summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--swamid-2.0/luvit.education.lu.se-shibboleth.xml92
-rw-r--r--swamid-2.0/rkh.adfs-proxy-test.swamid.se-saml2idp-proxy.xml49
-rw-r--r--swamid-sp-2.0.mxml1
3 files changed, 140 insertions, 2 deletions
diff --git a/swamid-2.0/luvit.education.lu.se-shibboleth.xml b/swamid-2.0/luvit.education.lu.se-shibboleth.xml
new file mode 100644
index 00000000..36cb1904
--- /dev/null
+++ b/swamid-2.0/luvit.education.lu.se-shibboleth.xml
@@ -0,0 +1,92 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://luvit.education.lu.se/shibboleth">
+ <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+ <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+ <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+ <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+ <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+ <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+ <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+ <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+ <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+ <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
+ <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+ <samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue>
+ </samla:Attribute>
+ </mdattr:EntityAttributes>
+ </md:Extensions>
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="http://luvit.education.lu.se/Shibboleth.sso/Login-lu"/>
+ <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="http://luvit.education.lu.se/Shibboleth.sso/Login-swamid" index="1"/>
+ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+ <mdui:DisplayName xml:lang="sv">Lunds universitet LUVIT</mdui:DisplayName>
+ <mdui:DisplayName xml:lang="en">Lund University LUVIT</mdui:DisplayName>
+ <mdui:Description xml:lang="sv">Miljön är utformad för såväl kursdeltagare som utbildare och administratörer för att kunna skapa, hantera, få tillgång till, administrera och deltaga i nätbaserade kurser eller nätbaserade aktiviteter i blandade kurser.</mdui:Description>
+ <mdui:Description xml:lang="en">The environment is created for course participants as well as for educators and administrators in order to create, manage, overview, obtain, administrate and participate in online courses or in online course activities in mixed courses.</mdui:Description>
+ </mdui:UIInfo>
+ </md:Extensions>
+ <md:KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>uwap122.uw.lu.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=uwap122.uw.lu.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC9zCCAd+gAwIBAgIJALDUiCW01jNBMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV
+BAMTEHV3YXAxMjIudXcubHUuc2UwHhcNMTUwNjEyMDU1ODQ5WhcNMjUwNjA5MDU1
+ODQ5WjAbMRkwFwYDVQQDExB1d2FwMTIyLnV3Lmx1LnNlMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAyIAAztvo5p1DLnAblJ7n2PVyA+zPuriChIeyguRF
+zHXXqWET0CrWeAmIHVS22WYT7cbVlnS0Y+82NOf0tJOaFO5EmTseozQzGHL5Dc4F
+dHFO92oo2YOLimXuuuTS8gCaTcbsFrKoLBcQHXCu8lHyMWE/zoRZJkqxRJCg0Mmu
+55jUaxUG5FSdw0kS5Td1GRALUEBzzvsS+LlLJEM7gK3cHs23qwng7mqiK2d/oSAR
+xzwHeaQqGFEBCKl3S4PHGweV8BdJVOeJzKSC7L7ND3BGWUqXq1j2XA2otRU2MZIc
+iHG0++I4ERw621OfYHduEqK7x9IcQVQWreCNEsTN3qkhFQIDAQABoz4wPDAbBgNV
+HREEFDASghB1d2FwMTIyLnV3Lmx1LnNlMB0GA1UdDgQWBBTuH02zf7l0oxRIzwqK
+RRDjwhC2ojANBgkqhkiG9w0BAQUFAAOCAQEAgiBlVk4LQDwbQ5skBi3tKk7FXK96
+yLiDgA4gR9XqD0Hq/l29Qzhya5mv3FBC9sgtV3ZJC9oH8H/jm4UuURg6iqKL7vmr
+wEGqG95E9xL2p6Jkcpi0CdjyUvkPcULlAKu/IRfRs/E1j/KtzacYEeQ3cDYD1d9F
+XvFIh3QzDURHqWL+ELZXMDSJYfjQe+7jP2w+Vu/TbF39otuREtJmYwcLOBxRvJYk
+6x3/BMwjSRXpDBttsVAClDS+Wm0A5jr5eCg7OoWNzdze74zGQpP4U7tWKZHT5bA4
+OTMXxdAawBca6aO1CpUMAwipgLVKJyNkmxV7+aPSdkp/U466LROEWhraZg==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+ <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://luvit.education.lu.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://luvit.education.lu.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://luvit.education.lu.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://luvit.education.lu.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://luvit.education.lu.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://luvit.education.lu.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://luvit.education.lu.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://luvit.education.lu.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://luvit.education.lu.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://luvit.education.lu.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://luvit.education.lu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="http://luvit.education.lu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://luvit.education.lu.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://luvit.education.lu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>Sidika Basic</md:GivenName>
+ <md:EmailAddress>sidika.basic@ced.lu.se</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/rkh.adfs-proxy-test.swamid.se-saml2idp-proxy.xml b/swamid-2.0/rkh.adfs-proxy-test.swamid.se-saml2idp-proxy.xml
index fbdc407e..1022aeef 100644
--- a/swamid-2.0/rkh.adfs-proxy-test.swamid.se-saml2idp-proxy.xml
+++ b/swamid-2.0/rkh.adfs-proxy-test.swamid.se-saml2idp-proxy.xml
@@ -1,4 +1,28 @@
-<ns0:EntityDescriptor xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ns1="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" entityID="https://rkh.adfs-proxy-test.swamid.se/Saml2IDP/proxy.xml"><ns0:Extensions><ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5" /><ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160" /><ns1:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /><ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224" /><ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" /><ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384" /><ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512" /><ns1:SigningMethod Algorithm="http,//www.w3.org/2000/09/xmldsig#dsa-sha1" /><ns1:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-md5" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160" /><ns1:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha224" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" /></ns0:Extensions><ns0:IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><ns0:KeyDescriptor use="signing"><ns2:KeyInfo><ns2:X509Data><ns2:X509Certificate>MIIEBjCCAu6gAwIBAgIJANwxpCjfD5fLMA0GCSqGSIb3DQEBBQUAMF8xCzAJBgNV
+<?xml version="1.0" encoding="UTF-8"?>
+<ns0:EntityDescriptor xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ns1="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" entityID="https://rkh.adfs-proxy-test.swamid.se/Saml2IDP/proxy.xml">
+ <ns0:Extensions>
+ <ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5"/>
+ <ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160"/>
+ <ns1:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+ <ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+ <ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+ <ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+ <ns1:SigningMethod Algorithm="http,//www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+ <ns1:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+ <ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-md5"/>
+ <ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160"/>
+ <ns1:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+ <ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha224"/>
+ <ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+ <ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+ <ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+ </ns0:Extensions>
+ <ns0:IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <ns0:KeyDescriptor use="signing">
+ <ns2:KeyInfo>
+ <ns2:X509Data>
+ <ns2:X509Certificate>MIIEBjCCAu6gAwIBAgIJANwxpCjfD5fLMA0GCSqGSIb3DQEBBQUAMF8xCzAJBgNV
BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
aWRnaXRzIFB0eSBMdGQxGDAWBgNVBAMTD2xva2kuaXRzLnVtdS5zZTAeFw0xNTEy
MTAxNDMzNTlaFw0yNTEyMDcxNDMzNTlaMF8xCzAJBgNVBAYTAkFVMRMwEQYDVQQI
@@ -20,4 +44,25 @@ XBJGBi+cuG4ggRZSvcmJLwJ1EpwWXNVekiIEQbW+mlwARLbM5N7btQRA3DWofbIx
JLn4HckD/n5dq5ueniyDqDgc2o1V2/G/zpEg90lIN7gsSOOqsbttMZFvGq3m+t3E
KxjpGx+7PhkGMf9zCVrXXztaqDyZjeNa/rpADj+kU6KudZ9eESvdppCBR0EiROm0
8xZOMdYU6Sc6SJVa/W48bqJsv95pCZM6joU=
-</ns2:X509Certificate></ns2:X509Data></ns2:KeyInfo></ns0:KeyDescriptor><ns0:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</ns0:NameIDFormat><ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs-proxy-test.swamid.se:10000/Saml2/sso/post" /><ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs-proxy-test.swamid.se:10000/Saml2/sso/redirect" /></ns0:IDPSSODescriptor><ns0:Organization><ns0:OrganizationName xml:lang="en">RKH ADFS Test (IdP)</ns0:OrganizationName><ns0:OrganizationDisplayName xml:lang="en">RKH ADFS Test</ns0:OrganizationDisplayName><ns0:OrganizationURL xml:lang="en">https://example.com</ns0:OrganizationURL></ns0:Organization><ns0:ContactPerson contactType="technical"><ns0:GivenName>Technical</ns0:GivenName><ns0:EmailAddress>technical@example.com</ns0:EmailAddress></ns0:ContactPerson><ns0:ContactPerson contactType="support"><ns0:GivenName>Support</ns0:GivenName><ns0:EmailAddress>support@example.com</ns0:EmailAddress></ns0:ContactPerson></ns0:EntityDescriptor>
+</ns2:X509Certificate>
+ </ns2:X509Data>
+ </ns2:KeyInfo>
+ </ns0:KeyDescriptor>
+ <ns0:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</ns0:NameIDFormat>
+ <ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs-proxy-test.swamid.se:10000/Saml2/sso/post"/>
+ <ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs-proxy-test.swamid.se:10000/Saml2/sso/redirect"/>
+ </ns0:IDPSSODescriptor>
+ <ns0:Organization>
+ <ns0:OrganizationName xml:lang="en">RKH ADFS Test (IdP)</ns0:OrganizationName>
+ <ns0:OrganizationDisplayName xml:lang="en">RKH ADFS Test</ns0:OrganizationDisplayName>
+ <ns0:OrganizationURL xml:lang="en">https://example.com</ns0:OrganizationURL>
+ </ns0:Organization>
+ <ns0:ContactPerson contactType="technical">
+ <ns0:GivenName>Technical</ns0:GivenName>
+ <ns0:EmailAddress>technical@example.com</ns0:EmailAddress>
+ </ns0:ContactPerson>
+ <ns0:ContactPerson contactType="support">
+ <ns0:GivenName>Support</ns0:GivenName>
+ <ns0:EmailAddress>support@example.com</ns0:EmailAddress>
+ </ns0:ContactPerson>
+</ns0:EntityDescriptor>
diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml
index cefeecea..7b3b57f9 100644
--- a/swamid-sp-2.0.mxml
+++ b/swamid-sp-2.0.mxml
@@ -491,4 +491,5 @@
<xi:include href="swamid-2.0/keystone.lab.cloud.ipnett.net-shibboleth.xml"/>
<xi:include href="swamid-2.0/rkh.adfs-proxy-test.swamid.se-saml2idp-proxy.xml"/>
<xi:include href="swamid-2.0/ni.sunet.se-saml2-metadata.xml"/>
+ <xi:include href="swamid-2.0/luvit.education.lu.se-shibboleth.xml"/>
</md:EntitiesDescriptor>