diff options
Diffstat (limited to 'swamid-2.0')
-rw-r--r-- | swamid-2.0/ams.ki.se-shibboleth.xml | 126 |
1 files changed, 126 insertions, 0 deletions
diff --git a/swamid-2.0/ams.ki.se-shibboleth.xml b/swamid-2.0/ams.ki.se-shibboleth.xml new file mode 100644 index 00000000..02312ed4 --- /dev/null +++ b/swamid-2.0/ams.ki.se-shibboleth.xml @@ -0,0 +1,126 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- +2019-12-02 +Added on request from Uwe Bertram" <ubertram@a-tune.com> for access to login.ki.se + --> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://ams.ki.se/shibboleth"> + <md:Extensions> + <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/"> + <mdrpi:RegistrationPolicy xml:lang="en">https://www.sunet.se/wp-content/uploads/2016/08/SWAMID-Metadata-Registration-Practice-Statement-v2.pdf</mdrpi:RegistrationPolicy> + </mdrpi:RegistrationInfo> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> + <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> + <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category"> + <samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue> + </samla:Attribute> + </mdattr:EntityAttributes> + </md:Extensions> + <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <md:Extensions> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://ams.ki.se/Shibboleth.sso/Login"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://ams.ki.se/Shibboleth.sso/Login" index="1"/> + <mdui:UIInfo> + <mdui:DisplayName xml:lang="en">tick@lab ams.ki.se</mdui:DisplayName> + <mdui:Description xml:lang="en">tick@lab animal management system at Karolinska Institut</mdui:Description> + <mdui:InformationURL xml:lang="en">https://ams.ki.se</mdui:InformationURL> + </mdui:UIInfo> + </md:Extensions> + <md:KeyDescriptor use="signing"> + <ds:KeyInfo> + <ds:KeyName>appserver</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=appserver</ds:X509SubjectName> + <ds:X509Certificate>MIID7TCCAlWgAwIBAgIUBanG747HpkO/0l8abGm6MvbQKs4wDQYJKoZIhvcNAQEL +BQAwFDESMBAGA1UEAxMJYXBwc2VydmVyMB4XDTE5MTEyMDEzMDczMFoXDTI5MTEx +NzEzMDczMFowFDESMBAGA1UEAxMJYXBwc2VydmVyMIIBojANBgkqhkiG9w0BAQEF +AAOCAY8AMIIBigKCAYEAwfY6Dnn0gv0DP2/E39TL0W08jxlhniJoIcqkUPTUCQVJ +gFlM+zjHGuRGOUp6rk5tJjgxT2vs1zH8MOkp6GCKdwgWUle0EoNi6fCnG5KQYljz +Cqovn86+aZEupr6cAsjUzPXRgKAkwiUR11z3DYA/eoYYsMJEyc0e+US/Ocnoj0SG +zAhtKEdGd8jy2NavHzy//79t2A38mduyHJSFUUFcuD7MerCkI0Ua8BgEoFTsn6EO +zR2fJBUlRK6f4rMjA1U20HTUdhtD3Gail5PYSnlHHyHKISQuwZVDjjCwYzL5/q3N +vsj+LLAwKeEpQk7e9MKIJ7ykNdn05q7Sr3PFPyt/+hqSmFvAcA5wJg1onHYMcOMM +vcfTWNT7msxsv7AuXuRMVi6GZlT53DkXGmghntAthx416c0HSCl/96K3aOf4VgEQ +IGf1yPa15gNsKl00gkZaPuAcY/F4QIfloyeciJhk6AKFBZ5s3+2M1CSfD3emspZ+ +8gV6ycufHqr9vaxbyGR9AgMBAAGjNzA1MBQGA1UdEQQNMAuCCWFwcHNlcnZlcjAd +BgNVHQ4EFgQUgxfJyeSWw3Wmysypwj7LTdAs5MkwDQYJKoZIhvcNAQELBQADggGB +AE4bcQUzI2Som7n+kalw8mkCldnLlgOsYl6lEk5eqlLSelYvRpLZDBlHGBC3GoAW +u1wNhF8+zoIYUVKOcd2vyqgwGbJlV3HOAqUkwqKeSKvRmvVVofsvM2xpz531DEr7 +ety+fkkneGbpKf4MKz1XPm2m1om1j6NDJ6QDZSuxU8emYgyG58+A8HTKCxkdvHN4 +dN0p8hkrqmL1Hy8ioNjEjS5b81XE4KyDtMdMciV5I7W4fNPEYMm7x6YZspB7bo+8 +RN2/L9wHrzWTxhfxHrrjSavl5Dym2WlR8wYYm7FzRCZK5rJau+Upu+3uasX4Mp7g +BugfJ5/+xi4xH8TsnsR784P/hTZmdt52AExhndn2CjYRnvltMCYTQGhHWW9xsfGX +YxuvDIxtG6N6kzJHyarzr6V779bAYRszEJAO+U8b8tNG7zVwcYMCqu88wSnx8g1/ +RyX5HLxqCIiFOMJCP80u/IpPU+ElfK2NhIuHco5DumQCnYGNTWvLyIsVwrMWTE+x +Hg== +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </md:KeyDescriptor> + <md:KeyDescriptor use="encryption"> + <ds:KeyInfo> + <ds:KeyName>appserver</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=appserver</ds:X509SubjectName> + <ds:X509Certificate>MIID7TCCAlWgAwIBAgIURDJZJytqktifIw5CDDEwCMzGxaswDQYJKoZIhvcNAQEL +BQAwFDESMBAGA1UEAxMJYXBwc2VydmVyMB4XDTE5MTEyMDEzMDcyOFoXDTI5MTEx +NzEzMDcyOFowFDESMBAGA1UEAxMJYXBwc2VydmVyMIIBojANBgkqhkiG9w0BAQEF +AAOCAY8AMIIBigKCAYEAvP25vb4JGRhMImygmYzbwAztxHue3bPGnh8eioM21XjK +i3tbAfU5O4Xqve8pxznujmQCLFbT3v+gIv7D+5xFPOrMIDbFxqQ4+E8Xa7nR0rbV +8LXpw/GthAAfEBj82TQmnrUEnDsL11ItBu2aOt5RYMY9sau9s63w61qjSvchFw3w +lN7a2AZK59zSIbfMP3bXFRRqSkjJjKL+unCAd+g9Vulq8n/QUFuleWmhgjI2CAnF +Q8OoxblCjJDNdWN5DtBafdoJ//OHEIdpWGzsvmI2/GEDGUeizU597enqr2bHp5HS +ZVV5bkoBb7ynGxWZiS6dsdz1ge02mVTssZhqvn48fl4S9slq775dIKzL/xNXwhRj +Z7Uky5vFOe+C4MJeX2/k5Ct+kSFN/NA8F1264d/jfJ5ZCvVj9gEsZy/TnhhffYmb +7G3pvV7S5hIZ58Cd9Ud+yGynsm1CkhIfquZidjst2RZl4wsdT0JYE9AoXoW8v3k4 +wgN9I01ilnrV916Hx/pJAgMBAAGjNzA1MBQGA1UdEQQNMAuCCWFwcHNlcnZlcjAd +BgNVHQ4EFgQUJtckvwdZPPjLNhpwYHxKTPmAQ3wwDQYJKoZIhvcNAQELBQADggGB +ACDm7T2XCppBQMmgZjZ+fXGHTuMsyYs2FRsM5gcR/DRJhsQc2zAq8nP6S0ZKhcOU +vUN25FXr5wILbJT98qXJtRgOmkf/Xk7o/qxUbt1suV8lQCZp2ih1MWKLBFA65i/c +y5sdM64T0WGCPxHOnWXegJHFpUpWxVnrwjSyOljqsqHt9TxJ0eF5f1UfzlAAnGqA +g3zwvM+zgoxT/1Ezbaf/AkcIXdbmgD2pRmASqLK/Giy8L2VKnkmzKQEg45VBv05W +FbqFY7JTeEUbcSALxjg0ZiM2ND//0tXWYJ2FeRNKhpaqwaRIgsl9lxhHBVey5kdw +RHbgTh9i5u8xWs7/B3Wnq75OOatbi4EP8n3D5m6IvLAyrPvq9V0SZLB+lQB1ODHK +c3u3xkHMpsbsKqM5xcHgnS4mgYYZFnnMvIQv+yr5Xod2wFiYB03cx7u5dZcGoPn+ +QLQvaIDlNzAaUbb6A5rzTn8r7IFTTE0uD4HZKuSsL598AH0u2uR9FPDMwQpokWSp +uA== +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> + </md:KeyDescriptor> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ams.ki.se/Shibboleth.sso/Artifact/SOAP" index="1"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ams.ki.se/Shibboleth.sso/SLO/SOAP"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://ams.ki.se/Shibboleth.sso/SLO/Redirect"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ams.ki.se/Shibboleth.sso/SLO/POST"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ams.ki.se/Shibboleth.sso/SLO/Artifact"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ams.ki.se/Shibboleth.sso/SAML2/POST" index="1"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ams.ki.se/Shibboleth.sso/SAML2/Artifact" index="3"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://ams.ki.se/Shibboleth.sso/SAML2/ECP" index="4"/> + </md:SPSSODescriptor> + <md:ContactPerson contactType="technical"> + <md:EmailAddress>mailto:technicalsupport@a-tune.com</md:EmailAddress> + </md:ContactPerson> +</md:EntityDescriptor> |