Resolves SWAMIDOPS-7643 and SWAMIDOPS-7646

author: Paul Scott <paul.scott@kau.se> 2015-04-21 13:14:48 +0200
committer: Paul Scott <paul.scott@kau.se> 2015-04-21 13:14:48 +0200
commit: 4c248feeafa5e058ba43593fc120694f6c079f48 (patch)
tree: 62b2fea615eb55f01f5ec660cf6efbd996a0559b /swamid-2.0
parent: 006e51cfdcad6c4f94c6bb6ecc0aa268aa3768f8 (diff)
2 files changed, 306 insertions, 0 deletions
diff --git a/swamid-2.0/idp-test.suni.se-adfs-services-trust.xml b/swamid-2.0/idp-test.suni.se-adfs-services-trust.xml
new file mode 100644
index 00000000..6f8341e6
--- /dev/null
+++ b/swamid-2.0/idp-test.suni.se-adfs-services-trust.xml
@@ -0,0 +1,117 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://idp-test.suni.se/adfs/services/trust">
+  <Extensions>
+    <shibmd:Scope regexp="false">suni.se</shibmd:Scope>
+  </Extensions>
+  <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <Extensions>
+      <shibmd:Scope regexp="false">suni.se</shibmd:Scope>
+    </Extensions>
+    <KeyDescriptor use="encryption">
+      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+        <X509Data>
+          <X509Certificate>MIIEmzCCA4OgAwIBAgIRAPk+SXniS3T2At3wrsquxWEwDQYJKoZIhvcNAQELBQAwZDELMAkGA1UEBhMCTkwxFjAUBgNVBAgTDU5vb3JkLUhvbGxhbmQxEjAQBgNVBAcTCUFtc3RlcmRhbTEPMA0GA1UEChMGVEVSRU5BMRgwFgYDVQQDEw9URVJFTkEgU1NMIENBIDIwHhcNMTUwNDIwMDAwMDAwWhcNMTgwNDE5MjM1OTU5WjA+MSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxGTAXBgNVBAMTEGlkcC10ZXN0LnN1bmkuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrrCK7qc2FuRKTeSb4sUoKHR6R/o7WLS7ZHbxmcwhm1Vpmx3ToxSYo+nzo6y2Cc/UnJ6Nbtgiuwg/mVZCp1Fxryjke9o+278k0ze1SZn+SIEgQ6QS8v21gYiBiqRz9tafG8DVS/rjmhMpzxhDc2sYs+h2sZeFETJquybByNk76zEiFuhKPuzzz33dF117wRGhUcnCUi9bqEcMfDfTeN9UurF0ZNFoLwqlgfZfR5FKF8GHcbtdkdAVECLlcepKK2EtkImUA+oQcHBkUahWULupRPE1HWK4RoQsrxnwl7TASKkktiWIYYynQDk5S/yV4POHnpbAB5cNuzsKlej8uAWhNAgMBAAGjggFsMIIBaDAfBgNVHSMEGDAWgBRb0IocmjJb4LXdllQb4YYosP22vTAdBgNVHQ4EFgQUkQuXiO/x19n+Qo2nP0vTSyaWvd0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAh0wCAYGZ4EMAQIBMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9URVJFTkFTU0xDQTIuY3JsMGwGCCsGAQUFBwEBBGAwXjA1BggrBgEFBQcwAoYpaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1RFUkVOQVNTTENBMi5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wGwYDVR0RBBQwEoIQaWRwLXRlc3Quc3VuaS5zZTANBgkqhkiG9w0BAQsFAAOCAQEAKl0eOcXaD8QEjMgjMJ/VbIFjQcZjGToKD7nEOwwR3qqVkNVtdcLofe6wmZM1ZaWtdRZ+HL6bJpAAn2EWtdAb0m6QNrkHF9dsSeNZUn3M+UZptfUxjDspnH070Crhghdq2Q1KPr3YC1VNBaN7bOJUwAhx1mEork3ZOYMlY8pnPUStDyi2p+LMgEVjDLjAEY+uuZL0fYUbdHuEMQ3c13APY7siDdOa8iGzk1NzxMINC5xpLSlWa+i6VtusuX4QumZVkB0n7Qm6JlU9D/Lp/MhzbvD5hKiy9Ii15XNrEJG4P0HY4GpTemNdx6fP5AeJ6NpahMiVbyTntNQJRpdPz28CDQ==</X509Certificate>
+        </X509Data>
+      </KeyInfo>
+    </KeyDescriptor>
+    <KeyDescriptor use="signing">
+      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+        <X509Data>
+          <X509Certificate>MIIEmzCCA4OgAwIBAgIRAPk+SXniS3T2At3wrsquxWEwDQYJKoZIhvcNAQELBQAwZDELMAkGA1UEBhMCTkwxFjAUBgNVBAgTDU5vb3JkLUhvbGxhbmQxEjAQBgNVBAcTCUFtc3RlcmRhbTEPMA0GA1UEChMGVEVSRU5BMRgwFgYDVQQDEw9URVJFTkEgU1NMIENBIDIwHhcNMTUwNDIwMDAwMDAwWhcNMTgwNDE5MjM1OTU5WjA+MSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxGTAXBgNVBAMTEGlkcC10ZXN0LnN1bmkuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrrCK7qc2FuRKTeSb4sUoKHR6R/o7WLS7ZHbxmcwhm1Vpmx3ToxSYo+nzo6y2Cc/UnJ6Nbtgiuwg/mVZCp1Fxryjke9o+278k0ze1SZn+SIEgQ6QS8v21gYiBiqRz9tafG8DVS/rjmhMpzxhDc2sYs+h2sZeFETJquybByNk76zEiFuhKPuzzz33dF117wRGhUcnCUi9bqEcMfDfTeN9UurF0ZNFoLwqlgfZfR5FKF8GHcbtdkdAVECLlcepKK2EtkImUA+oQcHBkUahWULupRPE1HWK4RoQsrxnwl7TASKkktiWIYYynQDk5S/yV4POHnpbAB5cNuzsKlej8uAWhNAgMBAAGjggFsMIIBaDAfBgNVHSMEGDAWgBRb0IocmjJb4LXdllQb4YYosP22vTAdBgNVHQ4EFgQUkQuXiO/x19n+Qo2nP0vTSyaWvd0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAh0wCAYGZ4EMAQIBMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9URVJFTkFTU0xDQTIuY3JsMGwGCCsGAQUFBwEBBGAwXjA1BggrBgEFBQcwAoYpaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1RFUkVOQVNTTENBMi5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wGwYDVR0RBBQwEoIQaWRwLXRlc3Quc3VuaS5zZTANBgkqhkiG9w0BAQsFAAOCAQEAKl0eOcXaD8QEjMgjMJ/VbIFjQcZjGToKD7nEOwwR3qqVkNVtdcLofe6wmZM1ZaWtdRZ+HL6bJpAAn2EWtdAb0m6QNrkHF9dsSeNZUn3M+UZptfUxjDspnH070Crhghdq2Q1KPr3YC1VNBaN7bOJUwAhx1mEork3ZOYMlY8pnPUStDyi2p+LMgEVjDLjAEY+uuZL0fYUbdHuEMQ3c13APY7siDdOa8iGzk1NzxMINC5xpLSlWa+i6VtusuX4QumZVkB0n7Qm6JlU9D/Lp/MhzbvD5hKiy9Ii15XNrEJG4P0HY4GpTemNdx6fP5AeJ6NpahMiVbyTntNQJRpdPz28CDQ==</X509Certificate>
+        </X509Data>
+      </KeyInfo>
+    </KeyDescriptor>
+    <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp-test.suni.se/adfs/services/trust/artifactresolution" index="0"/>
+    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-test.suni.se/adfs/ls/"/>
+    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-test.suni.se/adfs/ls/"/>
+    <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+    <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
+    <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+    <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp-test.suni.se/adfs/ls/"/>
+    <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-test.suni.se/adfs/ls/"/>
+    <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-test.suni.se/adfs/ls/"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Registered User"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Identifier"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration Identifier"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device Registration DisplayName"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS type"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Device OS Version"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Is Managed Device"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Forwarded Client IP"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Application"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client User Agent"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client IP"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Endpoint Path"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Proxy"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application Identifier"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Application policies"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authority Key Identifier"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Basic Constraint"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Enhanced Key Usage"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Issuer Name"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Key Usage"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not After"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Not Before"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Policies"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Public Key"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Certificate Raw Data"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Alternative Name"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Serial Number"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Signature Algorithm"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Key Identifier"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Subject Name"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V2 Template Name"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="V1 Template Name"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Thumbprint"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="X.509 Version"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Inside Corporate Network"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Time"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Password Expiration Days"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Update Password URL"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication Methods References"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Client Request ID"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2013/11/alternateloginid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Alternate Login ID"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/eduPersonScopedAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonScopedAffiliation"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/socialSecurityNumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="socialSecurityNumber"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/cn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="cn"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/eduPersonEntitlement" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonEntitlement"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Display Name"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/initials" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Initials"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/norEduPersonNIN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="norEduPersonNIN"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/socialSecurityNumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="socialSecurityNumberNotOld"/>
+  </IDPSSODescriptor>
+  <Organization>
+    <OrganizationName xml:lang="sv-SE">Södertörns högskola test</OrganizationName>
+    <OrganizationDisplayName xml:lang="sv-SE">Södertörns högskola test</OrganizationDisplayName>
+    <OrganizationURL xml:lang="sv-SE">http://www.sh.se/</OrganizationURL>
+  </Organization>
+  <ContactPerson contactType="support">
+    <GivenName>Tomas</GivenName>
+    <SurName>Legat</SurName>
+    <EmailAddress>server@sh.se</EmailAddress>
+    <TelephoneNumber>08-6084000</TelephoneNumber>
+  </ContactPerson>
+</EntityDescriptor>
diff --git a/swamid-2.0/idptest.hj.se-idp-shibboleth.xml b/swamid-2.0/idptest.hj.se-idp-shibboleth.xml
new file mode 100644
index 00000000..467dfccd
--- /dev/null
+++ b/swamid-2.0/idptest.hj.se-idp-shibboleth.xml
@@ -0,0 +1,189 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+     This is example metadata only. Do *NOT* supply it as is without review,
+     and do *NOT* provide it in real time to your partners.
+
+     This metadata is not dynamic - it will not change as your configuration changes.
+-->
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://idptest.hj.se/idp/shibboleth">
+  <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+    <Extensions>
+      <shibmd:Scope regexp="false">hj.se</shibmd:Scope>
+      <mdui:UIInfo>
+        <mdui:DisplayName xml:lang="en">Jönköping University - idptest.hj.se</mdui:DisplayName>
+        <mdui:Description xml:lang="en">The Jönköping University Test Identity Provider is used only for testing purpose.</mdui:Description>
+        <mdui:Logo height="77" width="630">https://hj.se/webdav/images/system/gfx/logotype/hj-sv.png</mdui:Logo>
+      </mdui:UIInfo>
+    </Extensions>
+    <KeyDescriptor use="signing">
+      <ds:KeyInfo>
+        <ds:X509Data>
+          <ds:X509Certificate>
+MIIDIDCCAgigAwIBAgIVAKFIv7gVqTHNlULQ46qEKD58wzelMA0GCSqGSIb3DQEB
+CwUAMBgxFjAUBgNVBAMMDWlkcHRlc3QuaGouc2UwHhcNMTUwNDE2MTIzNjIxWhcN
+MzUwNDE2MTIzNjIxWjAYMRYwFAYDVQQDDA1pZHB0ZXN0LmhqLnNlMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0JcJL1Nug5T8UD8/Nb6k/LaUkAHfbQx
+zZib5ZFzhVJzrC71NdplxqqjV0Uy5Lj/vOkeYyXgyNc2EFhj0pj0X/Sc2fznfIXH
+3ke9NAv1r0MtZwoFXsVqGxc4kx0hy4QS/kzvHSQovZBxgyfyY06abgY+7D/txBjS
+QG7SlLEfIZpzLdkxmUbnkTJyGgAiCxoe3gpJVq2d1vNuFgIwffqoP6ZkbSBBGOuG
+m1nmpX6oSCmWA9LYaIC18rvg2vv76FNvK8nU87rg551NQhFTfF/bJ0ZSMPCpnpKu
+8ZS+oYyn2rigXtgnSyW1TmT1ZPgMyVHfTLTx7bIw+VmVmeIh/Z8HSQIDAQABo2Ew
+XzAdBgNVHQ4EFgQUQi/yV1jr1dK8GUlZTkPuskw/ScswPgYDVR0RBDcwNYINaWRw
+dGVzdC5oai5zZYYkaHR0cHM6Ly9pZHB0ZXN0LmhqLnNlL2lkcC9zaGliYm9sZXRo
+MA0GCSqGSIb3DQEBCwUAA4IBAQBCCoyJPTF+rktCgetDJcCH2ZHL1cg17BTSargD
+GVRQcT43R6QtZkCeD4pr/gF6Iyo0TplAjOUZpLzN85u8igv1q1vaR2TfWLjQH+9P
+nX13LjFqdcBghd/ygcdjAMIoPI2b0GOTW8rqwQkJG3J5dg6t+hU7nnqrCDwAIjY0
+es5fL7r15TdFgpglDgDuDdHr+wGyBj7NJtKwNIlwKdwLTfGuAlJMBikRPb7hXLeI
+oSnwb0Y7P8GMDC7hOSUKZBsIgOScVzrKqsfxnIMryhBW1rFrrS1eDiF8j7lWq3Z9
++Bnt4yQqMRjgHeLEVL5BcXpFNTzgMPOKxmIBjTDVdRamWisR
+                        </ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+    </KeyDescriptor>
+    <KeyDescriptor use="signing">
+      <ds:KeyInfo>
+        <ds:X509Data>
+          <ds:X509Certificate>
+MIIDIDCCAgigAwIBAgIVAKNEGfTEINJaenJtF9oWLLlzupllMA0GCSqGSIb3DQEB
+CwUAMBgxFjAUBgNVBAMMDWlkcHRlc3QuaGouc2UwHhcNMTUwNDE2MTIzNjIwWhcN
+MzUwNDE2MTIzNjIwWjAYMRYwFAYDVQQDDA1pZHB0ZXN0LmhqLnNlMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhfM4vMv+UFT14W3zBcN8UvqxbyWyczA
+ovbK4OVPSm1X0B3pwScCRCYblQ5VGUMsUAdK827G2O4D946Y2WuyR5uwsFInESPT
+B63Le+D3r5ihnLi+v/t0/pWSoiIuu2Mgx/wOhYM26MEFoCkXQ1f97gNppj/2gt2D
+HbjFU6wFcvZZiz43BCNaWkE02cKnKHAUSAyXAlOjuz+T+pQBliiJ1qcRvYgoB/ng
+Ma08zT4L25W5KbmGbzOVsiZBgH+sO3fktnWq6vWdpnaLGPIIXdsfxc+5uNhWbSNB
+1viQszQjCXry99HeYfPtgxk7bhIB0wqc36SUktv0MIa2dKqJ+0AGuwIDAQABo2Ew
+XzAdBgNVHQ4EFgQUG60Igc1R9kXrlbvi2CykDagzKYkwPgYDVR0RBDcwNYINaWRw
+dGVzdC5oai5zZYYkaHR0cHM6Ly9pZHB0ZXN0LmhqLnNlL2lkcC9zaGliYm9sZXRo
+MA0GCSqGSIb3DQEBCwUAA4IBAQBMzr0ZurlrLXV6QPdqT6LtkowgiN2IgiT8sDJh
+AhcreW3XOsy9xQNYIhP6I8DdW9Pf2mAzpcxrUFKyoDINA9tRBgFSDeaCTXYvCBFC
+SiKFGpd+udtwex+/xsc63GBqbuQGml1jf7tvIq0+xctHYF5AqQ7MYvoUYf/oIkdJ
+MeRl+c2mK/fmXHZRI75/gl1vm4+nnknDmZ5ztvjQQ/wMpiOCKgLoFIaa1r03/8hB
+ns0GCnxNxrNO2Lt5H8B1OD4zjBree1+CTOvcU9Ysuid6j9Cg7tpWmjce5J1tzD2V
+itinoey/bFoYxyBLSwl08bW2opR2DYjuhnaF5F7/8RW4gsSK
+                        </ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+    </KeyDescriptor>
+    <KeyDescriptor use="encryption">
+      <ds:KeyInfo>
+        <ds:X509Data>
+          <ds:X509Certificate>
+MIIDIDCCAgigAwIBAgIVAIUL/EqjvMGZNtChQE84MYUlxJwzMA0GCSqGSIb3DQEB
+CwUAMBgxFjAUBgNVBAMMDWlkcHRlc3QuaGouc2UwHhcNMTUwNDE2MTIzNjIxWhcN
+MzUwNDE2MTIzNjIxWjAYMRYwFAYDVQQDDA1pZHB0ZXN0LmhqLnNlMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5v0+aejzn3dgUYJFuZy0ZekCc4FocMe
+WqZbOVnSVCynBA9ZTT9rER1rSlQdyXrTqA63BQhXdKoW2XNKQYFKJt9RjMrkcDXk
+ErJDHZgvXQcXrAt674yh+qB9MEpumlx5Nq0Sd8h+6Ox5gB6mJ5MZoikxvcRc3ItA
+OCAnByelpu4to3paFWTe2VBnsv2irdkL//WXWJak7rj9E50wGkPXvBJ5cst/47Id
+blGvA9Quve4BgaKVKgrw0iVSqlid8Yut9HzmQWWD48Yd1d6MSUoX/jGPPZ0NehFL
+ug+KnZ9feyvQIsD4SLWoOpeofLdvNH+f+gAZ5F+71w5koiBZsx0uoQIDAQABo2Ew
+XzAdBgNVHQ4EFgQU8fcjL1jDHLtJ2+PIIpI8hDOSD2IwPgYDVR0RBDcwNYINaWRw
+dGVzdC5oai5zZYYkaHR0cHM6Ly9pZHB0ZXN0LmhqLnNlL2lkcC9zaGliYm9sZXRo
+MA0GCSqGSIb3DQEBCwUAA4IBAQAszfhrL5sb0vZ722+bkywyKNR9KKU5gw6YWKpG
+ew08pyP+N8KG5c+ZXlPMXJGIAhlL/Nj6/OPJSb4olQGuedUhx3ypJOi3/4zRpvdw
+eYSDoIbuHf493UGBxvBX/546ODfzw4qoLToErPa1c1txjAcFg0n8B8TxjoWultNk
+whJLHc+OZRI0wgiHjpMYCCHW4Ss/cW9fQse7biqV0logPliLkODDtoMGvo7jIebE
+zSCKA8JHRGCGtdmzsBL18+rvZSkKNMLlgLRrPq0yGfs21cj5hlTcbf+v/lg6VDD+
+zsCvGvGHU2EK4J/5E7ZsmeCTJpIEV7omzhqn9oHee1PHKexJ
+                        </ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+    </KeyDescriptor>
+    <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idptest.hj.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+    <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idptest.hj.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+    <!--
+        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idptest.hj.se/idp/profile/SAML2/Redirect/SLO"/>
+        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idptest.hj.se/idp/profile/SAML2/POST/SLO"/>
+        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idptest.hj.se:8443/idp/profile/SAML2/SOAP/SLO"/>
+        -->
+    <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+    <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+    <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idptest.hj.se/idp/profile/Shibboleth/SSO"/>
+    <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idptest.hj.se/idp/profile/SAML2/POST/SSO"/>
+    <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idptest.hj.se/idp/profile/SAML2/Redirect/SSO"/>
+  </IDPSSODescriptor>
+  <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+    <Extensions>
+      <shibmd:Scope regexp="false">hj.se</shibmd:Scope>
+    </Extensions>
+    <KeyDescriptor use="signing">
+      <ds:KeyInfo>
+        <ds:X509Data>
+          <ds:X509Certificate>
+MIIDIDCCAgigAwIBAgIVAKFIv7gVqTHNlULQ46qEKD58wzelMA0GCSqGSIb3DQEB
+CwUAMBgxFjAUBgNVBAMMDWlkcHRlc3QuaGouc2UwHhcNMTUwNDE2MTIzNjIxWhcN
+MzUwNDE2MTIzNjIxWjAYMRYwFAYDVQQDDA1pZHB0ZXN0LmhqLnNlMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0JcJL1Nug5T8UD8/Nb6k/LaUkAHfbQx
+zZib5ZFzhVJzrC71NdplxqqjV0Uy5Lj/vOkeYyXgyNc2EFhj0pj0X/Sc2fznfIXH
+3ke9NAv1r0MtZwoFXsVqGxc4kx0hy4QS/kzvHSQovZBxgyfyY06abgY+7D/txBjS
+QG7SlLEfIZpzLdkxmUbnkTJyGgAiCxoe3gpJVq2d1vNuFgIwffqoP6ZkbSBBGOuG
+m1nmpX6oSCmWA9LYaIC18rvg2vv76FNvK8nU87rg551NQhFTfF/bJ0ZSMPCpnpKu
+8ZS+oYyn2rigXtgnSyW1TmT1ZPgMyVHfTLTx7bIw+VmVmeIh/Z8HSQIDAQABo2Ew
+XzAdBgNVHQ4EFgQUQi/yV1jr1dK8GUlZTkPuskw/ScswPgYDVR0RBDcwNYINaWRw
+dGVzdC5oai5zZYYkaHR0cHM6Ly9pZHB0ZXN0LmhqLnNlL2lkcC9zaGliYm9sZXRo
+MA0GCSqGSIb3DQEBCwUAA4IBAQBCCoyJPTF+rktCgetDJcCH2ZHL1cg17BTSargD
+GVRQcT43R6QtZkCeD4pr/gF6Iyo0TplAjOUZpLzN85u8igv1q1vaR2TfWLjQH+9P
+nX13LjFqdcBghd/ygcdjAMIoPI2b0GOTW8rqwQkJG3J5dg6t+hU7nnqrCDwAIjY0
+es5fL7r15TdFgpglDgDuDdHr+wGyBj7NJtKwNIlwKdwLTfGuAlJMBikRPb7hXLeI
+oSnwb0Y7P8GMDC7hOSUKZBsIgOScVzrKqsfxnIMryhBW1rFrrS1eDiF8j7lWq3Z9
++Bnt4yQqMRjgHeLEVL5BcXpFNTzgMPOKxmIBjTDVdRamWisR
+                        </ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+    </KeyDescriptor>
+    <KeyDescriptor use="signing">
+      <ds:KeyInfo>
+        <ds:X509Data>
+          <ds:X509Certificate>
+MIIDIDCCAgigAwIBAgIVAKNEGfTEINJaenJtF9oWLLlzupllMA0GCSqGSIb3DQEB
+CwUAMBgxFjAUBgNVBAMMDWlkcHRlc3QuaGouc2UwHhcNMTUwNDE2MTIzNjIwWhcN
+MzUwNDE2MTIzNjIwWjAYMRYwFAYDVQQDDA1pZHB0ZXN0LmhqLnNlMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhfM4vMv+UFT14W3zBcN8UvqxbyWyczA
+ovbK4OVPSm1X0B3pwScCRCYblQ5VGUMsUAdK827G2O4D946Y2WuyR5uwsFInESPT
+B63Le+D3r5ihnLi+v/t0/pWSoiIuu2Mgx/wOhYM26MEFoCkXQ1f97gNppj/2gt2D
+HbjFU6wFcvZZiz43BCNaWkE02cKnKHAUSAyXAlOjuz+T+pQBliiJ1qcRvYgoB/ng
+Ma08zT4L25W5KbmGbzOVsiZBgH+sO3fktnWq6vWdpnaLGPIIXdsfxc+5uNhWbSNB
+1viQszQjCXry99HeYfPtgxk7bhIB0wqc36SUktv0MIa2dKqJ+0AGuwIDAQABo2Ew
+XzAdBgNVHQ4EFgQUG60Igc1R9kXrlbvi2CykDagzKYkwPgYDVR0RBDcwNYINaWRw
+dGVzdC5oai5zZYYkaHR0cHM6Ly9pZHB0ZXN0LmhqLnNlL2lkcC9zaGliYm9sZXRo
+MA0GCSqGSIb3DQEBCwUAA4IBAQBMzr0ZurlrLXV6QPdqT6LtkowgiN2IgiT8sDJh
+AhcreW3XOsy9xQNYIhP6I8DdW9Pf2mAzpcxrUFKyoDINA9tRBgFSDeaCTXYvCBFC
+SiKFGpd+udtwex+/xsc63GBqbuQGml1jf7tvIq0+xctHYF5AqQ7MYvoUYf/oIkdJ
+MeRl+c2mK/fmXHZRI75/gl1vm4+nnknDmZ5ztvjQQ/wMpiOCKgLoFIaa1r03/8hB
+ns0GCnxNxrNO2Lt5H8B1OD4zjBree1+CTOvcU9Ysuid6j9Cg7tpWmjce5J1tzD2V
+itinoey/bFoYxyBLSwl08bW2opR2DYjuhnaF5F7/8RW4gsSK
+                        </ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+    </KeyDescriptor>
+    <KeyDescriptor use="encryption">
+      <ds:KeyInfo>
+        <ds:X509Data>
+          <ds:X509Certificate>
+MIIDIDCCAgigAwIBAgIVAIUL/EqjvMGZNtChQE84MYUlxJwzMA0GCSqGSIb3DQEB
+CwUAMBgxFjAUBgNVBAMMDWlkcHRlc3QuaGouc2UwHhcNMTUwNDE2MTIzNjIxWhcN
+MzUwNDE2MTIzNjIxWjAYMRYwFAYDVQQDDA1pZHB0ZXN0LmhqLnNlMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5v0+aejzn3dgUYJFuZy0ZekCc4FocMe
+WqZbOVnSVCynBA9ZTT9rER1rSlQdyXrTqA63BQhXdKoW2XNKQYFKJt9RjMrkcDXk
+ErJDHZgvXQcXrAt674yh+qB9MEpumlx5Nq0Sd8h+6Ox5gB6mJ5MZoikxvcRc3ItA
+OCAnByelpu4to3paFWTe2VBnsv2irdkL//WXWJak7rj9E50wGkPXvBJ5cst/47Id
+blGvA9Quve4BgaKVKgrw0iVSqlid8Yut9HzmQWWD48Yd1d6MSUoX/jGPPZ0NehFL
+ug+KnZ9feyvQIsD4SLWoOpeofLdvNH+f+gAZ5F+71w5koiBZsx0uoQIDAQABo2Ew
+XzAdBgNVHQ4EFgQU8fcjL1jDHLtJ2+PIIpI8hDOSD2IwPgYDVR0RBDcwNYINaWRw
+dGVzdC5oai5zZYYkaHR0cHM6Ly9pZHB0ZXN0LmhqLnNlL2lkcC9zaGliYm9sZXRo
+MA0GCSqGSIb3DQEBCwUAA4IBAQAszfhrL5sb0vZ722+bkywyKNR9KKU5gw6YWKpG
+ew08pyP+N8KG5c+ZXlPMXJGIAhlL/Nj6/OPJSb4olQGuedUhx3ypJOi3/4zRpvdw
+eYSDoIbuHf493UGBxvBX/546ODfzw4qoLToErPa1c1txjAcFg0n8B8TxjoWultNk
+whJLHc+OZRI0wgiHjpMYCCHW4Ss/cW9fQse7biqV0logPliLkODDtoMGvo7jIebE
+zSCKA8JHRGCGtdmzsBL18+rvZSkKNMLlgLRrPq0yGfs21cj5hlTcbf+v/lg6VDD+
+zsCvGvGHU2EK4J/5E7ZsmeCTJpIEV7omzhqn9oHee1PHKexJ
+                        </ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+    </KeyDescriptor>
+    <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idptest.hj.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+    <!-- <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idptest.hj.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/> -->
+    <!-- If you uncomment the above you should add urn:oasis:names:tc:SAML:2.0:protocol to the protocolSupportEnumeration above -->
+  </AttributeAuthorityDescriptor>
+</EntityDescriptor>
author	Paul Scott <paul.scott@kau.se>	2015-04-21 13:14:48 +0200
committer	Paul Scott <paul.scott@kau.se>	2015-04-21 13:14:48 +0200
commit	4c248feeafa5e058ba43593fc120694f6c079f48 (patch)
tree	62b2fea615eb55f01f5ec660cf6efbd996a0559b /swamid-2.0
parent	006e51cfdcad6c4f94c6bb6ecc0aa268aa3768f8 (diff)