diff options
-rw-r--r-- | swamid-2.0/weblogin.test.uu.se-idp-shibboleth.xml | 86 |
1 files changed, 65 insertions, 21 deletions
diff --git a/swamid-2.0/weblogin.test.uu.se-idp-shibboleth.xml b/swamid-2.0/weblogin.test.uu.se-idp-shibboleth.xml index 10d6414d..02388aa6 100644 --- a/swamid-2.0/weblogin.test.uu.se-idp-shibboleth.xml +++ b/swamid-2.0/weblogin.test.uu.se-idp-shibboleth.xml @@ -4,6 +4,17 @@ <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/"> <mdrpi:RegistrationPolicy xml:lang="en">https://www.sunet.se/wp-content/uploads/2016/08/SWAMID-Metadata-Registration-Practice-Statement-v2.pdf</mdrpi:RegistrationPolicy> </mdrpi:RegistrationInfo> + <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> + <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> + <saml:AttributeValue>http://www.swamid.se/policy/assurance/al1</saml:AttributeValue> + <saml:AttributeValue>http://www.swamid.se/policy/assurance/al2</saml:AttributeValue> + <saml:AttributeValue>https://refeds.org/sirtfi</saml:AttributeValue> + </saml:Attribute> + <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category-support"> + <samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue> + <samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue> + </samla:Attribute> + </mdattr:EntityAttributes> </md:Extensions> <IDPSSODescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0"> <Extensions> @@ -11,21 +22,35 @@ <mdui:UIInfo> <mdui:DisplayName xml:lang="sv">Uppsala universitet TEST</mdui:DisplayName> <mdui:DisplayName xml:lang="en">Uppsala University TEST</mdui:DisplayName> - <mdui:Description xml:lang="sv">Gemensam webbinloggning för anställda, studenter och övriga verksamma vid Uppsala universitet. TEST</mdui:Description> - <mdui:Description xml:lang="en">The Uppsala University Identity Provider is used by employees and students at the university. TEST</mdui:Description> + <mdui:Description xml:lang="sv">Gemensam webbinloggning TEST för anställda, studenter och övriga verksamma vid Uppsala universitet.</mdui:Description> + <mdui:Description xml:lang="en">The Uppsala University TEST Identity Provider is used by employees and students at the university.</mdui:Description> <mdui:InformationURL xml:lang="sv">https://weblogin.test.uu.se</mdui:InformationURL> <mdui:InformationURL xml:lang="en">https://weblogin.test.uu.se/english.html</mdui:InformationURL> <mdui:Logo height="50" width="50">https://weblogin.test.uu.se/idp/images/logga-50.png</mdui:Logo> <mdui:Logo xml:lang="sv" height="50" width="50">https://weblogin.test.uu.se/idp/images/logga-50.png</mdui:Logo> <mdui:Logo xml:lang="en" height="50" width="50">https://weblogin.test.uu.se/idp/images/logga-50.png</mdui:Logo> - <mdui:PrivacyStatementURL xml:lang="sv">https://weblogin.test.uu.se/</mdui:PrivacyStatementURL> - <mdui:PrivacyStatementURL xml:lang="en">https://weblogin.test.uu.se/english.html</mdui:PrivacyStatementURL> + <mdui:PrivacyStatementURL xml:lang="sv">https://weblogin.test.uu.se/#2</mdui:PrivacyStatementURL> + <mdui:PrivacyStatementURL xml:lang="en">https://weblogin.test.uu.se/english.html#2</mdui:PrivacyStatementURL> <mdui:Keywords xml:lang="sv">uppsala+universitet</mdui:Keywords> <mdui:Keywords xml:lang="en">uppsala+university</mdui:Keywords> </mdui:UIInfo> + <mdui:DiscoHints> + <mdui:DomainHint>uu.se</mdui:DomainHint> + <mdui:IPHint>130.238.0.0/18</mdui:IPHint> + <mdui:IPHint>130.238.64.0/19</mdui:IPHint> + <mdui:IPHint>130.238.128.0/17</mdui:IPHint> + <mdui:IPHint>130.242.96.0/20</mdui:IPHint> + <mdui:IPHint>130.243.128.0/17</mdui:IPHint> + <mdui:IPHint>212.25.130.0/24</mdui:IPHint> + <mdui:IPHint>212.25.144.0/21</mdui:IPHint> + <mdui:IPHint>2001:6b0:B::/48</mdui:IPHint> + <mdui:IPHint>2001:6b0:C::/48</mdui:IPHint> + <mdui:GeolocationHint>geo:59.857583,17.629500</mdui:GeolocationHint> + </mdui:DiscoHints> </Extensions> + <!-- First signing certificate is BackChannel, the Second is FrontChannel --> <KeyDescriptor use="signing"> - <ds:KeyInfo> + <ds:KeyInfo xmlns=""> <ds:X509Data> <ds:X509Certificate> MIIDODCCAiCgAwIBAgIVALH78yF625WD24SZwiOcGOOvPZ27MA0GCSqGSIb3DQEB @@ -46,12 +71,12 @@ z0XSLb/uZVeguusT0lBnVj/4ZChA4nd/JIkTP75XMKJ51b+TS9+i5sQLPVR4D/+e pFe422nJTV+yciVwKsuHmu3br2DEtgSSFWGilvGDdlfBAYtUDKG1DL2AVdI3ikZa kCyta/hzhS30XO24ZrWeaPKGQri48PsZufzaHcjcVw8IRY8HI226xFya7F8AbGZQ qK8gNoxLpQOHlY2i - </ds:X509Certificate> + </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </KeyDescriptor> <KeyDescriptor use="signing"> - <ds:KeyInfo> + <ds:KeyInfo xmlns=""> <ds:X509Data> <ds:X509Certificate> MIIDNzCCAh+gAwIBAgIUcIyPpnhtGppaMvJ1n+26SdVOQRkwDQYJKoZIhvcNAQEL @@ -72,12 +97,12 @@ QHOEryJY6wvvI/zwpyOSkOSTt3qFQ3ZnS40wCs34wP/Hj6cHtkrl2OF0XA5M6yU4 1kAk9gpaiX2Rhapn4W9V3p6CgpXthk+b8nwQeZ22KeG3ompceHJ/+nmS8G63pq56 efRdH5xJNjTPu6mVHW9W+lW83i7mGlmMJAgl+qjTECSKXe9LcyYMsy6IphbVsDbX zMHQwjf5evdJ6lo= - </ds:X509Certificate> + </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </KeyDescriptor> <KeyDescriptor use="encryption"> - <ds:KeyInfo> + <ds:KeyInfo xmlns=""> <ds:X509Data> <ds:X509Certificate> MIIDODCCAiCgAwIBAgIVAKxjuWw/YZpjuyfHWcbrDOP8tYnkMA0GCSqGSIb3DQEB @@ -98,7 +123,7 @@ Oktly7qvWX0Qrh0yYfHJaI/WPVxH4jI/1jDwa9Am/jJbOW/uy6s14zjXswi1ZKd0 EPzW8pfIR9H1gDAU5hoLuGjWF7NIqmRCfYE6n9/oEZfET1dG3zUpBG2EacmZDv8o CIpvN4bSlO9wP5fnymBLt+DxfMdmN973aeU529su8I3uj3Q4qaDBk8zGTKFx82Ae dqPteAxhBzLEflg+ - </ds:X509Certificate> + </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </KeyDescriptor> @@ -109,16 +134,18 @@ dqPteAxhBzLEflg+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://weblogin.test.uu.se:8443/idp/profile/SAML2/SOAP/SLO"/> <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat> <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat> <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://weblogin.test.uu.se/idp/profile/Shibboleth/SSO"/> <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://weblogin.test.uu.se/idp/profile/SAML2/POST/SSO"/> <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://weblogin.test.uu.se/idp/profile/SAML2/Redirect/SSO"/> </IDPSSODescriptor> <AttributeAuthorityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol"> <Extensions> - <shibmd:Scope regexp="false">test.uu.se</shibmd:Scope> + <shibmd:Scope xmlns="" regexp="false">test.uu.se</shibmd:Scope> </Extensions> + <!-- First signing certificate is BackChannel, the Second is FrontChannel --> <KeyDescriptor use="signing"> - <ds:KeyInfo> + <ds:KeyInfo xmlns=""> <ds:X509Data> <ds:X509Certificate> MIIDODCCAiCgAwIBAgIVALH78yF625WD24SZwiOcGOOvPZ27MA0GCSqGSIb3DQEB @@ -139,12 +166,12 @@ z0XSLb/uZVeguusT0lBnVj/4ZChA4nd/JIkTP75XMKJ51b+TS9+i5sQLPVR4D/+e pFe422nJTV+yciVwKsuHmu3br2DEtgSSFWGilvGDdlfBAYtUDKG1DL2AVdI3ikZa kCyta/hzhS30XO24ZrWeaPKGQri48PsZufzaHcjcVw8IRY8HI226xFya7F8AbGZQ qK8gNoxLpQOHlY2i - </ds:X509Certificate> + </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </KeyDescriptor> <KeyDescriptor use="signing"> - <ds:KeyInfo> + <ds:KeyInfo xmlns=""> <ds:X509Data> <ds:X509Certificate> MIIDNzCCAh+gAwIBAgIUcIyPpnhtGppaMvJ1n+26SdVOQRkwDQYJKoZIhvcNAQEL @@ -165,12 +192,12 @@ QHOEryJY6wvvI/zwpyOSkOSTt3qFQ3ZnS40wCs34wP/Hj6cHtkrl2OF0XA5M6yU4 1kAk9gpaiX2Rhapn4W9V3p6CgpXthk+b8nwQeZ22KeG3ompceHJ/+nmS8G63pq56 efRdH5xJNjTPu6mVHW9W+lW83i7mGlmMJAgl+qjTECSKXe9LcyYMsy6IphbVsDbX zMHQwjf5evdJ6lo= - </ds:X509Certificate> + </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </KeyDescriptor> <KeyDescriptor use="encryption"> - <ds:KeyInfo> + <ds:KeyInfo xmlns=""> <ds:X509Data> <ds:X509Certificate> MIIDODCCAiCgAwIBAgIVAKxjuWw/YZpjuyfHWcbrDOP8tYnkMA0GCSqGSIb3DQEB @@ -191,7 +218,7 @@ Oktly7qvWX0Qrh0yYfHJaI/WPVxH4jI/1jDwa9Am/jJbOW/uy6s14zjXswi1ZKd0 EPzW8pfIR9H1gDAU5hoLuGjWF7NIqmRCfYE6n9/oEZfET1dG3zUpBG2EacmZDv8o CIpvN4bSlO9wP5fnymBLt+DxfMdmN973aeU529su8I3uj3Q4qaDBk8zGTKFx82Ae dqPteAxhBzLEflg+ - </ds:X509Certificate> + </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </KeyDescriptor> @@ -199,15 +226,32 @@ dqPteAxhBzLEflg+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://weblogin.test.uu.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/> <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat> <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat> </AttributeAuthorityDescriptor> <Organization xmlns="urn:oasis:names:tc:SAML:2.0:metadata"> - <OrganizationName xml:lang="en">Uppsala university</OrganizationName> + <OrganizationName xml:lang="sv">Uppsala universitet</OrganizationName> + <OrganizationName xml:lang="en">Uppsala University</OrganizationName> + <OrganizationDisplayName xml:lang="sv">Uppsala universitet TEST</OrganizationDisplayName> <OrganizationDisplayName xml:lang="en">Uppsala University TEST</OrganizationDisplayName> - <OrganizationURL xml:lang="en">http://www.uu.se</OrganizationURL> + <OrganizationURL xml:lang="sv">http://www.uu.se/</OrganizationURL> + <OrganizationURL xml:lang="en">http://www.uu.se/en/</OrganizationURL> </Organization> + <ContactPerson xmlns="urn:oasis:names:tc:SAML:2.0:metadata" contactType="administrative"> + <Company>Uppsala universitet</Company> + <EmailAddress>mailto:drift@uadm.uu.se</EmailAddress> + </ContactPerson> <ContactPerson xmlns="urn:oasis:names:tc:SAML:2.0:metadata" contactType="technical"> <Company>Uppsala universitet</Company> - <SurName>AKKA SAML2</SurName> - <EmailAddress>mailto:uadm-team_plattform@lists.uu.se</EmailAddress> + <EmailAddress>mailto:drift@uadm.uu.se</EmailAddress> + </ContactPerson> + <ContactPerson xmlns="urn:oasis:names:tc:SAML:2.0:metadata" contactType="support"> + <Company>Uppsala universitet</Company> + <EmailAddress>mailto:servicedesk@uu.se</EmailAddress> + <TelephoneNumber>+46184714400</TelephoneNumber> + </ContactPerson> + <ContactPerson xmlns:remd="http://refeds.org/metadata" xmlns="urn:oasis:names:tc:SAML:2.0:metadata" contactType="other" remd:contactType="http://refeds.org/metadata/contactType/security"> + <GivenName>Uppsala University Computer Security Incident Response Team</GivenName> + <EmailAddress>mailto:security@uu.se</EmailAddress> + <TelephoneNumber>+46184717560</TelephoneNumber> </ContactPerson> </md:EntityDescriptor> |