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Policies"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Public Key"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Raw Data"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Alternative Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Serial Number"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Signature Algorithm"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Key Identifier"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V2 Template Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V1 Template Name"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Thumbprint"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="X.509 Version"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Inside Corporate Network"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Time"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Days"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Update Password URL"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication Methods References"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Request ID"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.2.752.29.4.13" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU National civic registration number or code"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.3.6.1.4.1.2428.90.1.5" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU norEduPersonNIN"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU givenName"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU surName"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU Assurance-Certification"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.16" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU orcid"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU eduPersonAssurance"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU displayName"/>
- <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU eduPersonTargetedID"/>
- </IDPSSODescriptor>
<ContactPerson contactType="technical">
<GivenName>Joakim</GivenName>
<SurName>Danielsson</SurName>
diff --git a/swamid-2.0/test.lararlyftet-validering.se-shibboleth.xml b/swamid-2.0/test.lararlyftet-validering.se-shibboleth.xml
index d84ac9a7..c63451b4 100644
--- a/swamid-2.0/test.lararlyftet-validering.se-shibboleth.xml
+++ b/swamid-2.0/test.lararlyftet-validering.se-shibboleth.xml
@@ -104,4 +104,9 @@ BwquFopAQg==
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://acc.lararlyftet-validering.se/Shibboleth.sso/SAML/POST" index="10"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://acc.lararlyftet-validering.se/Shibboleth.sso/SAML/Artifact" index="11"/>
</md:SPSSODescriptor>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>Carina</md:GivenName>
+ <md:SurName>Lindström</md:SurName>
+ <md:EmailAddress>mailto:valdasupport@uhr.se</md:EmailAddress>
+ </md:ContactPerson>
</md:EntityDescriptor>
diff --git a/swamid-2.0/uuc-web003-t.its.uu.se-shibboleth.xml b/swamid-2.0/uuc-web003-t.its.uu.se-shibboleth.xml
index 48831344..d550a066 100644
--- a/swamid-2.0/uuc-web003-t.its.uu.se-shibboleth.xml
+++ b/swamid-2.0/uuc-web003-t.its.uu.se-shibboleth.xml
@@ -22,6 +22,7 @@
<samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
<samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
<samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue>
+ <samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue>
</samla:Attribute>
</mdattr:EntityAttributes>
</md:Extensions>
@@ -34,7 +35,11 @@
<mdui:DisplayName xml:lang="en">Indico TEST</mdui:DisplayName>
<mdui:Description xml:lang="sv">Indico är ett evenemangshanteringssystem för möten, konferenser och föreläsningar.</mdui:Description>
<mdui:Description xml:lang="en">Indico is an event management system for meetings, conferences and lectures.</mdui:Description>
- <mdui:Logo height="52" width="196">https://uuc-web003-t.its.uu.se/images/logo_indico.png</mdui:Logo>
+ <mdui:Logo xml:lang="en" height="52" width="196">https://uuc-web003-t.its.uu.se/images/logo_indico.png</mdui:Logo>
+ <mdui:Logo xml:lang="sv" height="52" width="196">https://uuc-web003-t.its.uu.se/images/logo_indico.png</mdui:Logo>
+ <mdui:InformationURL xml:lang="en">https://uuc-web003-t.its.uu.se/about</mdui:InformationURL>
+ <mdui:PrivacyStatementURL xml:lang="en">https://uuc-web003-t.its.uu.se/static/custom/privacy-policy-en</mdui:PrivacyStatementURL>
+ <mdui:PrivacyStatementURL xml:lang="sv">https://uuc-web003-t.its.uu.se/static/custom/privacy-policy-sv</mdui:PrivacyStatementURL>
</mdui:UIInfo>
</md:Extensions>
<md:KeyDescriptor>
diff --git a/swamid-2.0/weblogin.kau.se-idp-shibboleth.xml b/swamid-2.0/weblogin.kau.se-idp-shibboleth.xml
index 6cc85f9c..98232c16 100644
--- a/swamid-2.0/weblogin.kau.se-idp-shibboleth.xml
+++ b/swamid-2.0/weblogin.kau.se-idp-shibboleth.xml
@@ -216,7 +216,7 @@ cHgs7D1QiqGixbmFlSZyPcCPcIzPDzRaoXyb+yKQy31QP/VEt8VGXH5H2A==
<Company>Karlstad University</Company>
<SurName>IT-avdelningen</SurName>
<EmailAddress>mailto:webbteknik@kau.se</EmailAddress>
- <TelephoneNumber>+46 54 700 2200</TelephoneNumber>
+ <TelephoneNumber>+46 54 700 2525</TelephoneNumber>
</ContactPerson>
<ContactPerson contactType="technical">
<Company>Karlstad University</Company>
diff --git a/swamid-2.0/www.lararlyftet-validering.se-shibboleth.xml b/swamid-2.0/www.lararlyftet-validering.se-shibboleth.xml
index 62a28c2b..c9f14420 100644
--- a/swamid-2.0/www.lararlyftet-validering.se-shibboleth.xml
+++ b/swamid-2.0/www.lararlyftet-validering.se-shibboleth.xml
@@ -90,4 +90,9 @@ MViWUqDxKicGyuokDNf3hpcc9w==
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.lararlyftet-validering.se/Shibboleth.sso/SAML/POST" index="5"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.lararlyftet-validering.se/Shibboleth.sso/SAML/Artifact" index="6"/>
</md:SPSSODescriptor>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>Pontus</md:GivenName>
+ <md:SurName>Larsson</md:SurName>
+ <md:EmailAddress>mailto:pontus.larsson@uhr.se</md:EmailAddress>
+ </md:ContactPerson>
</md:EntityDescriptor>
diff --git a/swamid-2.0/www.nais.uhr.se-shibboleth.xml b/swamid-2.0/www.nais.uhr.se-shibboleth.xml
index d766bb0f..f1062421 100644
--- a/swamid-2.0/www.nais.uhr.se-shibboleth.xml
+++ b/swamid-2.0/www.nais.uhr.se-shibboleth.xml
@@ -91,4 +91,9 @@ MViWUqDxKicGyuokDNf3hpcc9w==
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.nais.uhr.se/Shibboleth.sso/SAML/POST" index="5"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.nais.uhr.se/Shibboleth.sso/SAML/Artifact" index="6"/>
</md:SPSSODescriptor>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>Carina</md:GivenName>
+ <md:SurName>Lindström</md:SurName>
+ <md:EmailAddress>mailto:support@reqtest-services.com</md:EmailAddress>
+ </md:ContactPerson>
</md:EntityDescriptor>
diff --git a/swamid-2.0/www.tentaadmindev.uhr.se-shibboleth.xml b/swamid-2.0/www.tentaadmindev.uhr.se-shibboleth.xml
index a0fb411e..32382190 100644
--- a/swamid-2.0/www.tentaadmindev.uhr.se-shibboleth.xml
+++ b/swamid-2.0/www.tentaadmindev.uhr.se-shibboleth.xml
@@ -84,4 +84,9 @@ OCAgWY6O9B3McR43joEl1kbkE4ckdvrpmDrGdjZn78smL6SGV2Frl5d0ALjQSVkB
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.tentaadmindev.uhr.se/Shibboleth.sso/SAML/POST" index="5"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.tentaadmindev.uhr.se/Shibboleth.sso/SAML/Artifact" index="6"/>
</md:SPSSODescriptor>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>Anders</md:GivenName>
+ <md:SurName>Möllström</md:SurName>
+ <md:EmailAddress>mailto:Anders.mollstrom@uhr.se</md:EmailAddress>
+ </md:ContactPerson>
</md:EntityDescriptor>