diff options
-rw-r--r-- | Makefile | 2 | ||||
-rw-r--r-- | swamid-2.0/connect.eoppimispalvelut.fi-shibboleth.xml | 119 | ||||
-rw-r--r-- | swamid-2.0/fs.test.ad.liu.se-adfs-services-trust.xml | 10 | ||||
-rw-r--r-- | swamid-sp-2.0.mxml | 1 |
4 files changed, 126 insertions, 6 deletions
@@ -156,7 +156,7 @@ testGeantCoCo: testMDUI: @echo "Checking for bad lang codes" - @for x in swamid-2.0/*.xml ; do bad_langs=`cat $$x | sed -n 's/.*xml:lang="\([^"]*\)".*/\1/p' | sort -u | grep -vxE 'cs|da|de|en|fi|fr|it|sv'` ; if [ -n "$$bad_langs" ] ; then echo " $$x: `echo $$bad_langs`" | sed 's/.*/[1;31m&[0m/' ; fi ; done + @for x in swamid-2.0/*.xml ; do bad_langs=`cat $$x | sed -n 's/.*xml:lang="\([^"]*\)".*/\1/p' | sort -u | grep -vxE 'cs|da|de|en|fi|fr|it|sv'` ; if [ -n "$$bad_langs" ] ; then echo " $$x: `echo $$bad_langs`" | sed 's/.*/[1;31m&[0m/' ; fi ; done | grep . && exit 1 || exit 0 @echo "Check for mismatch between MDUI DisplayName and OrganizationDisplayName" @for x in `find $(SRCDIRS) -name \*.xml | xargs grep -l IDPSSODescriptor` ; do for lang in `cat $$x | sed -n 's/.*xml:lang="\(..\)".*/\1/p' | sort -u` ; do mdui_displayname=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor//UIInfo/DisplayName[@xml:lang='$$lang']" - 2>/dev/null | sed 's/^[ ]*//;s/[ ]*$$//' | tr -d '\n' | sed 's;<[^>]*>\([^<]*\)</[^>]*>;\1\n;g'` organizationdisplayname=`cat $$x | sed 's;\(</*\)[a-z0-9]*:;\1;g' | sed 's/xmlns="[^"]*"//' | xmllint --xpath "/EntityDescriptor/Organization/OrganizationDisplayName[@xml:lang='$$lang']" - 2>/dev/null | sed 's/^[ ]*//;s/[ ]*$$//' | tr -d '\n' | sed 's;<[^>]*>\([^<]*\)</[^>]*>;\1\n;g'` ; if [ -n "$$mdui_displayname" -a -n "$$organizationdisplayname" -a "$$mdui_displayname" != "$$organizationdisplayname" ] ; then echo "$$x: $$lang '$$mdui_displayname' vs $$lang '$$organizationdisplayname'" | sed 's/.*/[1;31m&[0m/'; fi ; done ; done | grep . && exit 1 || true @echo "Checking for uniq IdP MDUI DisplayName" diff --git a/swamid-2.0/connect.eoppimispalvelut.fi-shibboleth.xml b/swamid-2.0/connect.eoppimispalvelut.fi-shibboleth.xml new file mode 100644 index 00000000..038446f8 --- /dev/null +++ b/swamid-2.0/connect.eoppimispalvelut.fi-shibboleth.xml @@ -0,0 +1,119 @@ +<?xml version="1.0" encoding="UTF-8"?> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://connect.eoppimispalvelut.fi/shibboleth"> + <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> + <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> + <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category"> + <samla:AttributeValue>http://www.swamid.se/category/nren-service</samla:AttributeValue> + <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue> + </samla:Attribute> + </mdattr:EntityAttributes> + </md:Extensions> + <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <md:Extensions> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/DS/nordu.net"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/DS/nordu.net" index="1"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/DS/nordu.net"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/DS/nordu.net" index="2"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/DS/ds.sunet.se"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/DS/ds.sunet.se" index="3"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/DS/kalmar2"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/DS/kalmar2" index="4"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/Login/feide"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/DS/haka.funet.fi"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/DS/haka.funet.fi" index="5"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/Login/idp.funet.fi"/> + <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> + <mdui:DisplayName xml:lang="en">Lapland E-Meeting Service</mdui:DisplayName> + <mdui:DisplayName xml:lang="fi">eOppimispalvelut E-Meeting Service</mdui:DisplayName> + <mdui:DisplayName xml:lang="sv">Lapland E-Meeting Service</mdui:DisplayName> + </mdui:UIInfo> + </md:Extensions> + <md:KeyDescriptor> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:KeyName>connect.eoppimispalvelut.fi</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=connect.eoppimispalvelut.fi</ds:X509SubjectName> + <ds:X509Certificate>MIIFHzCCAwegAwIBAgIJAM/iGU5RC6ggMA0GCSqGSIb3DQEBCwUAMCYxJDAiBgNV +BAMMG2Nvbm5lY3QuZW9wcGltaXNwYWx2ZWx1dC5maTAeFw0xNzA3MTExNDA5MDVa +Fw0yNzA3MDkxNDA5MDVaMCYxJDAiBgNVBAMMG2Nvbm5lY3QuZW9wcGltaXNwYWx2 +ZWx1dC5maTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOrFJSEYwSrl +GAKy6EZ1ArvYntmfOYgwsEDBwyBb3lyJh6lo0kU7pny4DkvDOeUB8zz5iTWUSUab +j64n6Nh8sT3pMG/wd1KMKJHtiF7wA7/3mNXN5AmNLW6MC4VR5oQgjZV3Ja4de69j +2AU0+OqfKKYq5r6PQPR68AVb4Iek8/YnDMo/3iMQTzBNBAPeR7bbXITJffFFR9gl +z4KLlnsmLaNIyICszRcBBfN1aZdJZ4f+5kp6TDnspWdNo5SnksO+SNFyBSV83V0M +OMf5E9e2jSF1sGkdOiFzc6QxtL98bBUYg9NErr9X1MP1kSh7WT5WaE4LGfNFScf4 +4+T5qYCHrINB5QjB2cl5NBh9riN7RImL/RzCPyH3XaNft1RhN1TJ8nVpgVirgjNy +G1cbdFJeoqqfzlOOMwVAWCBJwiWUSr7voFsvxcHGFW/lp14czCb9cwrgT+Y37Wi2 +4vxyR9vQjd1+yojxltt3E3+8VkSCn5hR3/CuUHgwUoUgiu3yI9qrANQ/B/RsGJ5Z +mgqGoKkTb1mQbXjxvr7pxfneFbU/TnICFBmLhCJwNK6znjaZIiPZ0076FCSjgX0j +pWdgsRAcCYTABI/3UCG7MD+8Ysqh+WoXfO+W8KVmOgAjFxzSgn7P/MZdjAjba70O +G/40AM0eY5jkC7KLlKL9t6h18sE6l9/jAgMBAAGjUDBOMB0GA1UdDgQWBBTTFaPz +03n7WwFnxOlTBqWjf1KanjAfBgNVHSMEGDAWgBTTFaPz03n7WwFnxOlTBqWjf1Ka +njAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQB5ijNlpDR7DhwT7lMp +OvKvTtaYB+k8MJLLALxGRSgWjd7FVEa/lXBq8o45L25fHjyZkv419pr25a/rEWA+ +jjPGCYay+ivXdyrhrAE0ZlusCUi1cjEeRxL7t5B4qIBsUB2XAMuo2cNN9dTa6lkZ +HnzIiAru9C5FSUUskwcW5Tz9FRP1yzxMXVEEl0bWfEZeiOIXD0gQqMt00+427Bqm +q1zwwji4r7h+p6oJbEBNmCBV6IZ+9rpDHW+Cza61loIPGf8QwuLPBBFsWajBws7g +1WtiGmEv8Kr8u2zqNaQkwvuRE3hLjGch+TP+zESRDM7wjHNsx0YU123hPnwhKeHN +Z7Qx1MIBShQCagZdb/m+wHmuQ2Cwzh5cySdzTvhcJKka5XpdygXLFP2aOrRCc2Z0 +Xf8USeIYX4iLde56FvkfDYn7ATr7spbWotn8BJn3rWuK/Zsx8HMcOkqwGK03gUg3 +HDrUiFxeXBtdPGAlcbFoNPRVECfSkyzDL7RqvU/e/O7FDfNK8FYRNZ0SdCV/1ITZ +I695b+MfI3EQfDkg2j2/XOi+yyNfwgrkf4oAFNC31Cc2puXsfWb1pVIEmQG7ovfm +gAhzBP0snGc/6uQ8gK9u+l6PCRiuGBuWzN/uwlIxMdEdAJ9bEHVe06u5TGU0Hxvo +YsO5+6eqWfrGgcbrEy6s5qH2VA== +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> + </md:KeyDescriptor> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/Artifact/SOAP" index="1"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/SLO/SOAP"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/SLO/Redirect"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/SLO/POST"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/SLO/Artifact"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://connect.eoppimispalvelut.fi/Shibboleth.sso/SAML2/POST" index="1"/> + </md:SPSSODescriptor> + <md:Organization> + <md:OrganizationName xml:lang="en">NORDUnet</md:OrganizationName> + <md:OrganizationDisplayName xml:lang="en">NORDUnet A/S</md:OrganizationDisplayName> + <md:OrganizationURL xml:lang="en">http://www.nordu.net</md:OrganizationURL> + </md:Organization> + <md:ContactPerson contactType="administrative"> + <md:GivenName>Harri</md:GivenName> + <md:SurName>Kuusisto</md:SurName> + <md:EmailAddress>mailto:harri.kuusisto@csc.fi</md:EmailAddress> + </md:ContactPerson> + <md:ContactPerson contactType="technical"> + <md:Company>NORDUnet NOC</md:Company> + <md:EmailAddress>mailto:noc@nordu.net</md:EmailAddress> + </md:ContactPerson> + <md:ContactPerson contactType="support"> + <md:GivenName>Vesa</md:GivenName> + <md:SurName>Savolainen</md:SurName> + <md:EmailAddress>mailto:Vesa.Savolainen@csc.fi</md:EmailAddress> + </md:ContactPerson> +</md:EntityDescriptor> diff --git a/swamid-2.0/fs.test.ad.liu.se-adfs-services-trust.xml b/swamid-2.0/fs.test.ad.liu.se-adfs-services-trust.xml index 781c72e6..b98eefc0 100644 --- a/swamid-2.0/fs.test.ad.liu.se-adfs-services-trust.xml +++ b/swamid-2.0/fs.test.ad.liu.se-adfs-services-trust.xml @@ -664,9 +664,9 @@ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <Extensions> <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> - <mdui:DisplayName xml:lang="sv">Linköping University Test (ADFS)</mdui:DisplayName> + <mdui:DisplayName xml:lang="sv">Linköpings universitet Test (ADFS)</mdui:DisplayName> <mdui:DisplayName xml:lang="en">Linköping University Test (ADFS)</mdui:DisplayName> - <mdui:Description xml:lang="sv">Linköping University Test (ADFS)</mdui:Description> + <mdui:Description xml:lang="sv">Linköpings universityet Test (ADFS)</mdui:Description> <mdui:Description xml:lang="en">Linköping University Test (ADFS)</mdui:Description> <mdui:Keywords xml:lang="sv">LIU Linköping+University</mdui:Keywords> <mdui:Keywords xml:lang="en">LIU Linköping+University</mdui:Keywords> @@ -768,9 +768,9 @@ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://liu.se/claims/extensionAttribute8" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="extensionAttribute8"/> </IDPSSODescriptor> <Organization> - <OrganizationName xml:lang="sv-SE">Linköpings universitet</OrganizationName> - <OrganizationDisplayName xml:lang="sv-SE">Linköpings universitet</OrganizationDisplayName> - <OrganizationURL xml:lang="sv-SE">https://www.liu.se/</OrganizationURL> + <OrganizationName xml:lang="sv">Linköpings universitet</OrganizationName> + <OrganizationDisplayName xml:lang="sv">Linköpings universitet Test (ADFS)</OrganizationDisplayName> + <OrganizationURL xml:lang="sv">https://www.liu.se/</OrganizationURL> </Organization> <ContactPerson contactType="support"> <GivenName>Johan</GivenName> diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml index 021de365..a733ac46 100644 --- a/swamid-sp-2.0.mxml +++ b/swamid-sp-2.0.mxml @@ -658,4 +658,5 @@ <xi:include href="swamid-2.0/se.timeedit.net-ki.xml"/> <xi:include href="swamid-2.0/pptest.hj.se-Shibboleth-sso.xml"/> <xi:include href="swamid-2.0/pingpong.ju.se-Shibboleth-sso.xml"/> + <xi:include href="swamid-2.0/connect.eoppimispalvelut.fi-shibboleth.xml"/> </md:EntitiesDescriptor> |