diff options
-rw-r--r-- | swamid-2.0/sts.vinnova.se-adfs-services-trust.xml | 68 | ||||
-rw-r--r-- | swamid-2.0/verify.sunet.se-shibboleth.xml | 7 |
2 files changed, 44 insertions, 31 deletions
diff --git a/swamid-2.0/sts.vinnova.se-adfs-services-trust.xml b/swamid-2.0/sts.vinnova.se-adfs-services-trust.xml index 635ca8e9..28d4fc48 100644 --- a/swamid-2.0/sts.vinnova.se-adfs-services-trust.xml +++ b/swamid-2.0/sts.vinnova.se-adfs-services-trust.xml @@ -5,13 +5,13 @@ <mdrpi:RegistrationPolicy xml:lang="en">http://swamid.se/policy/mdrps</mdrpi:RegistrationPolicy> </mdrpi:RegistrationInfo> <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> - <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification"> - <saml:AttributeValue>http://www.swamid.se/policy/assurance/al1</saml:AttributeValue> - <saml:AttributeValue>http://www.swamid.se/policy/assurance/al2</saml:AttributeValue> - </saml:Attribute> + <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification"> + <samla:AttributeValue>http://www.swamid.se/policy/assurance/al1</samla:AttributeValue> + <samla:AttributeValue>http://www.swamid.se/policy/assurance/al2</samla:AttributeValue> + </samla:Attribute> </mdattr:EntityAttributes> </md:Extensions> - <IDPSSODescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" errorURL="https://error.swamid.se/?errorurl_code=ERRORURL_CODE&errorurl_ts=ERRORURL_TS&errorurl_rp=ERRORURL_RP&errorurl_tid=ERRORURL_TID&errorurl_ctx=ERRORURL_CTX&entityid=http://sts.vinnova.se/adfs/services/trust"> + <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" errorURL="https://error.swamid.se/?errorurl_code=ERRORURL_CODE&errorurl_ts=ERRORURL_TS&errorurl_rp=ERRORURL_RP&errorurl_tid=ERRORURL_TID&errorurl_ctx=ERRORURL_CTX&entityid=http://sts.vinnova.se/adfs/services/trust"> <md:Extensions> <shibmd:Scope regexp="false">vinnova.se</shibmd:Scope> <shibmd:Scope regexp="false">snsa.se</shibmd:Scope> @@ -26,35 +26,41 @@ <mdui:Description xml:lang="en">Swedish Governmental Agency for Innovations Systems</mdui:Description> <mdui:PrivacyStatementURL xml:lang="sv">https://www.vinnova.se/om-oss/regler-som-styr-var-verksamhet/personuppgifter/</mdui:PrivacyStatementURL> <mdui:PrivacyStatementURL xml:lang="en">https://www.vinnova.se/om-oss/regler-som-styr-var-verksamhet/personuppgifter/</mdui:PrivacyStatementURL> + <mdui:Logo xml:lang="en" height="24" width="217">https://www.vinnova.se/static/build/images/vinnova-complete-green.svg</mdui:Logo> + <mdui:Logo xml:lang="sv" height="24" width="217">https://www.vinnova.se/static/build/images/vinnova-complete-green.svg</mdui:Logo> + <mdui:InformationURL xml:lang="sv">https://www.vinnova.se/</mdui:InformationURL> + <mdui:InformationURL xml:lang="en">https://www.vinnova.se/en/</mdui:InformationURL> </mdui:UIInfo> </md:Extensions> - <KeyDescriptor use="encryption"> - <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> - <X509Data> - <X509Certificate>MIIC3jCCAcagAwIBAgIQXVP41p7xD59BxcZuDam4tDANBgkqhkiG9w0BAQsFADArMSkwJwYDVQQDEyBBREZTIEVuY3J5cHRpb24gLSBzdHMudmlubm92YS5zZTAeFw0yMDA1MDEwOTIyMjhaFw0yNTA0MzAwOTIyMjhaMCsxKTAnBgNVBAMTIEFERlMgRW5jcnlwdGlvbiAtIHN0cy52aW5ub3ZhLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwU02FGyI5KYokv1qxeePYzq7BGb783il0eZQ+tkxcuc9GfXRZZELigLSWzJAt8d+ONzVqqv/28ogKyBrmyixq5hBC6wmB/oifElinMCpQ0DDbmkFQzzvILCF3xNbTbK84MEVVu/IrnkG56ncJCCMibC0XsLzeP+KErPGpFBr9iB8b4LnY6+xnb/aSiSVjSUtB+QpKf7LuyxIz8SrniMEdaP2uzqsgWw85xxWRL5AH6uitFPSEmOW9qbKfOR4KmXiSbAvoPhJqKFohAMNNte02JZcEVEUHr0S2gTaHz4UuRVl73qCZ48o9g9cqvlHz+TLYJzXpgcjqWuhcnYXe4ihQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAOfXkmgGb49TCIcfojmYVa4u8oauKt1ZoREpKai4QBuqM5/iyyfAdNnCLNRRKlZQjJm6hEhTLl9btuHYA1Uyi43SB9D9qOZBoaBDEo/CRX21Toiwjcw11ZwAwewUIIZKdEcFbXXy0lyHv4zdTAyMvXN7j2EptTSpGiiwts+qWNsRj47bIUBW6Nb3jj/nC6ElAfMbmczykVkZmuLnNwABlYmbjsNSjAyXfspJv4tPanoEUjqsTsKbLtBVyY3N2Nrw+vZYiD/9LtJBn/pBF6v4vMQ/hK1bIiF3FlU0/s/kvO+ODGXksnLj7rP/wGszfloEkgwzYOHOdjOmx0MoshiGud</X509Certificate> - </X509Data> - </KeyInfo> - </KeyDescriptor> - <KeyDescriptor use="signing"> - <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> - <X509Data> - <X509Certificate>MIIC2DCCAcCgAwIBAgIQJxv/rFkFU4lN9EP0v6MUtjANBgkqhkiG9w0BAQsFADAoMSYwJAYDVQQDEx1BREZTIFNpZ25pbmcgLSBzdHMudmlubm92YS5zZTAeFw0yMDA1MDEwOTIyMDNaFw0yNTA0MzAwOTIyMDNaMCgxJjAkBgNVBAMTHUFERlMgU2lnbmluZyAtIHN0cy52aW5ub3ZhLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13kcsCVdTndWKdE7dcmhspIRsv4airY2W/eL+h8pcmf6lps99ilYHeYVrww8ZRruzAd8JzFTo9QOW4/3GrC1Ur+ZUg0hyS8UTkL9mmwifUpcuc+JAX8yxQsDrAd5A140kHbu9wddPcYVN/sljeOBOQnaH6QoCB3MQo/Y2BBPecDUsitGxzuH3CWdknZAoj8kbMNon4H4jNw0muoMdFBPJv2Y/nup42j613QfcJmSbiBJotQgPX+4ofvNh2PUNwmC8p7qUr2H20hlchTf13HmSeHzFTpnr9mP3918VRz3UC6vX4FYtn8n5RhedSWV/qKE+y8c4j5dkWBAPE6gGjLwgwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCdBpwMMfrlmiN/JXdW8eBNAryk3alKMS9+mZP2TqMbpCfgzQOP8+YzIqIWH95rlSyw31i+zupbkL+3iHaKB5/LWLQBVsWaY83AxXqh52DH+llW2VNXtpIIBpSpoIK4B3r+CiXJY3G6AuYwj7gaztjinHbvYQmQx8lL+r8/oggWZTHdnJM3uJyf/za/1EgHPMwJMbPm1RMopb5plAwcWC4TTAngkQdffGnewkJxHb986vTeiNpnB0MHfWVIXXHxGORnUwQGiJd3eOSyhB0Dd7s54fWPcligyLjs4FOMLvFNh85ngLD3On3dOiESnI+wsAYNm8oGftbH8K6w3JDpiVn6</X509Certificate> - </X509Data> - </KeyInfo> - </KeyDescriptor> - <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sts.vinnova.se/adfs/ls/"/> - <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sts.vinnova.se/adfs/ls/"/> - <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat> - <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat> - <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> - <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sts.vinnova.se/adfs/ls/"/> - <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sts.vinnova.se/adfs/ls/"/> - </IDPSSODescriptor> + <md:KeyDescriptor use="encryption"> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate>MIIC3jCCAcagAwIBAgIQXVP41p7xD59BxcZuDam4tDANBgkqhkiG9w0BAQsFADArMSkwJwYDVQQDEyBBREZTIEVuY3J5cHRpb24gLSBzdHMudmlubm92YS5zZTAeFw0yMDA1MDEwOTIyMjhaFw0yNTA0MzAwOTIyMjhaMCsxKTAnBgNVBAMTIEFERlMgRW5jcnlwdGlvbiAtIHN0cy52aW5ub3ZhLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwU02FGyI5KYokv1qxeePYzq7BGb783il0eZQ+tkxcuc9GfXRZZELigLSWzJAt8d+ONzVqqv/28ogKyBrmyixq5hBC6wmB/oifElinMCpQ0DDbmkFQzzvILCF3xNbTbK84MEVVu/IrnkG56ncJCCMibC0XsLzeP+KErPGpFBr9iB8b4LnY6+xnb/aSiSVjSUtB+QpKf7LuyxIz8SrniMEdaP2uzqsgWw85xxWRL5AH6uitFPSEmOW9qbKfOR4KmXiSbAvoPhJqKFohAMNNte02JZcEVEUHr0S2gTaHz4UuRVl73qCZ48o9g9cqvlHz+TLYJzXpgcjqWuhcnYXe4ihQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAOfXkmgGb49TCIcfojmYVa4u8oauKt1ZoREpKai4QBuqM5/iyyfAdNnCLNRRKlZQjJm6hEhTLl9btuHYA1Uyi43SB9D9qOZBoaBDEo/CRX21Toiwjcw11ZwAwewUIIZKdEcFbXXy0lyHv4zdTAyMvXN7j2EptTSpGiiwts+qWNsRj47bIUBW6Nb3jj/nC6ElAfMbmczykVkZmuLnNwABlYmbjsNSjAyXfspJv4tPanoEUjqsTsKbLtBVyY3N2Nrw+vZYiD/9LtJBn/pBF6v4vMQ/hK1bIiF3FlU0/s/kvO+ODGXksnLj7rP/wGszfloEkgwzYOHOdjOmx0MoshiGud</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </md:KeyDescriptor> + <md:KeyDescriptor use="signing"> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate>MIIC2DCCAcCgAwIBAgIQJxv/rFkFU4lN9EP0v6MUtjANBgkqhkiG9w0BAQsFADAoMSYwJAYDVQQDEx1BREZTIFNpZ25pbmcgLSBzdHMudmlubm92YS5zZTAeFw0yMDA1MDEwOTIyMDNaFw0yNTA0MzAwOTIyMDNaMCgxJjAkBgNVBAMTHUFERlMgU2lnbmluZyAtIHN0cy52aW5ub3ZhLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13kcsCVdTndWKdE7dcmhspIRsv4airY2W/eL+h8pcmf6lps99ilYHeYVrww8ZRruzAd8JzFTo9QOW4/3GrC1Ur+ZUg0hyS8UTkL9mmwifUpcuc+JAX8yxQsDrAd5A140kHbu9wddPcYVN/sljeOBOQnaH6QoCB3MQo/Y2BBPecDUsitGxzuH3CWdknZAoj8kbMNon4H4jNw0muoMdFBPJv2Y/nup42j613QfcJmSbiBJotQgPX+4ofvNh2PUNwmC8p7qUr2H20hlchTf13HmSeHzFTpnr9mP3918VRz3UC6vX4FYtn8n5RhedSWV/qKE+y8c4j5dkWBAPE6gGjLwgwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCdBpwMMfrlmiN/JXdW8eBNAryk3alKMS9+mZP2TqMbpCfgzQOP8+YzIqIWH95rlSyw31i+zupbkL+3iHaKB5/LWLQBVsWaY83AxXqh52DH+llW2VNXtpIIBpSpoIK4B3r+CiXJY3G6AuYwj7gaztjinHbvYQmQx8lL+r8/oggWZTHdnJM3uJyf/za/1EgHPMwJMbPm1RMopb5plAwcWC4TTAngkQdffGnewkJxHb986vTeiNpnB0MHfWVIXXHxGORnUwQGiJd3eOSyhB0Dd7s54fWPcligyLjs4FOMLvFNh85ngLD3On3dOiESnI+wsAYNm8oGftbH8K6w3JDpiVn6</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </md:KeyDescriptor> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sts.vinnova.se/adfs/ls/"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sts.vinnova.se/adfs/ls/"/> + <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat> + <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat> + <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat> + <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sts.vinnova.se/adfs/ls/"/> + <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sts.vinnova.se/adfs/ls/"/> + </md:IDPSSODescriptor> <md:Organization> <md:OrganizationName xml:lang="en">Vinnova</md:OrganizationName> + <md:OrganizationName xml:lang="sv">Vinnova</md:OrganizationName> <md:OrganizationDisplayName xml:lang="sv">Vinnova</md:OrganizationDisplayName> <md:OrganizationDisplayName xml:lang="en">Vinnova</md:OrganizationDisplayName> <md:OrganizationURL xml:lang="en">https://www.vinnova.se/</md:OrganizationURL> + <md:OrganizationURL xml:lang="sv">https://www.vinnova.se/</md:OrganizationURL> </md:Organization> <md:ContactPerson contactType="administrative"> <md:Company>Vinnova</md:Company> @@ -71,8 +77,14 @@ <md:ContactPerson contactType="support"> <md:Company>Vinnova</md:Company> <md:GivenName>Fornamn</md:GivenName> - <md:SurName>IT Helpdesk</md:SurName> + <md:SurName>Efternamn</md:SurName> <md:EmailAddress>mailto:helpdesk@vinnova.se</md:EmailAddress> <md:TelephoneNumber>+46 8 473 32 99</md:TelephoneNumber> </md:ContactPerson> + <md:ContactPerson xmlns:remd="http://refeds.org/metadata" contactType="other" remd:contactType="http://refeds.org/metadata/contactType/security"> + <md:Company>Vinnova</md:Company> + <md:GivenName>Fornamn</md:GivenName> + <md:SurName>Efternamn</md:SurName> + <md:EmailAddress>mailto:admin@vinnova.se</md:EmailAddress> + </md:ContactPerson> </md:EntityDescriptor> diff --git a/swamid-2.0/verify.sunet.se-shibboleth.xml b/swamid-2.0/verify.sunet.se-shibboleth.xml index 70dabdee..9fca864f 100644 --- a/swamid-2.0/verify.sunet.se-shibboleth.xml +++ b/swamid-2.0/verify.sunet.se-shibboleth.xml @@ -22,7 +22,7 @@ <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> - <samla:AttributeValue>https://refeds.org/category/personalized</samla:AttributeValue> + <samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue> </samla:Attribute> </mdattr:EntityAttributes> </md:Extensions> @@ -41,8 +41,8 @@ <mdui:InformationURL xml:lang="sv">https://verify.sunet.se</mdui:InformationURL> <mdui:InformationURL xml:lang="en">https://verify.sunet.se</mdui:InformationURL> <mdui:Description xml:lang="sv">SUNET - användare verifiering</mdui:Description> - <mdui:PrivacyStatementURL xml:lang="en">https://verify.sunet.se</mdui:PrivacyStatementURL> - <mdui:PrivacyStatementURL xml:lang="sv">https://verify.sunet.se</mdui:PrivacyStatementURL> + <mdui:PrivacyStatementURL xml:lang="en">https://verify.sunet.se/?Privacy </mdui:PrivacyStatementURL> + <mdui:PrivacyStatementURL xml:lang="sv">https://verify.sunet.se/?Privacy </mdui:PrivacyStatementURL> </mdui:UIInfo> </md:Extensions> <md:KeyDescriptor use="signing"> @@ -143,6 +143,7 @@ oL2bH818Ft93Y/h4EFUtHZPG6PQB3dLchU/7yxJGq2+NQEmPEUS6VhHglyla5tUh <md:RequestedAttribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> <md:RequestedAttribute FriendlyName="eduPersonAssurance" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> <md:RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <md:RequestedAttribute FriendlyName="displayName" Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> </md:AttributeConsumingService> </md:SPSSODescriptor> <md:Organization> |