diff options
-rw-r--r-- | swamid-2.0/idp.hh.se-idp-shibboleth.xml | 15 | ||||
-rw-r--r-- | swamid-2.0/idp3.sics.se-idp-shibboleth.xml | 197 | ||||
-rw-r--r-- | swamid-2.0/indico.uu.se-shibboleth.xml | 6 | ||||
-rw-r--r-- | swamid-idp-2.0.mxml | 1 | ||||
-rw-r--r-- | swamid-testing-idp-1.0.mxml | 2 | ||||
-rw-r--r-- | xslt/sign-luna-sha256.xsl | 4 |
6 files changed, 218 insertions, 7 deletions
diff --git a/swamid-2.0/idp.hh.se-idp-shibboleth.xml b/swamid-2.0/idp.hh.se-idp-shibboleth.xml index 424040df..e14150ac 100644 --- a/swamid-2.0/idp.hh.se-idp-shibboleth.xml +++ b/swamid-2.0/idp.hh.se-idp-shibboleth.xml @@ -1,12 +1,19 @@ <?xml version="1.0" encoding="UTF-8"?> <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://idp.hh.se/idp/shibboleth"> + <Extensions> + <attr:EntityAttributes xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute"> + <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category"> + <saml:AttributeValue>http://refeds.org/category/hide-from-discovery</saml:AttributeValue> + </saml:Attribute> + </attr:EntityAttributes> + </Extensions> <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0"> <Extensions> <shibmd:Scope regexp="false">hh.se</shibmd:Scope> <mdui:UIInfo> - <mdui:DisplayName xml:lang="sv">Högskolan i Halmstad (ny v3)</mdui:DisplayName> + <mdui:DisplayName xml:lang="sv">Högskolan i Halmstad - new</mdui:DisplayName> <mdui:Description xml:lang="sv">Identity Provider för Högskolan i Halmstad</mdui:Description> - <mdui:DisplayName xml:lang="en">Halmstad University (new v3)</mdui:DisplayName> + <mdui:DisplayName xml:lang="en">Halmstad University - new</mdui:DisplayName> <mdui:Description xml:lang="en">Identity Provider for Halmstad University</mdui:Description> </mdui:UIInfo> </Extensions> @@ -176,8 +183,8 @@ YpNyRSuI6t4ZdyVTy4B2kXQtVfo= </AttributeAuthorityDescriptor> <Organization> <OrganizationName xml:lang="en">HH</OrganizationName> - <OrganizationDisplayName xml:lang="sv">Högskolan i Halmstad (ny v3)</OrganizationDisplayName> - <OrganizationDisplayName xml:lang="en">Halmstad University (new v3)</OrganizationDisplayName> + <OrganizationDisplayName xml:lang="sv">Högskolan i Halmstad - new</OrganizationDisplayName> + <OrganizationDisplayName xml:lang="en">Halmstad University - new</OrganizationDisplayName> <OrganizationURL xml:lang="en">http://www.hh.se</OrganizationURL> </Organization> <ContactPerson contactType="administrative"> diff --git a/swamid-2.0/idp3.sics.se-idp-shibboleth.xml b/swamid-2.0/idp3.sics.se-idp-shibboleth.xml new file mode 100644 index 00000000..43cdee30 --- /dev/null +++ b/swamid-2.0/idp3.sics.se-idp-shibboleth.xml @@ -0,0 +1,197 @@ +<?xml version="1.0" encoding="UTF-8"?> +<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://idp3.sics.se/idp/shibboleth"> + <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0"> + <Extensions> + <shibmd:Scope regexp="false">sics.se</shibmd:Scope> + <mdui:UIInfo> + <mdui:DisplayName xml:lang="en">SICS new</mdui:DisplayName> + <mdui:DisplayName xml:lang="sv">SICS ny</mdui:DisplayName> + <mdui:Description xml:lang="en">Identity Provider for SICS</mdui:Description> + <mdui:Description xml:lang="sv">Identity Provider för SICS</mdui:Description> + <mdui:InformationURL xml:lang="sv">https://www.sics.se</mdui:InformationURL> + <mdui:Logo height="95" width="328">https://www.sics.se/logo.png</mdui:Logo> + </mdui:UIInfo> + <mdui:DiscoHints> + <mdui:DomainHint>sics.se</mdui:DomainHint> + <mdui:DomainHint>tii.se</mdui:DomainHint> + <mdui:IPHint>193.10.64.0/22</mdui:IPHint> + <mdui:IPHint>193.10.135.0/24</mdui:IPHint> + <mdui:IPHint>192.71.100.0/25</mdui:IPHint> + </mdui:DiscoHints> + </Extensions> + <KeyDescriptor use="signing"> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate> +MIIDGzCCAgOgAwIBAgIUC8ZzxgX88gmX3pubdJieGlep18EwDQYJKoZIhvcNAQEL +BQAwFzEVMBMGA1UEAwwMaWRwMy5zaWNzLnNlMB4XDTE2MTEyODEzMjgzN1oXDTM2 +MTEyODEzMjgzN1owFzEVMBMGA1UEAwwMaWRwMy5zaWNzLnNlMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlezQ/dCnV44kDRGIcnGWu/Gzqhl0aI80CSDG +B8jdU1x5aZGJdJhOBO5FZfnWPFJ/14dYxrdS5rCOjMwYA7kRAidRaPxjcQ7Pstxi +mVO1FeBP9Kt0cHA/b5BDPF6g8gixiRdBELSAUS+GWEBAetgZR2er7QHtDSygsufA +hhJkt+LAL8XHtZevVcQQwzQk0ITOdSIK0PgoSxEz2+08PuSAl13XvG843/KB03H2 +NOaQZ8tXh+AIEZsGbVkFCGm+NaiJfhVkeTNKWXC8TdeEZgxtm5ecpiK1N/y9g1Ol +BxHMxhg+xNmNtVii8BkxL2FvpNm2S2wy4FYqA0oIz6vaa4BsewIDAQABo18wXTAd +BgNVHQ4EFgQUPWTubAomN3Z80fGId/8Rgca3x5UwPAYDVR0RBDUwM4IMaWRwMy5z +aWNzLnNlhiNodHRwczovL2lkcDMuc2ljcy5zZS9pZHAvc2hpYmJvbGV0aDANBgkq +hkiG9w0BAQsFAAOCAQEAjJKinRix2Pb7l0FSnvnTln8zZHznBillPTvhKRmo5Zv7 +s7XZcX2UmP3CExWJmqxknjuYN6HTrJd94bCMqd/MJsVL4v6ro4KPT/IHSsxoPDXk +tPi4xnXPnn6MdDbhp+O5jKvwB0lHSrn5TYZFdCPHReBeEF2eZi3vUP9s0m6O0wmx +qu+TZVdcmm1+GkRpaz764d8bdmxb29QF9x/TGb3Wd7q97UVe9wmnbJlg5rvqD6cu ++M0ouU0DvGSq9Q8MGs7QS0kbMFDfgU8ttt32G4C2if26pQ2M/NPFnNQxEahcq/JH +XjXWpnosUyFK8+P4sSS8WbkOjRMigBdgJ77/O9kgMg== + </ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </KeyDescriptor> + <KeyDescriptor use="signing"> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate> +MIIDHDCCAgSgAwIBAgIVAIbk/AWyGuLfop0aIdvjRPUe+JD0MA0GCSqGSIb3DQEB +CwUAMBcxFTATBgNVBAMMDGlkcDMuc2ljcy5zZTAeFw0xNjExMjgxMzI4MzZaFw0z +NjExMjgxMzI4MzZaMBcxFTATBgNVBAMMDGlkcDMuc2ljcy5zZTCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAKQl5AmQquwVSOgxLy0qTAXuE6SxpVzOzBnw +tZovDhAOzt1o53gJCErIkcNCkKJ2iF001w9h3BQhFgQappJQcBCBjkLoEErndqTB +OMjMMZD8veCOl9eRhOc+xtN67cehdcq4mjoPErBkz/QfqJ+R9csrmPbSsGrSgsM8 +Li8haFNBClYVes2TRTc8/BqA3Ox7c+FTRpwccq6P7f9pLLdy8IwcO909TPce7lnd +/ml0WIaJEa9drmLu7pq6IHHrjMaz9h83CfkalkHHg6iwqelXlB9YlF/F4QLRPYgy +6g3mApmG4IYlqCney2uOK9o21f+NGO6mPH3LKZRlC/bZW9wjybkCAwEAAaNfMF0w +HQYDVR0OBBYEFPu0PPX5wVA2Rh+P9Y92RYCeXcgMMDwGA1UdEQQ1MDOCDGlkcDMu +c2ljcy5zZYYjaHR0cHM6Ly9pZHAzLnNpY3Muc2UvaWRwL3NoaWJib2xldGgwDQYJ +KoZIhvcNAQELBQADggEBAGunL364OPOsc8fulz7iGtdzddv9Vbu7VPn0aL9oAtnR +Oyl3PqMTUV/9gew+JveBmWERQuIDq2WRnxOGbWuumTr2JhQwTRRRVM61NQB3GBEp +qii769ErnWDv/TzR5GkXDq5jj/LUnCLWcFaFAvNTmA0GqB3+FUCSh6vxWfFVOIQl +s8qm/RieXxph4QZYfB7uok4xW+j0pd7Pm6oLEzQEHWiCvboZqdd6kVW0toeUHTkr +HN309Sg8tYO0Q7Fm/aDKo8SWb362vdt2vaNPch9lPqKjrgBLG01N+SGsaBR0/2Pe +SBMOVf6ihadT7xpAkg5/54jKsGzzRVU/IQSAXZ2L4r8= + </ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </KeyDescriptor> + <KeyDescriptor use="encryption"> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate> +MIIDGzCCAgOgAwIBAgIULL1bBn84IXCkbt9QgtBGEkp2jUIwDQYJKoZIhvcNAQEL +BQAwFzEVMBMGA1UEAwwMaWRwMy5zaWNzLnNlMB4XDTE2MTEyODEzMjgzNloXDTM2 +MTEyODEzMjgzNlowFzEVMBMGA1UEAwwMaWRwMy5zaWNzLnNlMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6v4umDC42Fl4/E7AYKyLrSxs9e7R9G19/ys +x9iblYXS4M7aLx9T0jqXDQYa5vm8rTwGyGLiXxYLDIWlZ9iyByXC3QIbw4ykqJSz +N8Hk4ridBk4B6B/3vhJYO7oAdHJe/l9GEPzrHtJK9J9lcbgLsdTtvz+OZs0SywJr +v0N5carmnJeBstj2JFQx+/skAgEHxuBSe9mDMZQP7FqQ9cs+fTZ0txrdzhyx5ocp +9PoLRz9i4Te1hA4Em0KPkqp5kLALZhX0L87HgBLS+WN9qR/k/UNddokoZIxGtfdX +F7x+ryfFzCEzxXnZz+4ESU9met6sL3pLXX88qrmav83jzj4V+wIDAQABo18wXTAd +BgNVHQ4EFgQUxVp9OoGrl3HXINzLYRgGm2rsvRIwPAYDVR0RBDUwM4IMaWRwMy5z +aWNzLnNlhiNodHRwczovL2lkcDMuc2ljcy5zZS9pZHAvc2hpYmJvbGV0aDANBgkq +hkiG9w0BAQsFAAOCAQEAPi9sRmPW2DizezM7xU9aEwIp/0sOM0LHWp/K87MQ+1GZ +SAOCqLPw6EidwemfKIM8x6I0iOPNT6hnBLvdNqMQWZb7LmffWAp0+yg5QClRZBCu +snECvQvDp+te3eSg2dWrBz+adF0/7Zwz587EyIovAJWjuwVoSwvYshAxBS6DyydF +o78+dmpzJCtKj8gSMY197trQPbtTjJYkNtfzrpWWbz6jd5ThsGEw4fOz7PGmeqYP +CpX8lDxw16R2Cci/NOX9AYhtd+gDSQ9tcqqVLI+FLsplcTqzjaStBNnXulH/ufjy +RSPI3dYXTAE9qA5awk/PGw+gfj7d8mqBUfuSj+KU4A== + </ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </KeyDescriptor> + <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp3.sics.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/> + <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp3.sics.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/> + <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> + <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp3.sics.se/idp/profile/Shibboleth/SSO"/> + <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp3.sics.se/idp/profile/SAML2/POST/SSO"/> + <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp3.sics.se/idp/profile/SAML2/Redirect/SSO"/> + </IDPSSODescriptor> + <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol"> + <Extensions> + <shibmd:Scope regexp="false">sics.se</shibmd:Scope> + </Extensions> + <KeyDescriptor use="signing"> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate> +MIIDGzCCAgOgAwIBAgIUC8ZzxgX88gmX3pubdJieGlep18EwDQYJKoZIhvcNAQEL +BQAwFzEVMBMGA1UEAwwMaWRwMy5zaWNzLnNlMB4XDTE2MTEyODEzMjgzN1oXDTM2 +MTEyODEzMjgzN1owFzEVMBMGA1UEAwwMaWRwMy5zaWNzLnNlMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlezQ/dCnV44kDRGIcnGWu/Gzqhl0aI80CSDG +B8jdU1x5aZGJdJhOBO5FZfnWPFJ/14dYxrdS5rCOjMwYA7kRAidRaPxjcQ7Pstxi +mVO1FeBP9Kt0cHA/b5BDPF6g8gixiRdBELSAUS+GWEBAetgZR2er7QHtDSygsufA +hhJkt+LAL8XHtZevVcQQwzQk0ITOdSIK0PgoSxEz2+08PuSAl13XvG843/KB03H2 +NOaQZ8tXh+AIEZsGbVkFCGm+NaiJfhVkeTNKWXC8TdeEZgxtm5ecpiK1N/y9g1Ol +BxHMxhg+xNmNtVii8BkxL2FvpNm2S2wy4FYqA0oIz6vaa4BsewIDAQABo18wXTAd +BgNVHQ4EFgQUPWTubAomN3Z80fGId/8Rgca3x5UwPAYDVR0RBDUwM4IMaWRwMy5z +aWNzLnNlhiNodHRwczovL2lkcDMuc2ljcy5zZS9pZHAvc2hpYmJvbGV0aDANBgkq +hkiG9w0BAQsFAAOCAQEAjJKinRix2Pb7l0FSnvnTln8zZHznBillPTvhKRmo5Zv7 +s7XZcX2UmP3CExWJmqxknjuYN6HTrJd94bCMqd/MJsVL4v6ro4KPT/IHSsxoPDXk +tPi4xnXPnn6MdDbhp+O5jKvwB0lHSrn5TYZFdCPHReBeEF2eZi3vUP9s0m6O0wmx +qu+TZVdcmm1+GkRpaz764d8bdmxb29QF9x/TGb3Wd7q97UVe9wmnbJlg5rvqD6cu ++M0ouU0DvGSq9Q8MGs7QS0kbMFDfgU8ttt32G4C2if26pQ2M/NPFnNQxEahcq/JH +XjXWpnosUyFK8+P4sSS8WbkOjRMigBdgJ77/O9kgMg== + </ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </KeyDescriptor> + <KeyDescriptor use="signing"> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate> +MIIDHDCCAgSgAwIBAgIVAIbk/AWyGuLfop0aIdvjRPUe+JD0MA0GCSqGSIb3DQEB +CwUAMBcxFTATBgNVBAMMDGlkcDMuc2ljcy5zZTAeFw0xNjExMjgxMzI4MzZaFw0z +NjExMjgxMzI4MzZaMBcxFTATBgNVBAMMDGlkcDMuc2ljcy5zZTCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAKQl5AmQquwVSOgxLy0qTAXuE6SxpVzOzBnw +tZovDhAOzt1o53gJCErIkcNCkKJ2iF001w9h3BQhFgQappJQcBCBjkLoEErndqTB +OMjMMZD8veCOl9eRhOc+xtN67cehdcq4mjoPErBkz/QfqJ+R9csrmPbSsGrSgsM8 +Li8haFNBClYVes2TRTc8/BqA3Ox7c+FTRpwccq6P7f9pLLdy8IwcO909TPce7lnd +/ml0WIaJEa9drmLu7pq6IHHrjMaz9h83CfkalkHHg6iwqelXlB9YlF/F4QLRPYgy +6g3mApmG4IYlqCney2uOK9o21f+NGO6mPH3LKZRlC/bZW9wjybkCAwEAAaNfMF0w +HQYDVR0OBBYEFPu0PPX5wVA2Rh+P9Y92RYCeXcgMMDwGA1UdEQQ1MDOCDGlkcDMu +c2ljcy5zZYYjaHR0cHM6Ly9pZHAzLnNpY3Muc2UvaWRwL3NoaWJib2xldGgwDQYJ +KoZIhvcNAQELBQADggEBAGunL364OPOsc8fulz7iGtdzddv9Vbu7VPn0aL9oAtnR +Oyl3PqMTUV/9gew+JveBmWERQuIDq2WRnxOGbWuumTr2JhQwTRRRVM61NQB3GBEp +qii769ErnWDv/TzR5GkXDq5jj/LUnCLWcFaFAvNTmA0GqB3+FUCSh6vxWfFVOIQl +s8qm/RieXxph4QZYfB7uok4xW+j0pd7Pm6oLEzQEHWiCvboZqdd6kVW0toeUHTkr +HN309Sg8tYO0Q7Fm/aDKo8SWb362vdt2vaNPch9lPqKjrgBLG01N+SGsaBR0/2Pe +SBMOVf6ihadT7xpAkg5/54jKsGzzRVU/IQSAXZ2L4r8= + </ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </KeyDescriptor> + <KeyDescriptor use="encryption"> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate> +MIIDGzCCAgOgAwIBAgIULL1bBn84IXCkbt9QgtBGEkp2jUIwDQYJKoZIhvcNAQEL +BQAwFzEVMBMGA1UEAwwMaWRwMy5zaWNzLnNlMB4XDTE2MTEyODEzMjgzNloXDTM2 +MTEyODEzMjgzNlowFzEVMBMGA1UEAwwMaWRwMy5zaWNzLnNlMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6v4umDC42Fl4/E7AYKyLrSxs9e7R9G19/ys +x9iblYXS4M7aLx9T0jqXDQYa5vm8rTwGyGLiXxYLDIWlZ9iyByXC3QIbw4ykqJSz +N8Hk4ridBk4B6B/3vhJYO7oAdHJe/l9GEPzrHtJK9J9lcbgLsdTtvz+OZs0SywJr +v0N5carmnJeBstj2JFQx+/skAgEHxuBSe9mDMZQP7FqQ9cs+fTZ0txrdzhyx5ocp +9PoLRz9i4Te1hA4Em0KPkqp5kLALZhX0L87HgBLS+WN9qR/k/UNddokoZIxGtfdX +F7x+ryfFzCEzxXnZz+4ESU9met6sL3pLXX88qrmav83jzj4V+wIDAQABo18wXTAd +BgNVHQ4EFgQUxVp9OoGrl3HXINzLYRgGm2rsvRIwPAYDVR0RBDUwM4IMaWRwMy5z +aWNzLnNlhiNodHRwczovL2lkcDMuc2ljcy5zZS9pZHAvc2hpYmJvbGV0aDANBgkq +hkiG9w0BAQsFAAOCAQEAPi9sRmPW2DizezM7xU9aEwIp/0sOM0LHWp/K87MQ+1GZ +SAOCqLPw6EidwemfKIM8x6I0iOPNT6hnBLvdNqMQWZb7LmffWAp0+yg5QClRZBCu +snECvQvDp+te3eSg2dWrBz+adF0/7Zwz587EyIovAJWjuwVoSwvYshAxBS6DyydF +o78+dmpzJCtKj8gSMY197trQPbtTjJYkNtfzrpWWbz6jd5ThsGEw4fOz7PGmeqYP +CpX8lDxw16R2Cci/NOX9AYhtd+gDSQ9tcqqVLI+FLsplcTqzjaStBNnXulH/ufjy +RSPI3dYXTAE9qA5awk/PGw+gfj7d8mqBUfuSj+KU4A== + </ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </KeyDescriptor> + <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp3.sics.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/> + </AttributeAuthorityDescriptor> + <Organization> + <OrganizationName xml:lang="en">SICS ny</OrganizationName> + <OrganizationDisplayName xml:lang="en">SICS new</OrganizationDisplayName> + <OrganizationDisplayName xml:lang="sv">SICS ny</OrganizationDisplayName> + <OrganizationURL xml:lang="en">https://www.sics.se</OrganizationURL> + </Organization> + <ContactPerson contactType="technical"> + <Company>SICS</Company> + <SurName>CRIT</SurName> + <EmailAddress>mailto:crit@sics.se</EmailAddress> + </ContactPerson> +</EntityDescriptor> diff --git a/swamid-2.0/indico.uu.se-shibboleth.xml b/swamid-2.0/indico.uu.se-shibboleth.xml index edfd8d97..596a7720 100644 --- a/swamid-2.0/indico.uu.se-shibboleth.xml +++ b/swamid-2.0/indico.uu.se-shibboleth.xml @@ -17,6 +17,12 @@ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> + <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> + <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category"> + <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue> + <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue> + </samla:Attribute> + </mdattr:EntityAttributes> </md:Extensions> <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol"> <md:Extensions> diff --git a/swamid-idp-2.0.mxml b/swamid-idp-2.0.mxml index cc66403e..0f2eeef9 100644 --- a/swamid-idp-2.0.mxml +++ b/swamid-idp-2.0.mxml @@ -16,4 +16,5 @@ <xi:include href="swamid-2.0/idp.suni.se-adfs-services-trust.xml"/> <xi:include href="swamid-2.0/idp2.rkh.se-idp-shibboleth.xml"/> <xi:include href="swamid-2.0/idp3.hig.se-idp-shibboleth.xml"/> + <xi:include href="swamid-2.0/idp.hh.se-idp-shibboleth.xml"/> </md:EntitiesDescriptor> diff --git a/swamid-testing-idp-1.0.mxml b/swamid-testing-idp-1.0.mxml index 9c243011..8d330423 100644 --- a/swamid-testing-idp-1.0.mxml +++ b/swamid-testing-idp-1.0.mxml @@ -44,7 +44,6 @@ <xi:include href="swamid-2.0/testidp.lu.se-idp-shibboleth.xml"/> <xi:include href="swamid-2.0/idp2.bth.se-idp-shibboleth.xml"/> <xi:include href="swamid-2.0/ladok3-00.ladok.umu.se-idp-shibboleth.xml"/> - <xi:include href="swamid-2.0/idp.hh.se-idp-shibboleth.xml"/> <xi:include href="swamid-2.0/shibbo3test.ltu.se-idp-shibboleth.xml"/> <xi:include href="swamid-2.0/miunidptest.miun.se-idp-shibboleth.xml"/> <xi:include href="swamid-2.0/idp.uhr.se-idp-shibboleth.xml"/> @@ -61,4 +60,5 @@ <xi:include href="swamid-2.0/weblogin-test.kau.se-idp-shibboleth.xml"/> <xi:include href="swamid-2.0/rikards-idp.omv.lu.se-idp-shibboleth.xml"/> <xi:include href="swamid-2.0/idp2.his.se-idp-shibboleth.xml"/> + <xi:include href="swamid-2.0/idp3.sics.se-idp-shibboleth.xml"/> </EntitiesDescriptor> diff --git a/xslt/sign-luna-sha256.xsl b/xslt/sign-luna-sha256.xsl index 36da52e9..293bb96d 100644 --- a/xslt/sign-luna-sha256.xsl +++ b/xslt/sign-luna-sha256.xsl @@ -18,14 +18,14 @@ <ds:Signature> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" /> - <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha256" /> + <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /> <ds:Reference> <xsl:attribute name="URI"><xsl:text>#</xsl:text><xsl:value-of select="@ID"/></xsl:attribute> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms> - <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha256" /> + <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" /> <ds:DigestValue></ds:DigestValue> </ds:Reference> </ds:SignedInfo> |