diff options
Diffstat (limited to 'swamid-2.0')
3 files changed, 63 insertions, 36 deletions
diff --git a/swamid-2.0/test3.release-check.swamid.se-shibboleth.xml b/swamid-2.0/test3.release-check.swamid.se-shibboleth.xml index 649ce5a2..cb7304f0 100644 --- a/swamid-2.0/test3.release-check.swamid.se-shibboleth.xml +++ b/swamid-2.0/test3.release-check.swamid.se-shibboleth.xml @@ -1,6 +1,6 @@ <?xml version="1.0" encoding="UTF-8"?> <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://test3.release-check.swamid.se/shibboleth"> - <!-- Test with SP with EC = Code of Conduct from SWAMID IdP, part 1--> + <!-- Test with SP with EC = Code of Conduct from SWAMID SP, part 1--> <md:Extensions> <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/"> <mdrpi:RegistrationPolicy xml:lang="en">https://www.sunet.se/wp-content/uploads/2016/08/SWAMID-Metadata-Registration-Practice-Statement-v2.pdf</mdrpi:RegistrationPolicy> diff --git a/swamid-2.0/test4.release-check.swamid.se-shibboleth.xml b/swamid-2.0/test4.release-check.swamid.se-shibboleth.xml index 30d476aa..550f3da8 100644 --- a/swamid-2.0/test4.release-check.swamid.se-shibboleth.xml +++ b/swamid-2.0/test4.release-check.swamid.se-shibboleth.xml @@ -1,6 +1,6 @@ <?xml version="1.0" encoding="UTF-8"?> <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://test4.release-check.swamid.se/shibboleth"> - <!-- Test with SP with EC = Code of Conduct from SWAMID IdP, part 2--> + <!-- Test with SP with EC = Code of Conduct from SWAMID SP, part 2--> <md:Extensions> <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/"> <mdrpi:RegistrationPolicy xml:lang="en">https://www.sunet.se/wp-content/uploads/2016/08/SWAMID-Metadata-Registration-Practice-Statement-v2.pdf</mdrpi:RegistrationPolicy> diff --git a/swamid-2.0/test5.release-check.swamid.se-shibboleth.xml b/swamid-2.0/test5.release-check.swamid.se-shibboleth.xml index 9fd8bd7f..b7ab2fe7 100644 --- a/swamid-2.0/test5.release-check.swamid.se-shibboleth.xml +++ b/swamid-2.0/test5.release-check.swamid.se-shibboleth.xml @@ -1,9 +1,26 @@ <?xml version="1.0" encoding="UTF-8"?> <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://test5.release-check.swamid.se/shibboleth"> + <!-- Test with SP with EC = Code of Conduct from non SWAMID SP--> <md:Extensions> <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/loop"> - <mdrpi:RegistrationPolicy xml:lang="en">http://www.csc.fi/english/institutions/haka/instructions/join/eduGAINRegistrationStatement/</mdrpi:RegistrationPolicy> + <mdrpi:RegistrationPolicy xml:lang="en">https://www.sunet.se/wp-content/uploads/2016/08/SWAMID-Metadata-Registration-Practice-Statement-v2.pdf</mdrpi:RegistrationPolicy> </mdrpi:RegistrationInfo> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <saml:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</saml:AttributeValue> @@ -12,25 +29,32 @@ </md:Extensions> <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <md:Extensions> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://test5.release-check.swamid.se/Shibboleth.sso/Login"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://test5.release-check.swamid.se/Shibboleth.sso/Login" index="1"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://test5.release-check.swamid.se/Shibboleth.sso/DS/nordu.net"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://test5.release-check.swamid.se/Shibboleth.sso/DS/nordu.net" index="2"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://test5.release-check.swamid.se/Shibboleth.sso/DS/swamid-test"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://test5.release-check.swamid.se/Shibboleth.sso/DS/swamid-test" index="3"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://test5.release-check.swamid.se/Shibboleth.sso/DS/seamless-access"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://test5.release-check.swamid.se/Shibboleth.sso/DS/seamless-access" index="4"/> <mdui:UIInfo> + <mdui:DisplayName xml:lang="sv">SWAMID Entity Category Release Check - GÉANT CoCo del 3</mdui:DisplayName> <mdui:DisplayName xml:lang="en">SWAMID Entity Category Release Check - GÉANT CoCo part 3</mdui:DisplayName> - <mdui:DisplayName xml:lang="sv">SWAMID Entity Category Release Check - GÉANT CoCo del</mdui:DisplayName> - <mdui:DisplayName xml:lang="fi">SWAMID Entity Category Release Check - GÉANT CoCo part 3</mdui:DisplayName> - <mdui:Description xml:lang="fi">This is a test service for IdP administrators to test that they follow the SWAMID Best Current Practice for EC Attribute Release.</mdui:Description> - <mdui:Description xml:lang="sv">This is a test service for IdP administrators to test that they follow the SWAMID Best Current Practice for EC Attribute Release.</mdui:Description> - <mdui:Description xml:lang="en">This is a test service for IdP administrators to test that they follow the SWAMID Best Current Practice for EC Attribute Release.</mdui:Description> + <mdui:Description xml:lang="sv">Detta är en testtjänst avsedd för systemadministratörer med identitetsutgivare registrerade i SWAMID. Tjänsten testar om identitetsutfärdaren följer SWAMID Best Current Practice for Entity Category Attribute Release.</mdui:Description> + <mdui:Description xml:lang="en">This is a test service for Identity Provider administrators to test that they follow the SWAMID Best Current Practice for Entity Category Attribute Release.</mdui:Description> <mdui:Logo height="100" width="115">https://release-check.swamid.se/swamid-logo-2-100x115.png</mdui:Logo> - <mdui:InformationURL xml:lang="sv">https://release-check.swamid.se</mdui:InformationURL> - <mdui:InformationURL xml:lang="fi">https://release-check.swamid.se</mdui:InformationURL> - <mdui:InformationURL xml:lang="en">https://release-check.swamid.se</mdui:InformationURL> + <mdui:InformationURL xml:lang="sv">https://release-check.swamid.se/</mdui:InformationURL> + <mdui:InformationURL xml:lang="en">https://release-check.swamid.se/</mdui:InformationURL> <mdui:PrivacyStatementURL xml:lang="sv">https://wiki.sunet.se/display/SWAMID/Privacy+Policy+for+the+SWAMID+Identity+Provider+Test+Suite</mdui:PrivacyStatementURL> - <mdui:PrivacyStatementURL xml:lang="fi">https://wiki.sunet.se/display/SWAMID/Privacy+Policy+for+the+SWAMID+Identity+Provider+Test+Suite</mdui:PrivacyStatementURL> <mdui:PrivacyStatementURL xml:lang="en">https://wiki.sunet.se/display/SWAMID/Privacy+Policy+for+the+SWAMID+Identity+Provider+Test+Suite</mdui:PrivacyStatementURL> + <mdui:Logo height="100" width="115">https://release-check.swamid.se/swamid-logo-2-100x115.png</mdui:Logo> </mdui:UIInfo> </md:Extensions> <md:KeyDescriptor use="signing"> <ds:KeyInfo> + <ds:KeyName>3b2548e9acf6</ds:KeyName> <ds:X509Data> + <ds:X509SubjectName>CN=3b2548e9acf6</ds:X509SubjectName> <ds:X509Certificate>MIID9jCCAl6gAwIBAgIUVLubTApZL2saWYLEDnANQ2IlVZwwDQYJKoZIhvcNAQEL BQAwFzEVMBMGA1UEAxMMM2IyNTQ4ZTlhY2Y2MB4XDTE5MTAxNzIwMjczMVoXDTI5 MTAxNDIwMjczMVowFzEVMBMGA1UEAxMMM2IyNTQ4ZTlhY2Y2MIIBojANBgkqhkiG @@ -52,13 +76,16 @@ l7TbjEQN53ES6jlX+Rj/wLFRpCURcJRcoEIrBqVMmyyM+RegscFCbSqO1PVHCDbM lHGqMElLpJ1KSAA4y+4zfU4WbSno850PQlZ2KDEHbEsb/k7NI59D+0hUhNBfP2fc Ccma1I451Mf1ANzrFCniqUXbre5nqNGQHuVrtk7cMUYyt4bv8rCkYQP0J6a+HYw8 LoEDqj2cS1ZW7uhbCJrHuAkGGgBrd+l6OCiMVpqBC+AJT/zTeFHLSKXl/TuR/v1e -KK/Bciw51EZ7Ew==</ds:X509Certificate> +KK/Bciw51EZ7Ew== +</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:KeyDescriptor use="encryption"> <ds:KeyInfo> + <ds:KeyName>3b2548e9acf6</ds:KeyName> <ds:X509Data> + <ds:X509SubjectName>CN=3b2548e9acf6</ds:X509SubjectName> <ds:X509Certificate>MIID9jCCAl6gAwIBAgIUAQvlKdIv0wTBgd8wnoQ4DMBVuv4wDQYJKoZIhvcNAQEL BQAwFzEVMBMGA1UEAxMMM2IyNTQ4ZTlhY2Y2MB4XDTE5MTAxNzIwMjczMloXDTI5 MTAxNDIwMjczMlowFzEVMBMGA1UEAxMMM2IyNTQ4ZTlhY2Y2MIIBojANBgkqhkiG @@ -80,21 +107,31 @@ RgIJCBe+ZTO5ZyjP5SA/WA+R7/PTDJkcPnUEpXU3RrPkvxeO2i5ED+FDKn/qwTUi CJgz70bIWAPKvqbylF2/PGxnQplF4k5MOOPxgBQi7SN76TfwCj8yGDL9jHHLyeNC b/uFMt24uGhuR2Lj6EQSTjXr3MwyN8OI0mTMUsc4CZsWiKRUsAGZ+H9/2feChOUO 2xgD+4RpO5RQYVqnCOalXlyxlo1YvEc3KahBPwCwnXcWjdU7VJ7pcXfaQFb/uA8v -rtSd5rXgy930PQ==</ds:X509Certificate> +rtSd5rXgy930PQ== +</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> </md:KeyDescriptor> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://test5.release-check.swamid.se/Shibboleth.sso/Artifact/SOAP" index="1"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://test5.release-check.swamid.se/Shibboleth.sso/SLO/SOAP"/> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test5.release-check.swamid.se/Shibboleth.sso/SLO/Redirect"/> - <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat> - <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat> - <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test5.release-check.swamid.se/Shibboleth.sso/SAML2/POST" index="1" isDefault="true"/> - <md:AttributeConsumingService index="1" isDefault="true"> - <md:ServiceName xml:lang="fi">Release-check for SWAMID</md:ServiceName> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test5.release-check.swamid.se/Shibboleth.sso/SLO/POST"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://test5.release-check.swamid.se/Shibboleth.sso/SLO/Artifact"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test5.release-check.swamid.se/Shibboleth.sso/SAML2/POST" index="1"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://test5.release-check.swamid.se/Shibboleth.sso/SAML2/Artifact" index="3"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://test5.release-check.swamid.se/Shibboleth.sso/SAML2/ECP" index="4"/> + <md:AttributeConsumingService index="1"> <md:ServiceName xml:lang="en">Release-check for SWAMID</md:ServiceName> <md:ServiceName xml:lang="sv">Release-check for SWAMID</md:ServiceName> - <md:ServiceDescription xml:lang="fi">This is a test service for Identity Provider administrators to test that they follow the SWAMID Best Current Practice for Entity Category Attribute Release.</md:ServiceDescription> - <md:ServiceDescription xml:lang="en">This is a test service for Identity Provider administrators to test that they follow the SWAMID Best Current Practice for Entity Category Attribute Release.</md:ServiceDescription> - <md:ServiceDescription xml:lang="sv">Detta ar en testtjanst avsedd for systemadministratorer med identitetsutgivare registrerade i SWAMID. Tjansten testar om identitetsutfardaren foljer SWAMID Best Current Pr actice for Entity Category Attribute Release.</md:ServiceDescription> <md:RequestedAttribute FriendlyName="cn" Name="urn:oid:2.5.4.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> <md:RequestedAttribute FriendlyName="displayName" Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> <md:RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> @@ -107,22 +144,12 @@ rtSd5rXgy930PQ==</ds:X509Certificate> </md:AttributeConsumingService> </md:SPSSODescriptor> <md:Organization> - <md:OrganizationName xml:lang="fi">SWAMID</md:OrganizationName> - <md:OrganizationName xml:lang="en">Swedish Academic Identity Federation</md:OrganizationName> - <md:OrganizationName xml:lang="sv">SWAMID</md:OrganizationName> - <md:OrganizationDisplayName xml:lang="fi">SWAMID</md:OrganizationDisplayName> - <md:OrganizationDisplayName xml:lang="en">Swedish Academic Identity Federation</md:OrganizationDisplayName> - <md:OrganizationDisplayName xml:lang="sv">SWAMID</md:OrganizationDisplayName> - <md:OrganizationURL xml:lang="fi">https://www.sunet.se/swamid/</md:OrganizationURL> - <md:OrganizationURL xml:lang="en">https://www.sunet.se/swamid/</md:OrganizationURL> - <md:OrganizationURL xml:lang="sv">https://www.sunet.se/swamid/</md:OrganizationURL> + <md:OrganizationName xml:lang="en">SWAMID</md:OrganizationName> + <md:OrganizationDisplayName xml:lang="en">Swedish Academic Identity Federation (SWAMID)</md:OrganizationDisplayName> + <md:OrganizationURL xml:lang="en">http://www.swamid.se</md:OrganizationURL> </md:Organization> <md:ContactPerson contactType="technical"> - <md:GivenName>SWAMID</md:GivenName> - <md:EmailAddress>mailto:operations@swamid.se</md:EmailAddress> - </md:ContactPerson> - <md:ContactPerson contactType="support"> - <md:GivenName>SWAMID</md:GivenName> + <md:Company>SWAMID</md:Company> <md:EmailAddress>mailto:operations@swamid.se</md:EmailAddress> </md:ContactPerson> </md:EntityDescriptor> |