diff options
Diffstat (limited to 'swamid-2.0/testidpv4.lu.se-idp-shibboleth.xml')
-rw-r--r-- | swamid-2.0/testidpv4.lu.se-idp-shibboleth.xml | 124 |
1 files changed, 65 insertions, 59 deletions
diff --git a/swamid-2.0/testidpv4.lu.se-idp-shibboleth.xml b/swamid-2.0/testidpv4.lu.se-idp-shibboleth.xml index 3ba3f532..5486810c 100644 --- a/swamid-2.0/testidpv4.lu.se-idp-shibboleth.xml +++ b/swamid-2.0/testidpv4.lu.se-idp-shibboleth.xml @@ -4,22 +4,22 @@ <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/" registrationInstant="2020-04-21T08:31:10Z"> <mdrpi:RegistrationPolicy xml:lang="en">http://swamid.se/policy/mdrps</mdrpi:RegistrationPolicy> </mdrpi:RegistrationInfo> - <attr:EntityAttributes xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute"> - <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> - <saml:AttributeValue>http://www.swamid.se/policy/assurance/al1</saml:AttributeValue> - <saml:AttributeValue>http://www.swamid.se/policy/assurance/al2</saml:AttributeValue> - <saml:AttributeValue>http://www.swamid.se/policy/authentication/swamid-al2-mfa</saml:AttributeValue> - <saml:AttributeValue>http://www.swamid.se/policy/authentication/swamid-al2-mfa-hi</saml:AttributeValue> - <saml:AttributeValue>https://refeds.org/sirtfi</saml:AttributeValue> - </saml:Attribute> + <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> + <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> + <samla:AttributeValue>http://www.swamid.se/policy/assurance/al1</samla:AttributeValue> + <samla:AttributeValue>http://www.swamid.se/policy/assurance/al2</samla:AttributeValue> + <samla:AttributeValue>http://www.swamid.se/policy/authentication/swamid-al2-mfa</samla:AttributeValue> + <samla:AttributeValue>http://www.swamid.se/policy/authentication/swamid-al2-mfa-hi</samla:AttributeValue> + <samla:AttributeValue>https://refeds.org/sirtfi</samla:AttributeValue> + </samla:Attribute> <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category-support"> <samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue> <samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue> </samla:Attribute> - </attr:EntityAttributes> + </mdattr:EntityAttributes> </md:Extensions> - <IDPSSODescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0" errorURL="https://error.swamid.se/?errorurl_code=ERRORURL_CODE&errorurl_ts=ERRORURL_TS&errorurl_rp=ERRORURL_RP&errorurl_tid=ERRORURL_TID&errorurl_ctx=ERRORURL_CTX&entityid=https://testidpv4.lu.se/idp/shibboleth"> - <Extensions> + <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0" errorURL="https://error.swamid.se/?errorurl_code=ERRORURL_CODE&errorurl_ts=ERRORURL_TS&errorurl_rp=ERRORURL_RP&errorurl_tid=ERRORURL_TID&errorurl_ctx=ERRORURL_CTX&entityid=https://testidpv4.lu.se/idp/shibboleth"> + <md:Extensions> <shibmd:Scope regexp="false">lu.se</shibmd:Scope> <mdui:UIInfo> <mdui:DisplayName xml:lang="sv">Lunds universitet (Test)</mdui:DisplayName> @@ -32,17 +32,19 @@ <mdui:Keywords xml:lang="en">lu lth</mdui:Keywords> <mdui:InformationURL xml:lang="sv">https://www.lu.se/</mdui:InformationURL> <mdui:InformationURL xml:lang="en">https://www.lunduniversity.lu.se/</mdui:InformationURL> - <mdui:PrivacyStatementURL xml:lang="sv">https://lucat.blogg.lu.se/att-anvanda-lu-konto/anvandarvillkor-personuppgifter/hantering-av-personuppgifter/</mdui:PrivacyStatementURL> - <mdui:PrivacyStatementURL xml:lang="en">https://lucat.blogg.lu.se/att-anvanda-lu-konto/anvandarvillkor-personuppgifter/policy-for-management-of-personal-data/</mdui:PrivacyStatementURL> + <mdui:PrivacyStatementURL xml:lang="sv">https://www.it.lu.se/fileadmin/user_upload/itlu/personuppgiftshantering.html</mdui:PrivacyStatementURL> + <mdui:PrivacyStatementURL xml:lang="en">https://www.it.lu.se/fileadmin/user_upload/itlu/personaldata.html</mdui:PrivacyStatementURL> + <mdui:Logo xml:lang="sv" height="121" width="146">https://testidpv4.lu.se/idp/images/mdui-logo-sv.png</mdui:Logo> + <mdui:Logo xml:lang="en" height="116" width="146">https://testidpv4.lu.se/idp/images/mdui-logo-en.png</mdui:Logo> </mdui:UIInfo> <mdui:DiscoHints> <mdui:DomainHint>lu.se</mdui:DomainHint> <mdui:DomainHint>lth.se</mdui:DomainHint> <mdui:IPHint>130.235.0.0/16</mdui:IPHint> </mdui:DiscoHints> - </Extensions> + </md:Extensions> <!-- First signing certificate is BackChannel --> - <KeyDescriptor use="signing"> + <md:KeyDescriptor use="signing"> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate> @@ -72,9 +74,9 @@ </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> - </KeyDescriptor> + </md:KeyDescriptor> <!-- Second signing certificate is FrontChannel --> - <KeyDescriptor use="signing"> + <md:KeyDescriptor use="signing"> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate> @@ -104,8 +106,8 @@ </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> - </KeyDescriptor> - <KeyDescriptor use="encryption"> + </md:KeyDescriptor> + <md:KeyDescriptor use="encryption"> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate> @@ -135,21 +137,21 @@ </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> - </KeyDescriptor> - <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://testidpv4.lu.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/> - <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://testidpv4.lu.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/> - <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://testidpv4.lu.se/idp/profile/SAML2/Redirect/SLO"/> - <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://testidpv4.lu.se/idp/profile/SAML2/POST/SLO"/> - <SingleSignOnService xmlns:req-attr="urn:oasis:names:tc:SAML:protocol:ext:req-attr" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" req-attr:supportsRequestedAttributes="true" Location="https://testidpv4.lu.se/idp/profile/SAML2/Redirect/SSO"/> - <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://testidpv4.lu.se/idp/profile/Shibboleth/SSO"/> - <SingleSignOnService xmlns:req-attr="urn:oasis:names:tc:SAML:protocol:ext:req-attr" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" req-attr:supportsRequestedAttributes="true" Location="https://testidpv4.lu.se/idp/profile/SAML2/POST/SSO"/> - </IDPSSODescriptor> - <AttributeAuthorityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol"> - <Extensions> + </md:KeyDescriptor> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://testidpv4.lu.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://testidpv4.lu.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://testidpv4.lu.se/idp/profile/SAML2/Redirect/SLO"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://testidpv4.lu.se/idp/profile/SAML2/POST/SLO"/> + <md:SingleSignOnService xmlns:ns1="urn:oasis:names:tc:SAML:protocol:ext:req-attr" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" ns1:supportsRequestedAttributes="true" Location="https://testidpv4.lu.se/idp/profile/SAML2/Redirect/SSO"/> + <md:SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://testidpv4.lu.se/idp/profile/Shibboleth/SSO"/> + <md:SingleSignOnService xmlns:ns1="urn:oasis:names:tc:SAML:protocol:ext:req-attr" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" ns1:supportsRequestedAttributes="true" Location="https://testidpv4.lu.se/idp/profile/SAML2/POST/SSO"/> + </md:IDPSSODescriptor> + <md:AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol"> + <md:Extensions> <shibmd:Scope regexp="false">lu.se</shibmd:Scope> - </Extensions> + </md:Extensions> <!-- First signing certificate is BackChannel --> - <KeyDescriptor use="signing"> + <md:KeyDescriptor use="signing"> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate> @@ -179,9 +181,9 @@ </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> - </KeyDescriptor> + </md:KeyDescriptor> <!-- Second signing certificate is FrontChannel --> - <KeyDescriptor use="signing"> + <md:KeyDescriptor use="signing"> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate> @@ -211,8 +213,8 @@ </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> - </KeyDescriptor> - <KeyDescriptor use="encryption"> + </md:KeyDescriptor> + <md:KeyDescriptor use="encryption"> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate> @@ -242,27 +244,31 @@ </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> - </KeyDescriptor> - <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://testidpv4.lu.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/> - </AttributeAuthorityDescriptor> - <Organization xmlns="urn:oasis:names:tc:SAML:2.0:metadata"> - <OrganizationName xml:lang="en">LU</OrganizationName> - <OrganizationDisplayName xml:lang="sv">Lunds universitet (Test)</OrganizationDisplayName> - <OrganizationDisplayName xml:lang="en">Lund University (Test)</OrganizationDisplayName> - <OrganizationURL xml:lang="en">http://www.lu.se/</OrganizationURL> - </Organization> - <ContactPerson xmlns="urn:oasis:names:tc:SAML:2.0:metadata" contactType="administrative"> - <GivenName>Eskil</GivenName> - <SurName>Swahn</SurName> - <EmailAddress>mailto:eskil.swahn@ldc.lu.se</EmailAddress> - </ContactPerson> - <ContactPerson xmlns="urn:oasis:names:tc:SAML:2.0:metadata" contactType="support"> - <SurName>LU Servicedesk</SurName> - <EmailAddress>mailto:servicedesk@lu.se</EmailAddress> - </ContactPerson> - <ContactPerson xmlns:remd="http://refeds.org/metadata" xmlns="urn:oasis:names:tc:SAML:2.0:metadata" contactType="other" remd:contactType="http://refeds.org/metadata/contactType/security"> - <GivenName>IRT Lund University</GivenName> - <EmailAddress>mailto:abuse@lu.se</EmailAddress> - <TelephoneNumber>+46462229000</TelephoneNumber> - </ContactPerson> + </md:KeyDescriptor> + <md:AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://testidpv4.lu.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/> + </md:AttributeAuthorityDescriptor> + <md:Organization> + <md:OrganizationName xml:lang="en">Lund University</md:OrganizationName> + <md:OrganizationName xml:lang="sv">Lunds universitet</md:OrganizationName> + <md:OrganizationDisplayName xml:lang="sv">Lunds universitet</md:OrganizationDisplayName> + <md:OrganizationDisplayName xml:lang="en">Lund University</md:OrganizationDisplayName> + <md:OrganizationURL xml:lang="en">https://www.lunduniversity.lu.se/</md:OrganizationURL> + <md:OrganizationURL xml:lang="sv">https://www.lu.se/</md:OrganizationURL> + </md:Organization> + <md:ContactPerson contactType="administrative"> + <md:GivenName>LU IdP administrators</md:GivenName> + <md:EmailAddress>mailto:idpadmin@epic.lu.se</md:EmailAddress> + </md:ContactPerson> + <md:ContactPerson contactType="support"> + <md:GivenName>LU Servicedesk</md:GivenName> + <md:EmailAddress>mailto:servicedesk@lu.se</md:EmailAddress> + </md:ContactPerson> + <md:ContactPerson xmlns:remd="http://refeds.org/metadata" contactType="other" remd:contactType="http://refeds.org/metadata/contactType/security"> + <md:GivenName>IRT Lund University</md:GivenName> + <md:EmailAddress>mailto:abuse@lu.se</md:EmailAddress> + </md:ContactPerson> + <md:ContactPerson contactType="technical"> + <md:GivenName>LU IdP administrators</md:GivenName> + <md:EmailAddress>mailto:idpadmin@epic.lu.se</md:EmailAddress> + </md:ContactPerson> </md:EntityDescriptor> |