diff options
Diffstat (limited to 'swamid-2.0')
-rw-r--r-- | swamid-2.0/mfa-check.swamid.se-shibboleth.xml | 117 |
1 files changed, 117 insertions, 0 deletions
diff --git a/swamid-2.0/mfa-check.swamid.se-shibboleth.xml b/swamid-2.0/mfa-check.swamid.se-shibboleth.xml new file mode 100644 index 00000000..ea619db7 --- /dev/null +++ b/swamid-2.0/mfa-check.swamid.se-shibboleth.xml @@ -0,0 +1,117 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- +This is example metadata only. Do *NOT* supply it as is without review, +and do *NOT* provide it in real time to your partners. + --> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://mfa-check.swamid.se/shibboleth"> + <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> + <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> + <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category"> + <samla:AttributeValue>http://www.swamid.se/category/nren-service</samla:AttributeValue> + <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue> + </samla:Attribute> + </mdattr:EntityAttributes> + </md:Extensions> + <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <md:Extensions> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/nordu.net"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/nordu.net" index="1"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/kalmar2"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/kalmar2" index="2"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/Login/feide"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/haka.funet.fi"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/haka.funet.fi" index="3"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/Login/idp.funet.fi"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/Login/eduid-dev"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/Login/eduid"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/Login/unitedid"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/skolfederation"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/skolfederation" index="4"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/kalmar2"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/kalmar2" index="5"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/nightly.pyff.io"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/nightly.pyff.io" index="6"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/md.nordu.net"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/md.nordu.net" index="7"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/swamid-test"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/swamid-test" index="8"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/loopback"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/loopback" index="9"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/Login/box-idp.sunet.se"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/Login/box-idp.nordu.net"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/Login/socialproxy"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/Login/openidp"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/Login/necs.sll.se"/> + <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> + <mdui:DisplayName xml:lang="sv">SWAMIDs MFA IdP-test</mdui:DisplayName> + <mdui:DisplayName xml:lang="en">SWAMID MFA IdP certification tester</mdui:DisplayName> + <mdui:Description xml:lang="sv">Verktyg för att testa om en IdP har stöd för MFA</mdui:Description> + <mdui:Description xml:lang="en">MFA IdP certification testing tool</mdui:Description> + <mdui:InformationURL xml:lang="sv">http://www.sunet.se/swamid/</mdui:InformationURL> + <mdui:InformationURL xml:lang="en">https://www.sunet.se/about-sunet/</mdui:InformationURL> + </mdui:UIInfo> + </md:Extensions> + <md:KeyDescriptor> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:KeyName>mfa-check.swamid.se</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=mfa-check.swamid.se</ds:X509SubjectName> + <ds:X509Certificate>MIIEADCCAmigAwIBAgIJAOFBwOSVzcRxMA0GCSqGSIb3DQEBCwUAMB4xHDAaBgNV +BAMTE21mYS1jaGVjay5zd2FtaWQuc2UwHhcNMTgwMzE5MTUyNjU3WhcNMjgwMzE2 +MTUyNjU3WjAeMRwwGgYDVQQDExNtZmEtY2hlY2suc3dhbWlkLnNlMIIBojANBgkq +hkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAxC1TObwn0hNG1n3ut5qRbFmkdBGS7KSZ +lGrw+eHiUrihLUiQe9953+JwludTIh0AAFcn++uttaxI7zXHqFv4AnmVbKmKPgWv +o3alW1DApZYLqyD48HEFtGvwhy/k5QbdPbc3eNzFyWyy4U9gJSHyojFk2ts+L6Eu +YmQ3XWUpzeUYgM6PjZZY3GKGlFGuMDs2oZVJPcldwge2DM7KBgUTLY+Oym1zLa3G +STHFNR1Etr987PtFyTkqv6nWXGb60aVm6iWVFYhpBNQucSIUFBmnWWoGCNag7C7L +I9NZBLqQbj9KL/C3ApPAXyIM0fvg8ddD/J8/o+RmUZlGJmc6fPBgwK8AfrbtOwQP +T4jy8UGDLcywkWOX1KlMkuHTVppwFLlO/W8SufrzkqgJ+ps8sOYFjQxBh+aOOp3M +XCcxYkZHSftzzTngiebHxDgb8ZIRCR/LYHOSd7pwtbfkBGrOLHi6vPr0uu1H9PGQ +WHSIVkfhaRZbKcRU9xlS67Iss496MEP3AgMBAAGjQTA/MB4GA1UdEQQXMBWCE21m +YS1jaGVjay5zd2FtaWQuc2UwHQYDVR0OBBYEFIHYrpNd2RpoMTQh42sHJ7pHlUmP +MA0GCSqGSIb3DQEBCwUAA4IBgQBCOZlfACODVvZHQ506qaxew/rqxsuffTe4HWjd +M1LLhi1lN3SXhnfi4eW+jQk6ROoj+8AsUzyimLXBK8CKo1iuYwBaJ0asPlwGEUC0 +TQfjE8RbclZkhtpI4knLJgQl5Di9qJB1VB3rLjM9HKXIgyzKDWGjLMMz4iGW/ZmC +vihMpqOjBDng82r0Qp1ZI3ByikJ49msIB5iQFyXZYNf8iHLoG5Sb2dK4DIKvOg2S +A1YIRBT+OwkFh3kL3qfQjSqK/uAkMLq6I2URzTa1Np8rlec4S0lISxHTlVg2L7WW +YPmMj/QXztnb6sjhjgGzt/9D5G3M3elIEkwLSU6YDeUaTauX0Ssj21ZnT5lOCqdC +SndOtwDgcsxXOoho8MsCRdPlMn/ROiMJwodbTakQKSbEXbg+XatbOw1AVmiUHgak +wLA3I1NYNdoyC1wPDgTiEZCIfhOuBttCA8jAUv9k5q1P1pQhqCp5FuzLKAudkeJ0 +hNW9Egqc9F3KxXMAxHb63SajnOY= +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> + </md:KeyDescriptor> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://mfa-check.swamid.se/Shibboleth.sso/Artifact/SOAP" index="1"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://mfa-check.swamid.se/Shibboleth.sso/SLO/SOAP"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://mfa-check.swamid.se/Shibboleth.sso/SLO/Redirect"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mfa-check.swamid.se/Shibboleth.sso/SLO/POST"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://mfa-check.swamid.se/Shibboleth.sso/SLO/Artifact"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mfa-check.swamid.se/Shibboleth.sso/SAML2/POST" index="1"/> + </md:SPSSODescriptor> +</md:EntityDescriptor> |