summaryrefslogtreecommitdiff
path: root/swamid-2.0
diff options
context:
space:
mode:
authorLeif Johansson <leifj@sunet.se>2017-01-13 16:10:46 +0100
committerLeif Johansson <leifj@sunet.se>2017-01-13 16:10:46 +0100
commitccf712d0a7e6e497d0cfd9d6b1221270dd50f4ce (patch)
tree5788841d71778363c7278b3f5915c289ac4a5844 /swamid-2.0
parent6e199154f129d49c1f741b492581b874c6697fc5 (diff)
parentb51674489c567febcafe7533d8ad1f6c46ec9f23 (diff)
Merge branch 'master' of md-master.swamid.se:swamid-metadata
Diffstat (limited to 'swamid-2.0')
-rw-r--r--swamid-2.0/dbh-prod.i.uhr.se-shibboleth.xml101
-rw-r--r--swamid-2.0/idp.sunet.se-idp.xml8
-rw-r--r--swamid-2.0/ladok3-jenkins.ladok.umu.se-jenkins-securityrealm-finishlogin.xml86
-rw-r--r--swamid-2.0/ladok3.ladok.umu.se-8443-jenkins-securityrealm-finishlogin.xml86
-rw-r--r--swamid-2.0/ladok3.ladok.umu.se-shibboleth.xml1
-rw-r--r--swamid-2.0/luvittest1.education.lu.se-shibboleth.xml1
-rw-r--r--swamid-2.0/luvittest2.ced.lu.se-shibboleth.xml1
-rw-r--r--swamid-2.0/test.account.hj.se-adfs-services-trust.xml785
-rw-r--r--swamid-2.0/video.nordu.net.xml39
-rw-r--r--swamid-2.0/www.scalable-learning.com.xml2
10 files changed, 1102 insertions, 8 deletions
diff --git a/swamid-2.0/dbh-prod.i.uhr.se-shibboleth.xml b/swamid-2.0/dbh-prod.i.uhr.se-shibboleth.xml
new file mode 100644
index 00000000..71c3c1e5
--- /dev/null
+++ b/swamid-2.0/dbh-prod.i.uhr.se-shibboleth.xml
@@ -0,0 +1,101 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://dbh-prod.i.uhr.se/shibboleth">
+ <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+ <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+ <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+ <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+ <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+ <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+ <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
+ </samla:Attribute>
+ </mdattr:EntityAttributes>
+ </md:Extensions>
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="sv">Test av ny produktionssite för Bedömningshandboken (kommer att få denna URL vid driftsättning: bedomningshandboken.uhr.se)</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Test of new production site for Bedömningshandboken (will get this URL when released: bedomningshandboken.uhr.se)</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Test av Bedömningshandboken</mdui:Description>
+ <mdui:Description xml:lang="en">Test of Bedömningshandboken</mdui:Description>
+ </mdui:UIInfo>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/Login"/>
+ <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/Login" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>uhrepiweb02.i.uhr.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=uhrepiweb02.i.uhr.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEAzCCAmugAwIBAgIJAOdBqacZ4/EFMA0GCSqGSIb3DQEBCwUAMB8xHTAbBgNV
+BAMTFHVocmVwaXdlYjAyLmkudWhyLnNlMB4XDTE3MDExMTEyMTgyMloXDTI3MDEw
+OTEyMTgyMlowHzEdMBsGA1UEAxMUdWhyZXBpd2ViMDIuaS51aHIuc2UwggGiMA0G
+CSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDv6EgQw6o9Umqd16VMHb3PBMYw+bxy
+2dGv2EPMYAFHjMpythOVvyTrXtA9dgB1Zww77yysuvE5s5+3bEuiZywKtlJ3pWPd
+tn59T8dl85MOorrq0RzKHcXCDF6s7tMTdcV8M4sBC/H9aGmKnHgm0Y617rgfGv5P
+muilDwvktEqafohLce08DZEMWGJBh9jUSEZ/S/Wn7PO1GBX2QA9oHotZAqevR06v
+YaffEG0kEIrQt64uhF0bSBZCfhp0J+SBMk0Wvsma2ckpZ7eRUcET9h7LKn71KIJ8
+1sCocpbn+3JDzhD2uBiYyQaR15Ijfdq8iqfbkX+hmPm0D5/wU3gpuPKuG1UHsAmE
+kEsDPifSFJSbgTLVw+vFFBXqKA+/hWidtLgP4XVNgFI1GB8J5Ly+fMn2bXfH8CwH
+HpffzdGNznYiY0WeJX+lsw9dVFIaCrn5PTZiT0jC+kFvP856UE18QbkL1emi8WrJ
+ptrarp52vCoklBE3zHyJ+rjaKR/zVUKZldUCAwEAAaNCMEAwHwYDVR0RBBgwFoIU
+dWhyZXBpd2ViMDIuaS51aHIuc2UwHQYDVR0OBBYEFOfeY2rg/PgZ2fgEOk2v2x0w
+VnSXMA0GCSqGSIb3DQEBCwUAA4IBgQAGwaIX03w9j4Zm0bIne3Elo/3WVCVdZOev
+ZIX6tq2Fio3+YpnAH+L3sO0FROTRGuxUusJOUWnYJDcVIHOfgzUU0eTa9o/S+fdG
+XNKSeNizrBhvYIRxqhY4tyXhQrp2gEQyUR6LT9rA+X5yYMlrajp2M/Kav1/2sfF4
+EKRAkrCY2eU0ZeI5JwaopzwMYiKxpyoqipUPqFu28xabijrGx6vgbzEfT42Bz7lg
+Q3WUc+tUWPyL9fqGw0FZySSQwks95fXZlQezu1kKHDiptiX2u8lfW3aPbT2PC7ek
+CwsF12e85+5pzfygrHWG9A+hKv49Dt6uTYnYrnv0aQRvAXOwUQ6ZIwKVy3/IISuM
+PI0Bmb7LkjvTr24EPa24S6YMvD+utfgh+MjSnA5lHdDvTtZheoqyoI5haeQ5MMI5
+LKZPDKEVmUXoIJA24fs/pj0RL5nBDYiRobwK1TpM633Ae+NhPDqD0o1JdgPUV3Vg
+GCB2r29GXIAUYaUyAdsWXNMFG6lb7IM=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/Artifact/SOAP" index="2"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SAML2/POST" index="7"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SAML2/Artifact" index="8"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SAML2/ECP" index="9"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SAML/POST" index="10"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://dbh-prod.i.uhr.se/Shibboleth.sso/SAML/Artifact" index="11"/>
+ </md:SPSSODescriptor>
+ <md:ContactPerson contactType="administrative">
+ <md:GivenName>Erik</md:GivenName>
+ <md:SurName>Jonsson</md:SurName>
+ <md:EmailAddress>mailto:erik.jonsson@umu.se</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/idp.sunet.se-idp.xml b/swamid-2.0/idp.sunet.se-idp.xml
index 49c66711..c25da687 100644
--- a/swamid-2.0/idp.sunet.se-idp.xml
+++ b/swamid-2.0/idp.sunet.se-idp.xml
@@ -72,16 +72,16 @@ jiN2PVb/fS119Yu9s/jk86TcHIATZtmc/h6y5FkHzADUHGPPNum92l027dPIVqeT
<saml:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.sunet.se/Saml2SP/sso/post"/>
</saml:IDPSSODescriptor>
<saml:Organization>
- <saml:OrganizationName xml:lang="en">SUNET Staff Login</saml:OrganizationName>
- <saml:OrganizationDisplayName xml:lang="en">SUNET Staff Login</saml:OrganizationDisplayName>
+ <saml:OrganizationName xml:lang="en">SUNET Employees</saml:OrganizationName>
+ <saml:OrganizationDisplayName xml:lang="en">SUNET Employees</saml:OrganizationDisplayName>
<saml:OrganizationURL xml:lang="en">https://sunet.se</saml:OrganizationURL>
</saml:Organization>
<saml:ContactPerson contactType="technical">
<saml:GivenName>Technical</saml:GivenName>
- <saml:EmailAddress>noc@sunet.se</saml:EmailAddress>
+ <saml:EmailAddress>mailto:noc@sunet.se</saml:EmailAddress>
</saml:ContactPerson>
<saml:ContactPerson contactType="support">
<saml:GivenName>Support</saml:GivenName>
- <saml:EmailAddress>noc@sunet.se</saml:EmailAddress>
+ <saml:EmailAddress>mailto:noc@sunet.se</saml:EmailAddress>
</saml:ContactPerson>
</saml:EntityDescriptor>
diff --git a/swamid-2.0/ladok3-jenkins.ladok.umu.se-jenkins-securityrealm-finishlogin.xml b/swamid-2.0/ladok3-jenkins.ladok.umu.se-jenkins-securityrealm-finishlogin.xml
new file mode 100644
index 00000000..4b32257b
--- /dev/null
+++ b/swamid-2.0/ladok3-jenkins.ladok.umu.se-jenkins-securityrealm-finishlogin.xml
@@ -0,0 +1,86 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://ladok3-jenkins.ladok.umu.se/jenkins/securityRealm/finishLogin">
+ <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
+ <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+ <samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue>
+ </samla:Attribute>
+ </mdattr:EntityAttributes>
+ </md:Extensions>
+ <md:SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="sv">Inloggning Jenkins Ladok3</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Ladok3 Jenkins login</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Inloggning mot Ladok3:s Jenkins</mdui:Description>
+ <mdui:Description xml:lang="en">Login to Ladok3 Jenkins</mdui:Description>
+ </mdui:UIInfo>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDdzCCAl+gAwIBAgIEJudoaDANBgkqhkiG9w0BAQsFADBsMRAwDgYDVQQGEwdVbmtub3duMRAw
+DgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRAwDgYDVQQKEwdVbmtub3duMRAwDgYD
+VQQLEwdVbmtub3duMRAwDgYDVQQDEwdVbmtub3duMB4XDTE3MDExMzA5MjIzMVoXDTI3MDExMTA5
+MjIzMVowbDEQMA4GA1UEBhMHVW5rbm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5r
+bm93bjEQMA4GA1UEChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93
+bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIP8E+1UWC6THFR8PvNo6enlD9/cDwge
+DBcMZfSNExv6FsNAvForGr/P0WONMNHNgc6xl1FXxFubz4Ce0b6NyRsH5fIr59/ASc5t/jIS1z8z
+S2NOQC1ltRaSKYJTnBsiXKDLJPqFR4XtqN7TsUjLF6KRVfmx7FUhU9ccVONJxDstymN8sF1oGq2s
+LitZiVYb98ZPgILNFk0B064rhL2P65NQ0rZNzyvogp3uNexg+pxS2FyG26X136qbnmvAzJGbo5s/
+Rk2vW3CTEpPISvQW4kNlBDPz5S/epRa5bdJsGLHJkBJCKo0bTjzwg6/T19rSzrxdzt6tBD3vUzYX
+mhdgLSsCAwEAAaMhMB8wHQYDVR0OBBYEFPj1pmO/WxXRBHNpAsolfuhenJV6MA0GCSqGSIb3DQEB
+CwUAA4IBAQBRultcmx0OePrE+Q5m9bza3H9X9Nwn3vpfCQtg9VFhCfP1l4Kdy72cXXSKK+oRA1Zb
++221oO474dUxNQ8RlG9HaeNxGiUkyoYeHLfyIoU3zR+Sk1t1v9uEGvUG4ALmNdqJD5T0yNh+B029
+HkiecYTX5/KhlMSyQQyqd1TbssLdg/GM7hYmIWosanb1ueFkyv6gYyh6ZgZgza6tf63gjVvvYTog
+bYrcg39YS/2EWWrboSpMu2+agRG+NebnTpJzKirx/I1dZldnmvxN+j4ZhMoMZq+qZ4XK3kNY1q76
++8sPLliD3nUprmKNJKgFYAni7n4fEGA27w+s19nQittHAwzu</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDdzCCAl+gAwIBAgIEJudoaDANBgkqhkiG9w0BAQsFADBsMRAwDgYDVQQGEwdVbmtub3duMRAw
+DgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRAwDgYDVQQKEwdVbmtub3duMRAwDgYD
+VQQLEwdVbmtub3duMRAwDgYDVQQDEwdVbmtub3duMB4XDTE3MDExMzA5MjIzMVoXDTI3MDExMTA5
+MjIzMVowbDEQMA4GA1UEBhMHVW5rbm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5r
+bm93bjEQMA4GA1UEChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93
+bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIP8E+1UWC6THFR8PvNo6enlD9/cDwge
+DBcMZfSNExv6FsNAvForGr/P0WONMNHNgc6xl1FXxFubz4Ce0b6NyRsH5fIr59/ASc5t/jIS1z8z
+S2NOQC1ltRaSKYJTnBsiXKDLJPqFR4XtqN7TsUjLF6KRVfmx7FUhU9ccVONJxDstymN8sF1oGq2s
+LitZiVYb98ZPgILNFk0B064rhL2P65NQ0rZNzyvogp3uNexg+pxS2FyG26X136qbnmvAzJGbo5s/
+Rk2vW3CTEpPISvQW4kNlBDPz5S/epRa5bdJsGLHJkBJCKo0bTjzwg6/T19rSzrxdzt6tBD3vUzYX
+mhdgLSsCAwEAAaMhMB8wHQYDVR0OBBYEFPj1pmO/WxXRBHNpAsolfuhenJV6MA0GCSqGSIb3DQEB
+CwUAA4IBAQBRultcmx0OePrE+Q5m9bza3H9X9Nwn3vpfCQtg9VFhCfP1l4Kdy72cXXSKK+oRA1Zb
++221oO474dUxNQ8RlG9HaeNxGiUkyoYeHLfyIoU3zR+Sk1t1v9uEGvUG4ALmNdqJD5T0yNh+B029
+HkiecYTX5/KhlMSyQQyqd1TbssLdg/GM7hYmIWosanb1ueFkyv6gYyh6ZgZgza6tf63gjVvvYTog
+bYrcg39YS/2EWWrboSpMu2+agRG+NebnTpJzKirx/I1dZldnmvxN+j4ZhMoMZq+qZ4XK3kNY1q76
++8sPLliD3nUprmKNJKgFYAni7n4fEGA27w+s19nQittHAwzu</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ladok3-jenkins.ladok.umu.se/jenkins/securityRealm/finishLogin" index="0"/>
+ </md:SPSSODescriptor>
+ <md:ContactPerson contactType="administrative">
+ <md:Company>ITS, Umea universitet</md:Company>
+ <md:SurName>Fredrik Domeij</md:SurName>
+ <md:EmailAddress>fredrik.domeij@umu.se</md:EmailAddress>
+ </md:ContactPerson>
+ <md:ContactPerson contactType="technical">
+ <md:Company>ITS, Umea universitet</md:Company>
+ <md:SurName>Fredrik Domeij</md:SurName>
+ <md:EmailAddress>fredrik.domeij@umu.se</md:EmailAddress>
+ </md:ContactPerson>
+ <md:ContactPerson contactType="support">
+ <md:Company>ITS, Umea universitet</md:Company>
+ <md:SurName>Fredrik Domeij</md:SurName>
+ <md:EmailAddress>fredrik.domeij@umu.se</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/ladok3.ladok.umu.se-8443-jenkins-securityrealm-finishlogin.xml b/swamid-2.0/ladok3.ladok.umu.se-8443-jenkins-securityrealm-finishlogin.xml
new file mode 100644
index 00000000..d8111280
--- /dev/null
+++ b/swamid-2.0/ladok3.ladok.umu.se-8443-jenkins-securityrealm-finishlogin.xml
@@ -0,0 +1,86 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://ladok3.ladok.umu.se:8443/jenkins/securityRealm/finishLogin">
+ <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
+ <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+ <samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue>
+ </samla:Attribute>
+ </mdattr:EntityAttributes>
+ </md:Extensions>
+ <md:SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="sv">Inloggning Jenkins Ladok3 (old)</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Ladok3 Jenkins login (old)</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Inloggning mot Ladok3:s Jenkins</mdui:Description>
+ <mdui:Description xml:lang="en">Login to Ladok3 Jenkins</mdui:Description>
+ </mdui:UIInfo>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDdzCCAl+gAwIBAgIERMR+4zANBgkqhkiG9w0BAQsFADBsMRAwDgYDVQQGEwdVbmtub3duMRAw
+DgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRAwDgYDVQQKEwdVbmtub3duMRAwDgYD
+VQQLEwdVbmtub3duMRAwDgYDVQQDEwdVbmtub3duMB4XDTE3MDExMzE0MDE1NVoXDTI3MDExMTE0
+MDE1NVowbDEQMA4GA1UEBhMHVW5rbm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5r
+bm93bjEQMA4GA1UEChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93
+bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJuHjYqu6jUCbj6JVxVlnnTa2qEwTsTn
+r5VUd5DT/++72+aCbx0RuzW7bR5hihEk91J+A3uA4NVTmZbKY8xqM1ALXHf3lyDDsA1eRyUk9Han
+9/tct9VHwryDscQtUhJt672s85cq65oHVBRrPoCRBoGqcTMCUHBrUGDOOKW862NzlxxX9RH6JKhN
+DqspuO5XYgYEaJfMagZSPQKdyko0Z18TIA3cKWautLIFkg/MbFn2C6sLutd6tLD0iBPd/fZ0j/wy
+9QM300eRLHK5HuVsaphCeNuOPJuTMHLNTqJ6dRTLnAa2IQv8cszd3cuytMtgsU347IcyplK5uYNC
+9Qz/El8CAwEAAaMhMB8wHQYDVR0OBBYEFICz8BXR9dOGx9j4DmL6qCSRh/dhMA0GCSqGSIb3DQEB
+CwUAA4IBAQBl1nw8qeEE3otWHJY1hNwmJiebvNQQWjFq16woCo6MBJI+lxCOwaJ+V+yefMBt6PQq
+x/hzgQMUoHaBjKFOsDUnf6DT27szdp3hkrOZsedBEKOkQLVxHGdHcvqkm2eQn3ZEJxyQJzViZNw3
+0xL/fZA8piBCzBp5sjdAK0xUk1PxIzXR/x/cn7KbnSwbL8utPCUYKkr5IXpGZbwFen9QhMW5Knbm
+59dH7LfpOzv+ID4gZ/aew21ldb5PFTBXZuesVZW8VCW6ddLtbbLNaRCkMuvjDHYIPh7nigN2LhrQ
+Zt9koo0LwqrO6JAc0XcB96E3f2td2FHdIzwOS/IbzLPX6lXA</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDdzCCAl+gAwIBAgIERMR+4zANBgkqhkiG9w0BAQsFADBsMRAwDgYDVQQGEwdVbmtub3duMRAw
+DgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRAwDgYDVQQKEwdVbmtub3duMRAwDgYD
+VQQLEwdVbmtub3duMRAwDgYDVQQDEwdVbmtub3duMB4XDTE3MDExMzE0MDE1NVoXDTI3MDExMTE0
+MDE1NVowbDEQMA4GA1UEBhMHVW5rbm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5r
+bm93bjEQMA4GA1UEChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93
+bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJuHjYqu6jUCbj6JVxVlnnTa2qEwTsTn
+r5VUd5DT/++72+aCbx0RuzW7bR5hihEk91J+A3uA4NVTmZbKY8xqM1ALXHf3lyDDsA1eRyUk9Han
+9/tct9VHwryDscQtUhJt672s85cq65oHVBRrPoCRBoGqcTMCUHBrUGDOOKW862NzlxxX9RH6JKhN
+DqspuO5XYgYEaJfMagZSPQKdyko0Z18TIA3cKWautLIFkg/MbFn2C6sLutd6tLD0iBPd/fZ0j/wy
+9QM300eRLHK5HuVsaphCeNuOPJuTMHLNTqJ6dRTLnAa2IQv8cszd3cuytMtgsU347IcyplK5uYNC
+9Qz/El8CAwEAAaMhMB8wHQYDVR0OBBYEFICz8BXR9dOGx9j4DmL6qCSRh/dhMA0GCSqGSIb3DQEB
+CwUAA4IBAQBl1nw8qeEE3otWHJY1hNwmJiebvNQQWjFq16woCo6MBJI+lxCOwaJ+V+yefMBt6PQq
+x/hzgQMUoHaBjKFOsDUnf6DT27szdp3hkrOZsedBEKOkQLVxHGdHcvqkm2eQn3ZEJxyQJzViZNw3
+0xL/fZA8piBCzBp5sjdAK0xUk1PxIzXR/x/cn7KbnSwbL8utPCUYKkr5IXpGZbwFen9QhMW5Knbm
+59dH7LfpOzv+ID4gZ/aew21ldb5PFTBXZuesVZW8VCW6ddLtbbLNaRCkMuvjDHYIPh7nigN2LhrQ
+Zt9koo0LwqrO6JAc0XcB96E3f2td2FHdIzwOS/IbzLPX6lXA</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ladok3.ladok.umu.se:8443/jenkins/securityRealm/finishLogin" index="0"/>
+ </md:SPSSODescriptor>
+ <md:ContactPerson contactType="administrative">
+ <md:Company>ITS, Umea universitet</md:Company>
+ <md:SurName>Fredrik Domeij</md:SurName>
+ <md:EmailAddress>fredrik.domeij@umu.se</md:EmailAddress>
+ </md:ContactPerson>
+ <md:ContactPerson contactType="technical">
+ <md:Company>ITS, Umea universitet</md:Company>
+ <md:SurName>Fredrik Domeij</md:SurName>
+ <md:EmailAddress>fredrik.domeij@umu.se</md:EmailAddress>
+ </md:ContactPerson>
+ <md:ContactPerson contactType="support">
+ <md:Company>ITS, Umea universitet</md:Company>
+ <md:SurName>Fredrik Domeij</md:SurName>
+ <md:EmailAddress>fredrik.domeij@umu.se</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/ladok3.ladok.umu.se-shibboleth.xml b/swamid-2.0/ladok3.ladok.umu.se-shibboleth.xml
index 9bfc1afd..747ff281 100644
--- a/swamid-2.0/ladok3.ladok.umu.se-shibboleth.xml
+++ b/swamid-2.0/ladok3.ladok.umu.se-shibboleth.xml
@@ -88,7 +88,6 @@ L8JKymQ3TDk/0a+t4y/ARC9bJ0ttOPY4K7WD21ddd0/xlz/AvA2g/f1Amlf0DC3T
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ladok3.ladok.umu.se/Shibboleth.sso/NIM/POST"/>
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ladok3.ladok.umu.se/Shibboleth.sso/NIM/Artifact"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ladok3.ladok.umu.se/Shibboleth.sso/SAML2/POST" index="1"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://ladok3.ladok.umu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ladok3.ladok.umu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://ladok3.ladok.umu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ladok3.ladok.umu.se/Shibboleth.sso/SAML/POST" index="5"/>
diff --git a/swamid-2.0/luvittest1.education.lu.se-shibboleth.xml b/swamid-2.0/luvittest1.education.lu.se-shibboleth.xml
index eb7a6980..6bb5c3b9 100644
--- a/swamid-2.0/luvittest1.education.lu.se-shibboleth.xml
+++ b/swamid-2.0/luvittest1.education.lu.se-shibboleth.xml
@@ -79,7 +79,6 @@ V++yEkt5n8e8BoA3PHj5/MSgzEqPnlNRMhTX5QYW4TYy23uQaXVwybYPSw==
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://luvittest1.education.lu.se/Shibboleth.sso/NIM/POST"/>
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://luvittest1.education.lu.se/Shibboleth.sso/NIM/Artifact"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://luvittest1.education.lu.se/Shibboleth.sso/SAML2/POST" index="1"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://luvittest1.education.lu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://luvittest1.education.lu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://luvittest1.education.lu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://luvittest1.education.lu.se/Shibboleth.sso/SAML/POST" index="5"/>
diff --git a/swamid-2.0/luvittest2.ced.lu.se-shibboleth.xml b/swamid-2.0/luvittest2.ced.lu.se-shibboleth.xml
index f6c55379..6254f6cb 100644
--- a/swamid-2.0/luvittest2.ced.lu.se-shibboleth.xml
+++ b/swamid-2.0/luvittest2.ced.lu.se-shibboleth.xml
@@ -79,7 +79,6 @@ V++yEkt5n8e8BoA3PHj5/MSgzEqPnlNRMhTX5QYW4TYy23uQaXVwybYPSw==
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://luvittest2.education.lu.se/Shibboleth.sso/NIM/POST"/>
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://luvittest2.education.lu.se/Shibboleth.sso/NIM/Artifact"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://luvittest2.education.lu.se/Shibboleth.sso/SAML2/POST" index="1"/>
- <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://luvittest2.education.lu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://luvittest2.education.lu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://luvittest2.education.lu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://luvittest2.education.lu.se/Shibboleth.sso/SAML/POST" index="5"/>
diff --git a/swamid-2.0/test.account.hj.se-adfs-services-trust.xml b/swamid-2.0/test.account.hj.se-adfs-services-trust.xml
new file mode 100644
index 00000000..281515cd
--- /dev/null
+++ b/swamid-2.0/test.account.hj.se-adfs-services-trust.xml
@@ -0,0 +1,785 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://test.account.hj.se/adfs/services/trust">
+ <Extensions>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
+ <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+ <samla:AttributeValue>http://www.swamid.se/category/sfs-1993-1153</samla:AttributeValue>
+ </samla:Attribute>
+ </mdattr:EntityAttributes>
+ </Extensions>
+ <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="TEST - Jönköping University">
+ <KeyDescriptor use="encryption">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIC5jCCAc6gAwIBAgIQJ6LjjqEWcpJFTvVMSkHi1DANBgkqhkiG9w0BAQsFADAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZXN0LmFjY291bnQuaGouc2UwHhcNMTYxMjA5MTQzMDMwWhcNMTkxMjA5MTQzMDMwWjAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZXN0LmFjY291bnQuaGouc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKeIg/zjQRwo2xTfCu1a+D51QeiD4FTJqsm0Avzhf/voxxhjbNWDa21QjezqpwgXEP7kVfXkEngzaW5wlraZdgZp44dkI0VnXAQ6U2XO0Rm3RX2ZOmYU5s23JwPeuYW5hHlSRpnLvSjiPahSZzeRR4Z2HuVwPOFaxQHxio2LM8YrjeJfUrznjipA4s8PaYoPs7wGe79FNRzVarAyIlmEJRFmNgYmaAJNVQUkQ+iappvq7vlkeXhGbxFOhhpvX7BMaNSDl+c4hATObtYENTPelA5Aiu5yZ3oAgt6fudkND9HNQQn7RMGMHVeRx6X13wzAetbhOMZQlx/I1jkcixiUiLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBADT+YOGXpr3WXIyZfZeQVZTaCFQcm05oxu4Uucc5rYfJTRxQSarYTc1KW94wemAbEFCOAJuwL8zxOcHnoghikBVZZ8uW1qG2Jw+Jo0uf6fbH1PljKMH2Xy2uZOUbyv262aLfZ0rTEr3rPL1SFCAUimcjhqE4Y2QcGol+gGYOk41wgKcW9zS0D7RnQLDBi6wInKjhHWiwVEnGgqwo3ieb0IWV070Aa2EhSWkprXgB6HmxK9uN/tAZcS8KqR3TQHEN8OuinSeGU9+37G9OC3GiAnYXk49S4FqlnY2HJt8CuN64eMYlvRRRtwQozVy/N2vGARRKP4uP5cKZJ2ELheMv38w=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <fed:ClaimTypesRequested>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
+ <auth:DisplayName>E-Mail Address</auth:DisplayName>
+ <auth:Description>The e-mail address of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
+ <auth:DisplayName>Given Name</auth:DisplayName>
+ <auth:Description>The given name of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
+ <auth:DisplayName>Name</auth:DisplayName>
+ <auth:Description>The unique name of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
+ <auth:DisplayName>UPN</auth:DisplayName>
+ <auth:Description>The user principal name (UPN) of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
+ <auth:DisplayName>Common Name</auth:DisplayName>
+ <auth:Description>The common name of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
+ <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
+ <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
+ <auth:DisplayName>Group</auth:DisplayName>
+ <auth:Description>A group that the user is a member of</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
+ <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
+ <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
+ <auth:DisplayName>Role</auth:DisplayName>
+ <auth:Description>A role that the user has</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
+ <auth:DisplayName>Surname</auth:DisplayName>
+ <auth:Description>The surname of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
+ <auth:DisplayName>PPID</auth:DisplayName>
+ <auth:Description>The private identifier of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
+ <auth:DisplayName>Name ID</auth:DisplayName>
+ <auth:Description>The SAML name identifier of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
+ <auth:DisplayName>Authentication time stamp</auth:DisplayName>
+ <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
+ <auth:DisplayName>Authentication method</auth:DisplayName>
+ <auth:Description>The method used to authenticate the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
+ <auth:DisplayName>Deny only group SID</auth:DisplayName>
+ <auth:Description>The deny-only group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
+ <auth:DisplayName>Deny only primary SID</auth:DisplayName>
+ <auth:Description>The deny-only primary SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
+ <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
+ <auth:Description>The deny-only primary group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
+ <auth:DisplayName>Group SID</auth:DisplayName>
+ <auth:Description>The group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
+ <auth:DisplayName>Primary group SID</auth:DisplayName>
+ <auth:Description>The primary group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
+ <auth:DisplayName>Primary SID</auth:DisplayName>
+ <auth:Description>The primary SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
+ <auth:DisplayName>Windows account name</auth:DisplayName>
+ <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
+ <auth:DisplayName>Is Registered User</auth:DisplayName>
+ <auth:Description>User is registered to use this device</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
+ <auth:DisplayName>Device Identifier</auth:DisplayName>
+ <auth:Description>Identifier of the device</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
+ <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
+ <auth:Description>Identifier for Device Registration</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
+ <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
+ <auth:Description>Display name of Device Registration</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
+ <auth:DisplayName>Device OS type</auth:DisplayName>
+ <auth:Description>OS type of the device</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
+ <auth:DisplayName>Device OS Version</auth:DisplayName>
+ <auth:Description>OS version of the device</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
+ <auth:DisplayName>Is Managed Device</auth:DisplayName>
+ <auth:Description>Device is managed by a management service</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
+ <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
+ <auth:Description>IP address of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
+ <auth:DisplayName>Client Application</auth:DisplayName>
+ <auth:Description>Type of the Client Application</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
+ <auth:DisplayName>Client User Agent</auth:DisplayName>
+ <auth:Description>Device type the client is using to access the application</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
+ <auth:DisplayName>Client IP</auth:DisplayName>
+ <auth:Description>IP address of the client</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
+ <auth:DisplayName>Endpoint Path</auth:DisplayName>
+ <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
+ <auth:DisplayName>Proxy</auth:DisplayName>
+ <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
+ <auth:DisplayName>Application Identifier</auth:DisplayName>
+ <auth:Description>Identifier for the Relying Party</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
+ <auth:DisplayName>Application policies</auth:DisplayName>
+ <auth:Description>Application policies of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
+ <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
+ <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
+ <auth:DisplayName>Basic Constraint</auth:DisplayName>
+ <auth:Description>One of the basic constraints of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
+ <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
+ <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
+ <auth:DisplayName>Issuer</auth:DisplayName>
+ <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
+ <auth:DisplayName>Issuer Name</auth:DisplayName>
+ <auth:Description>The distinguished name of the certificate issuer</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
+ <auth:DisplayName>Key Usage</auth:DisplayName>
+ <auth:Description>One of the key usages of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
+ <auth:DisplayName>Not After</auth:DisplayName>
+ <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
+ <auth:DisplayName>Not Before</auth:DisplayName>
+ <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
+ <auth:DisplayName>Certificate Policies</auth:DisplayName>
+ <auth:Description>The policies under which the certificate has been issued</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
+ <auth:DisplayName>Public Key</auth:DisplayName>
+ <auth:Description>Public Key of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
+ <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
+ <auth:Description>The raw data of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
+ <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
+ <auth:Description>One of the alternative names of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
+ <auth:DisplayName>Serial Number</auth:DisplayName>
+ <auth:Description>The serial number of a certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
+ <auth:DisplayName>Signature Algorithm</auth:DisplayName>
+ <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
+ <auth:DisplayName>Subject</auth:DisplayName>
+ <auth:Description>The subject from the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
+ <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
+ <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
+ <auth:DisplayName>Subject Name</auth:DisplayName>
+ <auth:Description>The subject distinguished name from a certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
+ <auth:DisplayName>V2 Template Name</auth:DisplayName>
+ <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
+ <auth:DisplayName>V1 Template Name</auth:DisplayName>
+ <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
+ <auth:DisplayName>Thumbprint</auth:DisplayName>
+ <auth:Description>Thumbprint of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
+ <auth:DisplayName>X.509 Version</auth:DisplayName>
+ <auth:Description>The X.509 format version of a certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
+ <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
+ <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
+ <auth:DisplayName>Password Expiration Time</auth:DisplayName>
+ <auth:Description>Used to display the time when the password expires</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
+ <auth:DisplayName>Password Expiration Days</auth:DisplayName>
+ <auth:Description>Used to display the number of days to password expiry</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
+ <auth:DisplayName>Update Password URL</auth:DisplayName>
+ <auth:Description>Used to display the web address of update password service</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
+ <auth:DisplayName>Authentication Methods References</auth:DisplayName>
+ <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
+ <auth:DisplayName>Client Request ID</auth:DisplayName>
+ <auth:Description>Identifier for a user session</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.2.752.29.4.13" Optional="true">
+ <auth:DisplayName>JU National civic registration number or code</auth:DisplayName>
+ <auth:Description>Swedish ”personnummer” or ”samordningsnummer” according to SKV 704 and SKV 707. 12 digits without hyphen.</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.2428.90.1.5" Optional="true">
+ <auth:DisplayName>JU norEduPersonNIN</auth:DisplayName>
+ <auth:Description>SWAMID personnummer 12 tecken</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.42" Optional="true">
+ <auth:DisplayName>JU givenName</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.4" Optional="true">
+ <auth:DisplayName>JU surName</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oasis:names:tc:SAML:attribute:assurance-certification" Optional="true">
+ <auth:DisplayName>JU Assurance-Certification</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.16" Optional="true">
+ <auth:DisplayName>JU orcid</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" Optional="true">
+ <auth:DisplayName>JU eduPersonAssurance</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.16.840.1.113730.3.1.241" Optional="true">
+ <auth:DisplayName>JU displayName</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" Optional="true">
+ <auth:DisplayName>JU eduPersonTargetedID</auth:DisplayName>
+ </auth:ClaimType>
+ </fed:ClaimTypesRequested>
+ <fed:TargetScopes>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://test.account.hj.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
+ </EndpointReference>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://test.account.hj.se/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256</Address>
+ </EndpointReference>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://test.account.hj.se/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256</Address>
+ </EndpointReference>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://test.account.hj.se/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256</Address>
+ </EndpointReference>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://test.account.hj.se/adfs/ls/</Address>
+ </EndpointReference>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>http://test.account.hj.se/adfs/services/trust</Address>
+ </EndpointReference>
+ </fed:TargetScopes>
+ <fed:ApplicationServiceEndpoint>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://test.account.hj.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
+ </EndpointReference>
+ </fed:ApplicationServiceEndpoint>
+ <fed:PassiveRequestorEndpoint>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://test.account.hj.se/adfs/ls/</Address>
+ </EndpointReference>
+ </fed:PassiveRequestorEndpoint>
+ </RoleDescriptor>
+ <RoleDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:SecurityTokenServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="TEST - Jönköping University">
+ <KeyDescriptor use="signing">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIC4DCCAcigAwIBAgIQd01qp+Huh4lO3CS1QqGG4TANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZXN0LmFjY291bnQuaGouc2UwHhcNMTYxMjA5MTQzMDE3WhcNMTkxMjA5MTQzMDE3WjAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZXN0LmFjY291bnQuaGouc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1slHrM4Dwv7INShxBAIyO2SPMZ4j7Cj1349drtFYr0b5xW4OYXrbZlsjvFPoH/JiDkxFP6YuHCGFod+NKQ59Jcm5pSAq3W3gAeNpVnCLj4cvHWTn+IuRPGfNRlz4GLDT5NV+L16gYvZOvfTmaVv8WaB6morLyG7iACg2RaZ4I5WsoLdzHTtR667kXXnzols27ebMEqBVJ1UHEUXzN+KLyFN0m1kxXWnWsFlJRM+79+L2j6DPCTpV3akDlSRAL6hAi2Z2SkVXe3J5yTkD06f/TK7wzbyIPWyWcrTYYTjaCLdS/1pu2bgsjYnsfaYhatHaYW8HxmueXEcpVPrGAb/yjAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGmJUmIkyZlvSxVPiyo/3n+UqTX4WQM9VwQ7b3gk1xKqte4kqg4P8GkhMDlovIMd3Kmb1k9G6Qt0SpAgVoW9pjDx0dalT5S7mYAMqnhPLGWxxyfh/glUAj7s1enD7etuLhK+to6FVzCcljdtnh5pvzXxyKJ1Xt77S0aQONobOKkMc5WLGxiFEpeunYFAiP1EyD2mJBObwJmBjEC83Jhd34e0AbW39glUoOrRdNXYML8FbvhJlwoQnbnDDEGGLaKn6VgbJV7WZ7aerYoFrRvHS7izkmArvnPytk3V0ZiW8Z+jXEW7tss0hfezXFz7CtzS8NtK4UijcZMPFhXl5CLEghc=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <fed:TokenTypesOffered>
+ <fed:TokenType Uri="urn:oasis:names:tc:SAML:2.0:assertion"/>
+ <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion"/>
+ </fed:TokenTypesOffered>
+ <fed:ClaimTypesOffered>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
+ <auth:DisplayName>E-Mail Address</auth:DisplayName>
+ <auth:Description>The e-mail address of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
+ <auth:DisplayName>Given Name</auth:DisplayName>
+ <auth:Description>The given name of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
+ <auth:DisplayName>Name</auth:DisplayName>
+ <auth:Description>The unique name of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
+ <auth:DisplayName>UPN</auth:DisplayName>
+ <auth:Description>The user principal name (UPN) of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
+ <auth:DisplayName>Common Name</auth:DisplayName>
+ <auth:Description>The common name of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
+ <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
+ <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
+ <auth:DisplayName>Group</auth:DisplayName>
+ <auth:Description>A group that the user is a member of</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
+ <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
+ <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
+ <auth:DisplayName>Role</auth:DisplayName>
+ <auth:Description>A role that the user has</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
+ <auth:DisplayName>Surname</auth:DisplayName>
+ <auth:Description>The surname of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
+ <auth:DisplayName>PPID</auth:DisplayName>
+ <auth:Description>The private identifier of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
+ <auth:DisplayName>Name ID</auth:DisplayName>
+ <auth:Description>The SAML name identifier of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
+ <auth:DisplayName>Authentication time stamp</auth:DisplayName>
+ <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
+ <auth:DisplayName>Authentication method</auth:DisplayName>
+ <auth:Description>The method used to authenticate the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
+ <auth:DisplayName>Deny only group SID</auth:DisplayName>
+ <auth:Description>The deny-only group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
+ <auth:DisplayName>Deny only primary SID</auth:DisplayName>
+ <auth:Description>The deny-only primary SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
+ <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
+ <auth:Description>The deny-only primary group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
+ <auth:DisplayName>Group SID</auth:DisplayName>
+ <auth:Description>The group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
+ <auth:DisplayName>Primary group SID</auth:DisplayName>
+ <auth:Description>The primary group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
+ <auth:DisplayName>Primary SID</auth:DisplayName>
+ <auth:Description>The primary SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
+ <auth:DisplayName>Windows account name</auth:DisplayName>
+ <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" Optional="true">
+ <auth:DisplayName>Is Registered User</auth:DisplayName>
+ <auth:Description>User is registered to use this device</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" Optional="true">
+ <auth:DisplayName>Device Identifier</auth:DisplayName>
+ <auth:Description>Identifier of the device</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" Optional="true">
+ <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
+ <auth:Description>Identifier for Device Registration</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" Optional="true">
+ <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
+ <auth:Description>Display name of Device Registration</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" Optional="true">
+ <auth:DisplayName>Device OS type</auth:DisplayName>
+ <auth:Description>OS type of the device</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" Optional="true">
+ <auth:DisplayName>Device OS Version</auth:DisplayName>
+ <auth:Description>OS version of the device</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" Optional="true">
+ <auth:DisplayName>Is Managed Device</auth:DisplayName>
+ <auth:Description>Device is managed by a management service</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" Optional="true">
+ <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
+ <auth:Description>IP address of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" Optional="true">
+ <auth:DisplayName>Client Application</auth:DisplayName>
+ <auth:Description>Type of the Client Application</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" Optional="true">
+ <auth:DisplayName>Client User Agent</auth:DisplayName>
+ <auth:Description>Device type the client is using to access the application</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" Optional="true">
+ <auth:DisplayName>Client IP</auth:DisplayName>
+ <auth:Description>IP address of the client</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" Optional="true">
+ <auth:DisplayName>Endpoint Path</auth:DisplayName>
+ <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" Optional="true">
+ <auth:DisplayName>Proxy</auth:DisplayName>
+ <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" Optional="true">
+ <auth:DisplayName>Application Identifier</auth:DisplayName>
+ <auth:Description>Identifier for the Relying Party</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" Optional="true">
+ <auth:DisplayName>Application policies</auth:DisplayName>
+ <auth:Description>Application policies of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" Optional="true">
+ <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
+ <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" Optional="true">
+ <auth:DisplayName>Basic Constraint</auth:DisplayName>
+ <auth:Description>One of the basic constraints of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" Optional="true">
+ <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
+ <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" Optional="true">
+ <auth:DisplayName>Issuer</auth:DisplayName>
+ <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" Optional="true">
+ <auth:DisplayName>Issuer Name</auth:DisplayName>
+ <auth:Description>The distinguished name of the certificate issuer</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" Optional="true">
+ <auth:DisplayName>Key Usage</auth:DisplayName>
+ <auth:Description>One of the key usages of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" Optional="true">
+ <auth:DisplayName>Not After</auth:DisplayName>
+ <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" Optional="true">
+ <auth:DisplayName>Not Before</auth:DisplayName>
+ <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" Optional="true">
+ <auth:DisplayName>Certificate Policies</auth:DisplayName>
+ <auth:Description>The policies under which the certificate has been issued</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" Optional="true">
+ <auth:DisplayName>Public Key</auth:DisplayName>
+ <auth:Description>Public Key of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" Optional="true">
+ <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
+ <auth:Description>The raw data of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" Optional="true">
+ <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
+ <auth:Description>One of the alternative names of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" Optional="true">
+ <auth:DisplayName>Serial Number</auth:DisplayName>
+ <auth:Description>The serial number of a certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" Optional="true">
+ <auth:DisplayName>Signature Algorithm</auth:DisplayName>
+ <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" Optional="true">
+ <auth:DisplayName>Subject</auth:DisplayName>
+ <auth:Description>The subject from the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" Optional="true">
+ <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
+ <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" Optional="true">
+ <auth:DisplayName>Subject Name</auth:DisplayName>
+ <auth:Description>The subject distinguished name from a certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" Optional="true">
+ <auth:DisplayName>V2 Template Name</auth:DisplayName>
+ <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" Optional="true">
+ <auth:DisplayName>V1 Template Name</auth:DisplayName>
+ <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" Optional="true">
+ <auth:DisplayName>Thumbprint</auth:DisplayName>
+ <auth:Description>Thumbprint of the certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" Optional="true">
+ <auth:DisplayName>X.509 Version</auth:DisplayName>
+ <auth:Description>The X.509 format version of a certificate</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" Optional="true">
+ <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
+ <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" Optional="true">
+ <auth:DisplayName>Password Expiration Time</auth:DisplayName>
+ <auth:Description>Used to display the time when the password expires</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" Optional="true">
+ <auth:DisplayName>Password Expiration Days</auth:DisplayName>
+ <auth:Description>Used to display the number of days to password expiry</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" Optional="true">
+ <auth:DisplayName>Update Password URL</auth:DisplayName>
+ <auth:Description>Used to display the web address of update password service</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences" Optional="true">
+ <auth:DisplayName>Authentication Methods References</auth:DisplayName>
+ <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" Optional="true">
+ <auth:DisplayName>Client Request ID</auth:DisplayName>
+ <auth:Description>Identifier for a user session</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.2.752.29.4.13" Optional="true">
+ <auth:DisplayName>JU National civic registration number or code</auth:DisplayName>
+ <auth:Description>Swedish ”personnummer” or ”samordningsnummer” according to SKV 704 and SKV 707. 12 digits without hyphen.</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.2428.90.1.5" Optional="true">
+ <auth:DisplayName>JU norEduPersonNIN</auth:DisplayName>
+ <auth:Description>SWAMID personnummer 12 tecken</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.42" Optional="true">
+ <auth:DisplayName>JU givenName</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.5.4.4" Optional="true">
+ <auth:DisplayName>JU surName</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oasis:names:tc:SAML:attribute:assurance-certification" Optional="true">
+ <auth:DisplayName>JU Assurance-Certification</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.16" Optional="true">
+ <auth:DisplayName>JU orcid</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" Optional="true">
+ <auth:DisplayName>JU eduPersonAssurance</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:2.16.840.1.113730.3.1.241" Optional="true">
+ <auth:DisplayName>JU displayName</auth:DisplayName>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" Optional="true">
+ <auth:DisplayName>JU eduPersonTargetedID</auth:DisplayName>
+ </auth:ClaimType>
+ </fed:ClaimTypesOffered>
+ <fed:SecurityTokenServiceEndpoint>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://test.account.hj.se/adfs/services/trust/2005/certificatemixed</Address>
+ <Metadata>
+ <Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex">
+ <wsx:MetadataSection xmlns="" Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex">
+ <wsx:MetadataReference>
+ <Address xmlns="http://www.w3.org/2005/08/addressing">https://test.account.hj.se/adfs/services/trust/mex</Address>
+ </wsx:MetadataReference>
+ </wsx:MetadataSection>
+ </Metadata>
+ </Metadata>
+ </EndpointReference>
+ </fed:SecurityTokenServiceEndpoint>
+ <fed:PassiveRequestorEndpoint>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://test.account.hj.se/adfs/ls/</Address>
+ </EndpointReference>
+ </fed:PassiveRequestorEndpoint>
+ </RoleDescriptor>
+ <SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="sv">Jönköping University - Test för kontohantering</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Jönköping University - Account management test</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Denna applikation används som test för kontohantering.</mdui:Description>
+ <mdui:Description xml:lang="en">This service is used for account management test.</mdui:Description>
+ <mdui:InformationURL xml:lang="sv">http://ju.se/it-helpdesk/faq---manualer/mitt-anvandarkonto.html</mdui:InformationURL>
+ <mdui:InformationURL xml:lang="en">http://ju.se/en/it-helpdesk/ju-faq---manuals/my-user-account.html</mdui:InformationURL>
+ <mdui:Logo height="21" width="187" xml:lang="sv">https://test.account.hj.se/logo.png</mdui:Logo>
+ <mdui:Logo height="21" width="187" xml:lang="en">https://test.account.hj.se/logo.png</mdui:Logo>
+ </mdui:UIInfo>
+ </Extensions>
+ <KeyDescriptor use="encryption">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIC5jCCAc6gAwIBAgIQJ6LjjqEWcpJFTvVMSkHi1DANBgkqhkiG9w0BAQsFADAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZXN0LmFjY291bnQuaGouc2UwHhcNMTYxMjA5MTQzMDMwWhcNMTkxMjA5MTQzMDMwWjAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZXN0LmFjY291bnQuaGouc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKeIg/zjQRwo2xTfCu1a+D51QeiD4FTJqsm0Avzhf/voxxhjbNWDa21QjezqpwgXEP7kVfXkEngzaW5wlraZdgZp44dkI0VnXAQ6U2XO0Rm3RX2ZOmYU5s23JwPeuYW5hHlSRpnLvSjiPahSZzeRR4Z2HuVwPOFaxQHxio2LM8YrjeJfUrznjipA4s8PaYoPs7wGe79FNRzVarAyIlmEJRFmNgYmaAJNVQUkQ+iappvq7vlkeXhGbxFOhhpvX7BMaNSDl+c4hATObtYENTPelA5Aiu5yZ3oAgt6fudkND9HNQQn7RMGMHVeRx6X13wzAetbhOMZQlx/I1jkcixiUiLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBADT+YOGXpr3WXIyZfZeQVZTaCFQcm05oxu4Uucc5rYfJTRxQSarYTc1KW94wemAbEFCOAJuwL8zxOcHnoghikBVZZ8uW1qG2Jw+Jo0uf6fbH1PljKMH2Xy2uZOUbyv262aLfZ0rTEr3rPL1SFCAUimcjhqE4Y2QcGol+gGYOk41wgKcW9zS0D7RnQLDBi6wInKjhHWiwVEnGgqwo3ieb0IWV070Aa2EhSWkprXgB6HmxK9uN/tAZcS8KqR3TQHEN8OuinSeGU9+37G9OC3GiAnYXk49S4FqlnY2HJt8CuN64eMYlvRRRtwQozVy/N2vGARRKP4uP5cKZJ2ELheMv38w=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIC4DCCAcigAwIBAgIQd01qp+Huh4lO3CS1QqGG4TANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZXN0LmFjY291bnQuaGouc2UwHhcNMTYxMjA5MTQzMDE3WhcNMTkxMjA5MTQzMDE3WjAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZXN0LmFjY291bnQuaGouc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1slHrM4Dwv7INShxBAIyO2SPMZ4j7Cj1349drtFYr0b5xW4OYXrbZlsjvFPoH/JiDkxFP6YuHCGFod+NKQ59Jcm5pSAq3W3gAeNpVnCLj4cvHWTn+IuRPGfNRlz4GLDT5NV+L16gYvZOvfTmaVv8WaB6morLyG7iACg2RaZ4I5WsoLdzHTtR667kXXnzols27ebMEqBVJ1UHEUXzN+KLyFN0m1kxXWnWsFlJRM+79+L2j6DPCTpV3akDlSRAL6hAi2Z2SkVXe3J5yTkD06f/TK7wzbyIPWyWcrTYYTjaCLdS/1pu2bgsjYnsfaYhatHaYW8HxmueXEcpVPrGAb/yjAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGmJUmIkyZlvSxVPiyo/3n+UqTX4WQM9VwQ7b3gk1xKqte4kqg4P8GkhMDlovIMd3Kmb1k9G6Qt0SpAgVoW9pjDx0dalT5S7mYAMqnhPLGWxxyfh/glUAj7s1enD7etuLhK+to6FVzCcljdtnh5pvzXxyKJ1Xt77S0aQONobOKkMc5WLGxiFEpeunYFAiP1EyD2mJBObwJmBjEC83Jhd34e0AbW39glUoOrRdNXYML8FbvhJlwoQnbnDDEGGLaKn6VgbJV7WZ7aerYoFrRvHS7izkmArvnPytk3V0ZiW8Z+jXEW7tss0hfezXFz7CtzS8NtK4UijcZMPFhXl5CLEghc=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test.account.hj.se/adfs/ls/"/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test.account.hj.se/adfs/ls/"/>
+ <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test.account.hj.se/adfs/ls/" index="0" isDefault="true"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://test.account.hj.se/adfs/ls/" index="1"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test.account.hj.se/adfs/ls/" index="2"/>
+ </SPSSODescriptor>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <KeyDescriptor use="encryption">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIC5jCCAc6gAwIBAgIQJ6LjjqEWcpJFTvVMSkHi1DANBgkqhkiG9w0BAQsFADAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZXN0LmFjY291bnQuaGouc2UwHhcNMTYxMjA5MTQzMDMwWhcNMTkxMjA5MTQzMDMwWjAvMS0wKwYDVQQDEyRBREZTIEVuY3J5cHRpb24gLSB0ZXN0LmFjY291bnQuaGouc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKeIg/zjQRwo2xTfCu1a+D51QeiD4FTJqsm0Avzhf/voxxhjbNWDa21QjezqpwgXEP7kVfXkEngzaW5wlraZdgZp44dkI0VnXAQ6U2XO0Rm3RX2ZOmYU5s23JwPeuYW5hHlSRpnLvSjiPahSZzeRR4Z2HuVwPOFaxQHxio2LM8YrjeJfUrznjipA4s8PaYoPs7wGe79FNRzVarAyIlmEJRFmNgYmaAJNVQUkQ+iappvq7vlkeXhGbxFOhhpvX7BMaNSDl+c4hATObtYENTPelA5Aiu5yZ3oAgt6fudkND9HNQQn7RMGMHVeRx6X13wzAetbhOMZQlx/I1jkcixiUiLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBADT+YOGXpr3WXIyZfZeQVZTaCFQcm05oxu4Uucc5rYfJTRxQSarYTc1KW94wemAbEFCOAJuwL8zxOcHnoghikBVZZ8uW1qG2Jw+Jo0uf6fbH1PljKMH2Xy2uZOUbyv262aLfZ0rTEr3rPL1SFCAUimcjhqE4Y2QcGol+gGYOk41wgKcW9zS0D7RnQLDBi6wInKjhHWiwVEnGgqwo3ieb0IWV070Aa2EhSWkprXgB6HmxK9uN/tAZcS8KqR3TQHEN8OuinSeGU9+37G9OC3GiAnYXk49S4FqlnY2HJt8CuN64eMYlvRRRtwQozVy/N2vGARRKP4uP5cKZJ2ELheMv38w=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIC4DCCAcigAwIBAgIQd01qp+Huh4lO3CS1QqGG4TANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZXN0LmFjY291bnQuaGouc2UwHhcNMTYxMjA5MTQzMDE3WhcNMTkxMjA5MTQzMDE3WjAsMSowKAYDVQQDEyFBREZTIFNpZ25pbmcgLSB0ZXN0LmFjY291bnQuaGouc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1slHrM4Dwv7INShxBAIyO2SPMZ4j7Cj1349drtFYr0b5xW4OYXrbZlsjvFPoH/JiDkxFP6YuHCGFod+NKQ59Jcm5pSAq3W3gAeNpVnCLj4cvHWTn+IuRPGfNRlz4GLDT5NV+L16gYvZOvfTmaVv8WaB6morLyG7iACg2RaZ4I5WsoLdzHTtR667kXXnzols27ebMEqBVJ1UHEUXzN+KLyFN0m1kxXWnWsFlJRM+79+L2j6DPCTpV3akDlSRAL6hAi2Z2SkVXe3J5yTkD06f/TK7wzbyIPWyWcrTYYTjaCLdS/1pu2bgsjYnsfaYhatHaYW8HxmueXEcpVPrGAb/yjAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGmJUmIkyZlvSxVPiyo/3n+UqTX4WQM9VwQ7b3gk1xKqte4kqg4P8GkhMDlovIMd3Kmb1k9G6Qt0SpAgVoW9pjDx0dalT5S7mYAMqnhPLGWxxyfh/glUAj7s1enD7etuLhK+to6FVzCcljdtnh5pvzXxyKJ1Xt77S0aQONobOKkMc5WLGxiFEpeunYFAiP1EyD2mJBObwJmBjEC83Jhd34e0AbW39glUoOrRdNXYML8FbvhJlwoQnbnDDEGGLaKn6VgbJV7WZ7aerYoFrRvHS7izkmArvnPytk3V0ZiW8Z+jXEW7tss0hfezXFz7CtzS8NtK4UijcZMPFhXl5CLEghc=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test.account.hj.se/adfs/ls/"/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test.account.hj.se/adfs/ls/"/>
+ <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test.account.hj.se/adfs/ls/"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test.account.hj.se/adfs/ls/"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Registered User"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Identifier"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration Identifier"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration DisplayName"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS type"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS Version"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Managed Device"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Forwarded Client IP"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Application"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client User Agent"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client IP"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Endpoint Path"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Proxy"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application Identifier"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application policies"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authority Key Identifier"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Basic Constraint"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Enhanced Key Usage"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Key Usage"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not After"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not Before"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Policies"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Public Key"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Raw Data"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Alternative Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Serial Number"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Signature Algorithm"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Key Identifier"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V2 Template Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V1 Template Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Thumbprint"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="X.509 Version"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Inside Corporate Network"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Time"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Days"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Update Password URL"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication Methods References"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Request ID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.2.752.29.4.13" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU National civic registration number or code"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.3.6.1.4.1.2428.90.1.5" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU norEduPersonNIN"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU givenName"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU surName"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU Assurance-Certification"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.16" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU orcid"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU eduPersonAssurance"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU displayName"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="JU eduPersonTargetedID"/>
+ </IDPSSODescriptor>
+ <ContactPerson contactType="technical">
+ <GivenName>Joakim</GivenName>
+ <SurName>Danielsson</SurName>
+ <EmailAddress>joakim.danielsson@ju.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
diff --git a/swamid-2.0/video.nordu.net.xml b/swamid-2.0/video.nordu.net.xml
new file mode 100644
index 00000000..d7b19d20
--- /dev/null
+++ b/swamid-2.0/video.nordu.net.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://video.nordu.net">
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="sv">NORDUnet MediaSpace</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">NORDUnet MediaSpace</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Tjänst för NORDUnet video</mdui:Description>
+ <mdui:Description xml:lang="en">Service for video.nordu.net</mdui:Description>
+ </mdui:UIInfo>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDkTCCAnmgAwIBAgIJAOK6B5mN4wdxMA0GCSqGSIb3DQEBCwUAMDkxCzAJBgNVBAYTAkRLMRMwEQYDVQQIEwpTb21lLVN0YXRlMRUwEwYDVQQKEwxOT1JEVW5ldCBBL1MwHhcNMTUwOTE0MTEyODE2WhcNMjUwOTEzMTEyODE2WjA5MQswCQYDVQQGEwJESzETMBEGA1UECBMKU29tZS1TdGF0ZTEVMBMGA1UEChMMTk9SRFVuZXQgQS9TMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPvotlyn9c6a/l16joFMoCBmoOjIBw9W+F/G8bug4Gn3M2UNJp27y/Wtj+FHs2xAjR2OsmiEukjjX/qAk/v089zKYOPdORYZB3Oq18EWf3w/JdA7pwiD+zGgqxkZ52NSD86c+6L/iIkQsxZR/U7o6V/m/Q8uvaWyYvcIh7gcmsMcvNn4IQU8fUEnPWVMFeZttu06y9/rz/px+OpwvNPJX4Q/ywE62XthOfkL+cUW8ew9JXKtmlNyxDssiUMvTqEdfHuQgwd6BtlAcL8qFw224YL/B5oZff7ZXy5XRkRNMPDCvee+1IVbkmXnpluNQlstm/NTmEwzQqFy+163mY7JewIDAQABo4GbMIGYMB0GA1UdDgQWBBRu5x77k1+Q2a63tohN2DMc+8tKJTBpBgNVHSMEYjBggBRu5x77k1+Q2a63tohN2DMc+8tKJaE9pDswOTELMAkGA1UEBhMCREsxEzARBgNVBAgTClNvbWUtU3RhdGUxFTATBgNVBAoTDE5PUkRVbmV0IEEvU4IJAOK6B5mN4wdxMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBALEtmyFQJvoaR1tu/cEch8bpzTSv04Wt38nk5sCHzz2ohwfUtHv/60jKVFkN1aDO4RiX7UhDo+mQ4prrKk3GWfOSz6R/e7oqgAkh27K4ZrDRlODiamuNmkTXcRLRG8mFuKGDw4ecZgShJEFfGDwoutn+Lk/A7aMDotISNTBYTPU4TseotinZW/rSZdjVmeC9mDFSQiwYvyjDae7ueaN19V1xm8qgfs5DgrtOkX36nvuwK/KUMGO78fJUTAxGSEPTMZwUg9vD9CBfPJGiDfTEkvTYdMQO3AgRvnulGtD88mLfhokHOXVZXLF8S1q+C40k6/kvHKcVooF5zkoIaCNFAOI=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDkTCCAnmgAwIBAgIJAOK6B5mN4wdxMA0GCSqGSIb3DQEBCwUAMDkxCzAJBgNVBAYTAkRLMRMwEQYDVQQIEwpTb21lLVN0YXRlMRUwEwYDVQQKEwxOT1JEVW5ldCBBL1MwHhcNMTUwOTE0MTEyODE2WhcNMjUwOTEzMTEyODE2WjA5MQswCQYDVQQGEwJESzETMBEGA1UECBMKU29tZS1TdGF0ZTEVMBMGA1UEChMMTk9SRFVuZXQgQS9TMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPvotlyn9c6a/l16joFMoCBmoOjIBw9W+F/G8bug4Gn3M2UNJp27y/Wtj+FHs2xAjR2OsmiEukjjX/qAk/v089zKYOPdORYZB3Oq18EWf3w/JdA7pwiD+zGgqxkZ52NSD86c+6L/iIkQsxZR/U7o6V/m/Q8uvaWyYvcIh7gcmsMcvNn4IQU8fUEnPWVMFeZttu06y9/rz/px+OpwvNPJX4Q/ywE62XthOfkL+cUW8ew9JXKtmlNyxDssiUMvTqEdfHuQgwd6BtlAcL8qFw224YL/B5oZff7ZXy5XRkRNMPDCvee+1IVbkmXnpluNQlstm/NTmEwzQqFy+163mY7JewIDAQABo4GbMIGYMB0GA1UdDgQWBBRu5x77k1+Q2a63tohN2DMc+8tKJTBpBgNVHSMEYjBggBRu5x77k1+Q2a63tohN2DMc+8tKJaE9pDswOTELMAkGA1UEBhMCREsxEzARBgNVBAgTClNvbWUtU3RhdGUxFTATBgNVBAoTDE5PUkRVbmV0IEEvU4IJAOK6B5mN4wdxMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBALEtmyFQJvoaR1tu/cEch8bpzTSv04Wt38nk5sCHzz2ohwfUtHv/60jKVFkN1aDO4RiX7UhDo+mQ4prrKk3GWfOSz6R/e7oqgAkh27K4ZrDRlODiamuNmkTXcRLRG8mFuKGDw4ecZgShJEFfGDwoutn+Lk/A7aMDotISNTBYTPU4TseotinZW/rSZdjVmeC9mDFSQiwYvyjDae7ueaN19V1xm8qgfs5DgrtOkX36nvuwK/KUMGO78fJUTAxGSEPTMZwUg9vD9CBfPJGiDfTEkvTYdMQO3AgRvnulGtD88mLfhokHOXVZXLF8S1q+C40k6/kvHKcVooF5zkoIaCNFAOI=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://video.nordu.net/user/logout"/>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://video.nordu.net/user/authenticate" index="0"/>
+ </md:SPSSODescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">NORDUnet MediaSpace</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="en">NORDUnet MediaSpace</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">https://video.nordu.net</md:OrganizationURL>
+ </md:Organization>
+ <md:ContactPerson contactType="technical">
+ <md:SurName>NORDUnet</md:SurName>
+ <md:EmailAddress>mailto:kaltura@nordu.net</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/www.scalable-learning.com.xml b/swamid-2.0/www.scalable-learning.com.xml
index 13ef698f..51bdba8b 100644
--- a/swamid-2.0/www.scalable-learning.com.xml
+++ b/swamid-2.0/www.scalable-learning.com.xml
@@ -17,7 +17,7 @@
<mdui:Description xml:lang="sv">Plattform för stöd av "flipped classroom" utbildning.</mdui:Description>
<mdui:InformationURL xml:lang="en">http://www.scalable-learning.com/home/about</mdui:InformationURL>
<mdui:PrivacyStatementURL xml:lang="en">https://www.scalable-learning.com/#/privacy</mdui:PrivacyStatementURL>
- <mdui:Logo height="100" width="100">https://www.scalable-learning.com/assets/logo-a66e557f3f93b4d5195033ba1a1527a3.png</mdui:Logo>
+ <mdui:Logo xml:lang="en" height="100" width="100">https://www.scalable-learning.com/assets/logo-a66e557f3f93b4d5195033ba1a1527a3.png</mdui:Logo>
</mdui:UIInfo>
</md:Extensions>
<md:KeyDescriptor>