diff options
Diffstat (limited to 'swamid-2.0')
31 files changed, 1973 insertions, 374 deletions
diff --git a/swamid-2.0/adfs.rkh.se-adfs-services-trust.xml b/swamid-2.0/adfs.rkh.se-adfs-services-trust.xml index ff9e0603..8c8992cf 100644 --- a/swamid-2.0/adfs.rkh.se-adfs-services-trust.xml +++ b/swamid-2.0/adfs.rkh.se-adfs-services-trust.xml @@ -611,6 +611,8 @@ <mdui:DisplayName xml:lang="en">Röda Korsets Högskola</mdui:DisplayName> <mdui:Description xml:lang="sv">ADFS Röda Korsets Högskola</mdui:Description> <mdui:Description xml:lang="en">ADFS Röda Korsets Högskola</mdui:Description> + <mdui:Logo xml:lang="sv" height="80" width="80">https://dw.rkh.se/Logo.png</mdui:Logo> + <mdui:Logo xml:lang="en" height="80" width="80">https://dw.rkh.se/Logo.png</mdui:Logo> </mdui:UIInfo> </Extensions> <KeyDescriptor use="encryption"> diff --git a/swamid-2.0/adfs.tad.hv.se-adfs-services-trust.xml b/swamid-2.0/adfs.tad.hv.se-adfs-services-trust.xml new file mode 100644 index 00000000..fbe8d40b --- /dev/null +++ b/swamid-2.0/adfs.tad.hv.se-adfs-services-trust.xml @@ -0,0 +1,709 @@ +<?xml version="1.0" encoding="UTF-8"?> +<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="http://adfs.tad.hv.se/adfs/services/trust"> + <RoleDescriptor xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ServiceDisplayName="University West" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:ApplicationServiceType"> + <KeyDescriptor use="encryption"> + <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> + <X509Data> + <X509Certificate>MIIC3jCCAcagAwIBAgIQJUPVHNhj+JtCSmkUzj+l+TANBgkqhkiG9w0BAQsFADArMSkwJwYDVQQDEyBBREZTIEVuY3J5cHRpb24gLSBhZGZzLnRhZC5odi5zZTAeFw0xNTEyMDIxMzUwMDNaFw0yMDEyMDIxMzUwMDNaMCsxKTAnBgNVBAMTIEFERlMgRW5jcnlwdGlvbiAtIGFkZnMudGFkLmh2LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseBegVuR4rWwDh+u/358+9uUCp3D4ByUTlu8pAXGkwjMmgid/VnWoWbezvTMD4j7v/lRFP+HbotD4WNNvHjtIJ1klI07GqINL+Sh+muuPVmARumB4yISRJyCrAg0Y9BUP4U10uTK4pUciqtOy3WWOGmcnNH3oeMz9mkyzbn+l30aKFgubeCZk5ni7VRCWTW7pHs+n4laMYBgBWIOUamgfn1jbpi8j4MUA3Vt/Z3IW5UPp8tXuCM3cw5peQydvw0NYynk+lAhNyWupPQ/ckGS33AZZor3eYMnqgrz/h5QpMstpkpb5LGGoXlbS5CezjVqlRdLw/fuiW8IL0uj15hU6QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAxz/0OiyG4GIHQjflw8fIXeZ6ciuKEC1gEwA4dyFnxNv/+F7hKD8l1aQwVVrYIjzUw1QjwlDsqXwEcxzFAE4xjcO7Luf0HpD3eR0edM4iDmR4yQPro0c7iguueaUWwpAL4Wxop+FsY8YLoz31qynXCQhZiEm45mwt73AzjW58rIyvLv52BgS5W1rw+3n4yjjxGXcNTcjXqTXNKKjGj/Q421hhTdqqlNQXNILZaeXi/qnI+8NE4Bfxo2NVMFUGN44CrcGqMXmgkpvmenwCCJ3uMiX1FLcfRiR49RcrtvnpcLh7z8u2ixbPDBzeXMv4qJddc4W6My6+nfSmtv3jYgijK</X509Certificate> + </X509Data> + </KeyInfo> + </KeyDescriptor> + <fed:ClaimTypesRequested> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"> + <auth:DisplayName>E-Mail Address</auth:DisplayName> + <auth:Description>The e-mail address of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"> + <auth:DisplayName>Given Name</auth:DisplayName> + <auth:Description>The given name of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"> + <auth:DisplayName>Name</auth:DisplayName> + <auth:Description>The unique name of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn"> + <auth:DisplayName>UPN</auth:DisplayName> + <auth:Description>The user principal name (UPN) of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/CommonName"> + <auth:DisplayName>Common Name</auth:DisplayName> + <auth:Description>The common name of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/EmailAddress"> + <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName> + <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/Group"> + <auth:DisplayName>Group</auth:DisplayName> + <auth:Description>A group that the user is a member of</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/UPN"> + <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName> + <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role"> + <auth:DisplayName>Role</auth:DisplayName> + <auth:Description>A role that the user has</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"> + <auth:DisplayName>Surname</auth:DisplayName> + <auth:Description>The surname of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier"> + <auth:DisplayName>PPID</auth:DisplayName> + <auth:Description>The private identifier of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier"> + <auth:DisplayName>Name ID</auth:DisplayName> + <auth:Description>The SAML name identifier of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant"> + <auth:DisplayName>Authentication time stamp</auth:DisplayName> + <auth:Description>Used to display the time and date that the user was authenticated</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod"> + <auth:DisplayName>Authentication method</auth:DisplayName> + <auth:Description>The method used to authenticate the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid"> + <auth:DisplayName>Deny only group SID</auth:DisplayName> + <auth:Description>The deny-only group SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid"> + <auth:DisplayName>Deny only primary SID</auth:DisplayName> + <auth:Description>The deny-only primary SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid"> + <auth:DisplayName>Deny only primary group SID</auth:DisplayName> + <auth:Description>The deny-only primary group SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid"> + <auth:DisplayName>Group SID</auth:DisplayName> + <auth:Description>The group SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid"> + <auth:DisplayName>Primary group SID</auth:DisplayName> + <auth:Description>The primary group SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid"> + <auth:DisplayName>Primary SID</auth:DisplayName> + <auth:Description>The primary SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname"> + <auth:DisplayName>Windows account name</auth:DisplayName> + <auth:Description>The domain account name of the user in the form of domain\user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser"> + <auth:DisplayName>Is Registered User</auth:DisplayName> + <auth:Description>User is registered to use this device</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier"> + <auth:DisplayName>Device Identifier</auth:DisplayName> + <auth:Description>Identifier of the device</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid"> + <auth:DisplayName>Device Registration Identifier</auth:DisplayName> + <auth:Description>Identifier for Device Registration</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname"> + <auth:DisplayName>Device Registration DisplayName</auth:DisplayName> + <auth:Description>Display name of Device Registration</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype"> + <auth:DisplayName>Device OS type</auth:DisplayName> + <auth:Description>OS type of the device</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion"> + <auth:DisplayName>Device OS Version</auth:DisplayName> + <auth:Description>OS version of the device</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged"> + <auth:DisplayName>Is Managed Device</auth:DisplayName> + <auth:Description>Device is managed by a management service</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip"> + <auth:DisplayName>Forwarded Client IP</auth:DisplayName> + <auth:Description>IP address of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application"> + <auth:DisplayName>Client Application</auth:DisplayName> + <auth:Description>Type of the Client Application</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent"> + <auth:DisplayName>Client User Agent</auth:DisplayName> + <auth:Description>Device type the client is using to access the application</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip"> + <auth:DisplayName>Client IP</auth:DisplayName> + <auth:Description>IP address of the client</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path"> + <auth:DisplayName>Endpoint Path</auth:DisplayName> + <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy"> + <auth:DisplayName>Proxy</auth:DisplayName> + <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid"> + <auth:DisplayName>Application Identifier</auth:DisplayName> + <auth:Description>Identifier for the Relying Party</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy"> + <auth:DisplayName>Application policies</auth:DisplayName> + <auth:Description>Application policies of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier"> + <auth:DisplayName>Authority Key Identifier</auth:DisplayName> + <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints"> + <auth:DisplayName>Basic Constraint</auth:DisplayName> + <auth:Description>One of the basic constraints of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku"> + <auth:DisplayName>Enhanced Key Usage</auth:DisplayName> + <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer"> + <auth:DisplayName>Issuer</auth:DisplayName> + <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername"> + <auth:DisplayName>Issuer Name</auth:DisplayName> + <auth:Description>The distinguished name of the certificate issuer</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage"> + <auth:DisplayName>Key Usage</auth:DisplayName> + <auth:Description>One of the key usages of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter"> + <auth:DisplayName>Not After</auth:DisplayName> + <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore"> + <auth:DisplayName>Not Before</auth:DisplayName> + <auth:Description>The date in local time on which a certificate becomes valid</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy"> + <auth:DisplayName>Certificate Policies</auth:DisplayName> + <auth:Description>The policies under which the certificate has been issued</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa"> + <auth:DisplayName>Public Key</auth:DisplayName> + <auth:Description>Public Key of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata"> + <auth:DisplayName>Certificate Raw Data</auth:DisplayName> + <auth:Description>The raw data of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san"> + <auth:DisplayName>Subject Alternative Name</auth:DisplayName> + <auth:Description>One of the alternative names of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber"> + <auth:DisplayName>Serial Number</auth:DisplayName> + <auth:Description>The serial number of a certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm"> + <auth:DisplayName>Signature Algorithm</auth:DisplayName> + <auth:Description>The algorithm used to create the signature of a certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject"> + <auth:DisplayName>Subject</auth:DisplayName> + <auth:Description>The subject from the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier"> + <auth:DisplayName>Subject Key Identifier</auth:DisplayName> + <auth:Description>Describes the subject key identifier of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname"> + <auth:DisplayName>Subject Name</auth:DisplayName> + <auth:Description>The subject distinguished name from a certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation"> + <auth:DisplayName>V2 Template Name</auth:DisplayName> + <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename"> + <auth:DisplayName>V1 Template Name</auth:DisplayName> + <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint"> + <auth:DisplayName>Thumbprint</auth:DisplayName> + <auth:Description>Thumbprint of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version"> + <auth:DisplayName>X.509 Version</auth:DisplayName> + <auth:Description>The X.509 format version of a certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork"> + <auth:DisplayName>Inside Corporate Network</auth:DisplayName> + <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime"> + <auth:DisplayName>Password Expiration Time</auth:DisplayName> + <auth:Description>Used to display the time when the password expires</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays"> + <auth:DisplayName>Password Expiration Days</auth:DisplayName> + <auth:Description>Used to display the number of days to password expiry</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl"> + <auth:DisplayName>Update Password URL</auth:DisplayName> + <auth:Description>Used to display the web address of update password service</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences"> + <auth:DisplayName>Authentication Methods References</auth:DisplayName> + <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id"> + <auth:DisplayName>Client Request ID</auth:DisplayName> + <auth:Description>Identifier for a user session</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2013/11/alternateloginid"> + <auth:DisplayName>Alternate Login ID</auth:DisplayName> + <auth:Description>Alternate login ID of the user</auth:Description> + </auth:ClaimType> + </fed:ClaimTypesRequested> + <fed:TargetScopes> + <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> + <Address>https://adfs.tad.hv.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address> + </EndpointReference> + <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> + <Address>https://adfs.tad.hv.se/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256</Address> + </EndpointReference> + <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> + <Address>https://adfs.tad.hv.se/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256</Address> + </EndpointReference> + <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> + <Address>https://adfs.tad.hv.se/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256</Address> + </EndpointReference> + <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> + <Address>https://adfs.tad.hv.se/adfs/ls/</Address> + </EndpointReference> + <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> + <Address>http://adfs.tad.hv.se/adfs/services/trust</Address> + </EndpointReference> + </fed:TargetScopes> + <fed:ApplicationServiceEndpoint> + <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> + <Address>https://adfs.tad.hv.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address> + </EndpointReference> + </fed:ApplicationServiceEndpoint> + <fed:PassiveRequestorEndpoint> + <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> + <Address>https://adfs.tad.hv.se/adfs/ls/</Address> + </EndpointReference> + </fed:PassiveRequestorEndpoint> + </RoleDescriptor> + <RoleDescriptor xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ServiceDisplayName="University West" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:SecurityTokenServiceType"> + <KeyDescriptor use="signing"> + <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> + <X509Data> + <X509Certificate>MIIC2DCCAcCgAwIBAgIQdJ+qhazgjLJDd3jeh9VkpzANBgkqhkiG9w0BAQsFADAoMSYwJAYDVQQDEx1BREZTIFNpZ25pbmcgLSBhZGZzLnRhZC5odi5zZTAeFw0xNTEyMDIxMzQ5NDhaFw0yMDEyMDIxMzQ5NDhaMCgxJjAkBgNVBAMTHUFERlMgU2lnbmluZyAtIGFkZnMudGFkLmh2LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvR12vhcEsB93mg6pgwyQxGhZqpS8aEcCzOQwXOApH28y6RlT0qE/mowxX0fOpdBYblbxOurih4vtwx1NTe5CrXsUrpzkHP/hsOAmMGrpC0N5ybOEUegJ/Hk6wTmt7wA7nSfcsMvTUsXQZvKA+xFhCA7AjSMpF8Vv7BeU2O1IZDELU4U7P5iBls1YuMsgdFJ2Eu5LHILhfGaqSi9xkL7loYYwH3iU8MZ52CbOJLEl9uG99E3njSPq3CJ4tWZj1OkBLYf3gBBgvW3tOyYrAJWq5d1LyAh05+PNQQAKTPKHaaV9iAtUgys6M1v5XCUi1rv0nCBwl0iNQuFIiXsegaG4UQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBratRK3aI/quHmQ5fEMOaySihHaQId/26Jq4RQH0yOOhzjsQ9DSGCwwYZOefgi5G7SzQw1m6PJ7WecqT9gRPPT+IPt+KO+dnWQUNgedOZzM5Z0HXSdIUX0h5pxxTbHqExqkj9CZzKHFbiQvZBld7VcJsZW9PB7bM8lg+NAeoGBNdJACx33M59jVa+vPd2pVT5STufgIHkLkDGCqedBEQMFmyAhidVHlJO2cgieqmTjCDiO38ZYdXbwarsYrs6uxmdqUMdRwT4IVkpgyqyeQh/tN+w3QolWu4PX1s76GSYLUKasyK6YZXZDBGlFZDbb0padi0Vasmmg+VvMhuKmRtIP</X509Certificate> + </X509Data> + </KeyInfo> + </KeyDescriptor> + <fed:TokenTypesOffered> + <fed:TokenType Uri="urn:oasis:names:tc:SAML:2.0:assertion"/> + <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion"/> + </fed:TokenTypesOffered> + <fed:ClaimTypesOffered> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"> + <auth:DisplayName>E-Mail Address</auth:DisplayName> + <auth:Description>The e-mail address of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"> + <auth:DisplayName>Given Name</auth:DisplayName> + <auth:Description>The given name of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"> + <auth:DisplayName>Name</auth:DisplayName> + <auth:Description>The unique name of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn"> + <auth:DisplayName>UPN</auth:DisplayName> + <auth:Description>The user principal name (UPN) of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/CommonName"> + <auth:DisplayName>Common Name</auth:DisplayName> + <auth:Description>The common name of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/EmailAddress"> + <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName> + <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/Group"> + <auth:DisplayName>Group</auth:DisplayName> + <auth:Description>A group that the user is a member of</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/UPN"> + <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName> + <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role"> + <auth:DisplayName>Role</auth:DisplayName> + <auth:Description>A role that the user has</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"> + <auth:DisplayName>Surname</auth:DisplayName> + <auth:Description>The surname of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier"> + <auth:DisplayName>PPID</auth:DisplayName> + <auth:Description>The private identifier of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier"> + <auth:DisplayName>Name ID</auth:DisplayName> + <auth:Description>The SAML name identifier of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant"> + <auth:DisplayName>Authentication time stamp</auth:DisplayName> + <auth:Description>Used to display the time and date that the user was authenticated</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod"> + <auth:DisplayName>Authentication method</auth:DisplayName> + <auth:Description>The method used to authenticate the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid"> + <auth:DisplayName>Deny only group SID</auth:DisplayName> + <auth:Description>The deny-only group SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid"> + <auth:DisplayName>Deny only primary SID</auth:DisplayName> + <auth:Description>The deny-only primary SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid"> + <auth:DisplayName>Deny only primary group SID</auth:DisplayName> + <auth:Description>The deny-only primary group SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid"> + <auth:DisplayName>Group SID</auth:DisplayName> + <auth:Description>The group SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid"> + <auth:DisplayName>Primary group SID</auth:DisplayName> + <auth:Description>The primary group SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid"> + <auth:DisplayName>Primary SID</auth:DisplayName> + <auth:Description>The primary SID of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname"> + <auth:DisplayName>Windows account name</auth:DisplayName> + <auth:Description>The domain account name of the user in the form of domain\user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser"> + <auth:DisplayName>Is Registered User</auth:DisplayName> + <auth:Description>User is registered to use this device</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier"> + <auth:DisplayName>Device Identifier</auth:DisplayName> + <auth:Description>Identifier of the device</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid"> + <auth:DisplayName>Device Registration Identifier</auth:DisplayName> + <auth:Description>Identifier for Device Registration</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname"> + <auth:DisplayName>Device Registration DisplayName</auth:DisplayName> + <auth:Description>Display name of Device Registration</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype"> + <auth:DisplayName>Device OS type</auth:DisplayName> + <auth:Description>OS type of the device</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion"> + <auth:DisplayName>Device OS Version</auth:DisplayName> + <auth:Description>OS version of the device</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged"> + <auth:DisplayName>Is Managed Device</auth:DisplayName> + <auth:Description>Device is managed by a management service</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip"> + <auth:DisplayName>Forwarded Client IP</auth:DisplayName> + <auth:Description>IP address of the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application"> + <auth:DisplayName>Client Application</auth:DisplayName> + <auth:Description>Type of the Client Application</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent"> + <auth:DisplayName>Client User Agent</auth:DisplayName> + <auth:Description>Device type the client is using to access the application</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip"> + <auth:DisplayName>Client IP</auth:DisplayName> + <auth:Description>IP address of the client</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path"> + <auth:DisplayName>Endpoint Path</auth:DisplayName> + <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy"> + <auth:DisplayName>Proxy</auth:DisplayName> + <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid"> + <auth:DisplayName>Application Identifier</auth:DisplayName> + <auth:Description>Identifier for the Relying Party</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy"> + <auth:DisplayName>Application policies</auth:DisplayName> + <auth:Description>Application policies of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier"> + <auth:DisplayName>Authority Key Identifier</auth:DisplayName> + <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints"> + <auth:DisplayName>Basic Constraint</auth:DisplayName> + <auth:Description>One of the basic constraints of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku"> + <auth:DisplayName>Enhanced Key Usage</auth:DisplayName> + <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer"> + <auth:DisplayName>Issuer</auth:DisplayName> + <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername"> + <auth:DisplayName>Issuer Name</auth:DisplayName> + <auth:Description>The distinguished name of the certificate issuer</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage"> + <auth:DisplayName>Key Usage</auth:DisplayName> + <auth:Description>One of the key usages of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter"> + <auth:DisplayName>Not After</auth:DisplayName> + <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore"> + <auth:DisplayName>Not Before</auth:DisplayName> + <auth:Description>The date in local time on which a certificate becomes valid</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy"> + <auth:DisplayName>Certificate Policies</auth:DisplayName> + <auth:Description>The policies under which the certificate has been issued</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa"> + <auth:DisplayName>Public Key</auth:DisplayName> + <auth:Description>Public Key of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata"> + <auth:DisplayName>Certificate Raw Data</auth:DisplayName> + <auth:Description>The raw data of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san"> + <auth:DisplayName>Subject Alternative Name</auth:DisplayName> + <auth:Description>One of the alternative names of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber"> + <auth:DisplayName>Serial Number</auth:DisplayName> + <auth:Description>The serial number of a certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm"> + <auth:DisplayName>Signature Algorithm</auth:DisplayName> + <auth:Description>The algorithm used to create the signature of a certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject"> + <auth:DisplayName>Subject</auth:DisplayName> + <auth:Description>The subject from the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier"> + <auth:DisplayName>Subject Key Identifier</auth:DisplayName> + <auth:Description>Describes the subject key identifier of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname"> + <auth:DisplayName>Subject Name</auth:DisplayName> + <auth:Description>The subject distinguished name from a certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation"> + <auth:DisplayName>V2 Template Name</auth:DisplayName> + <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename"> + <auth:DisplayName>V1 Template Name</auth:DisplayName> + <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint"> + <auth:DisplayName>Thumbprint</auth:DisplayName> + <auth:Description>Thumbprint of the certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version"> + <auth:DisplayName>X.509 Version</auth:DisplayName> + <auth:Description>The X.509 format version of a certificate</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork"> + <auth:DisplayName>Inside Corporate Network</auth:DisplayName> + <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime"> + <auth:DisplayName>Password Expiration Time</auth:DisplayName> + <auth:Description>Used to display the time when the password expires</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays"> + <auth:DisplayName>Password Expiration Days</auth:DisplayName> + <auth:Description>Used to display the number of days to password expiry</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl"> + <auth:DisplayName>Update Password URL</auth:DisplayName> + <auth:Description>Used to display the web address of update password service</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences"> + <auth:DisplayName>Authentication Methods References</auth:DisplayName> + <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id"> + <auth:DisplayName>Client Request ID</auth:DisplayName> + <auth:Description>Identifier for a user session</auth:Description> + </auth:ClaimType> + <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2013/11/alternateloginid"> + <auth:DisplayName>Alternate Login ID</auth:DisplayName> + <auth:Description>Alternate login ID of the user</auth:Description> + </auth:ClaimType> + </fed:ClaimTypesOffered> + <fed:SecurityTokenServiceEndpoint> + <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> + <Address>https://adfs.tad.hv.se/adfs/services/trust/2005/certificatemixed</Address> + <Metadata> + <Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> + <wsx:MetadataSection xmlns="" Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex"> + <wsx:MetadataReference> + <Address xmlns="http://www.w3.org/2005/08/addressing">https://adfs.tad.hv.se/adfs/services/trust/mex</Address> + </wsx:MetadataReference> + </wsx:MetadataSection> + </Metadata> + </Metadata> + </EndpointReference> + </fed:SecurityTokenServiceEndpoint> + <fed:PassiveRequestorEndpoint> + <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> + <Address>https://adfs.tad.hv.se/adfs/ls/</Address> + </EndpointReference> + </fed:PassiveRequestorEndpoint> + </RoleDescriptor> + <SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <KeyDescriptor use="encryption"> + <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> + <X509Data> + <X509Certificate>MIIC3jCCAcagAwIBAgIQJUPVHNhj+JtCSmkUzj+l+TANBgkqhkiG9w0BAQsFADArMSkwJwYDVQQDEyBBREZTIEVuY3J5cHRpb24gLSBhZGZzLnRhZC5odi5zZTAeFw0xNTEyMDIxMzUwMDNaFw0yMDEyMDIxMzUwMDNaMCsxKTAnBgNVBAMTIEFERlMgRW5jcnlwdGlvbiAtIGFkZnMudGFkLmh2LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseBegVuR4rWwDh+u/358+9uUCp3D4ByUTlu8pAXGkwjMmgid/VnWoWbezvTMD4j7v/lRFP+HbotD4WNNvHjtIJ1klI07GqINL+Sh+muuPVmARumB4yISRJyCrAg0Y9BUP4U10uTK4pUciqtOy3WWOGmcnNH3oeMz9mkyzbn+l30aKFgubeCZk5ni7VRCWTW7pHs+n4laMYBgBWIOUamgfn1jbpi8j4MUA3Vt/Z3IW5UPp8tXuCM3cw5peQydvw0NYynk+lAhNyWupPQ/ckGS33AZZor3eYMnqgrz/h5QpMstpkpb5LGGoXlbS5CezjVqlRdLw/fuiW8IL0uj15hU6QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAxz/0OiyG4GIHQjflw8fIXeZ6ciuKEC1gEwA4dyFnxNv/+F7hKD8l1aQwVVrYIjzUw1QjwlDsqXwEcxzFAE4xjcO7Luf0HpD3eR0edM4iDmR4yQPro0c7iguueaUWwpAL4Wxop+FsY8YLoz31qynXCQhZiEm45mwt73AzjW58rIyvLv52BgS5W1rw+3n4yjjxGXcNTcjXqTXNKKjGj/Q421hhTdqqlNQXNILZaeXi/qnI+8NE4Bfxo2NVMFUGN44CrcGqMXmgkpvmenwCCJ3uMiX1FLcfRiR49RcrtvnpcLh7z8u2ixbPDBzeXMv4qJddc4W6My6+nfSmtv3jYgijK</X509Certificate> + </X509Data> + </KeyInfo> + </KeyDescriptor> + <KeyDescriptor use="signing"> + <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> + <X509Data> + <X509Certificate>MIIC2DCCAcCgAwIBAgIQdJ+qhazgjLJDd3jeh9VkpzANBgkqhkiG9w0BAQsFADAoMSYwJAYDVQQDEx1BREZTIFNpZ25pbmcgLSBhZGZzLnRhZC5odi5zZTAeFw0xNTEyMDIxMzQ5NDhaFw0yMDEyMDIxMzQ5NDhaMCgxJjAkBgNVBAMTHUFERlMgU2lnbmluZyAtIGFkZnMudGFkLmh2LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvR12vhcEsB93mg6pgwyQxGhZqpS8aEcCzOQwXOApH28y6RlT0qE/mowxX0fOpdBYblbxOurih4vtwx1NTe5CrXsUrpzkHP/hsOAmMGrpC0N5ybOEUegJ/Hk6wTmt7wA7nSfcsMvTUsXQZvKA+xFhCA7AjSMpF8Vv7BeU2O1IZDELU4U7P5iBls1YuMsgdFJ2Eu5LHILhfGaqSi9xkL7loYYwH3iU8MZ52CbOJLEl9uG99E3njSPq3CJ4tWZj1OkBLYf3gBBgvW3tOyYrAJWq5d1LyAh05+PNQQAKTPKHaaV9iAtUgys6M1v5XCUi1rv0nCBwl0iNQuFIiXsegaG4UQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBratRK3aI/quHmQ5fEMOaySihHaQId/26Jq4RQH0yOOhzjsQ9DSGCwwYZOefgi5G7SzQw1m6PJ7WecqT9gRPPT+IPt+KO+dnWQUNgedOZzM5Z0HXSdIUX0h5pxxTbHqExqkj9CZzKHFbiQvZBld7VcJsZW9PB7bM8lg+NAeoGBNdJACx33M59jVa+vPd2pVT5STufgIHkLkDGCqedBEQMFmyAhidVHlJO2cgieqmTjCDiO38ZYdXbwarsYrs6uxmdqUMdRwT4IVkpgyqyeQh/tN+w3QolWu4PX1s76GSYLUKasyK6YZXZDBGlFZDbb0padi0Vasmmg+VvMhuKmRtIP</X509Certificate> + </X509Data> + </KeyInfo> + </KeyDescriptor> + <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs.tad.hv.se/adfs/ls/"/> + <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs.tad.hv.se/adfs/ls/"/> + <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> + <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs.tad.hv.se/adfs/ls/" index="0" isDefault="true"/> + <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://adfs.tad.hv.se/adfs/ls/" index="1"/> + <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs.tad.hv.se/adfs/ls/" index="2"/> + </SPSSODescriptor> + <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <Extensions> + <shibmd:Scope regexp="false">contoso.com</shibmd:Scope> + </Extensions> + <KeyDescriptor use="encryption"> + <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> + <X509Data> + <X509Certificate>MIIC3jCCAcagAwIBAgIQJUPVHNhj+JtCSmkUzj+l+TANBgkqhkiG9w0BAQsFADArMSkwJwYDVQQDEyBBREZTIEVuY3J5cHRpb24gLSBhZGZzLnRhZC5odi5zZTAeFw0xNTEyMDIxMzUwMDNaFw0yMDEyMDIxMzUwMDNaMCsxKTAnBgNVBAMTIEFERlMgRW5jcnlwdGlvbiAtIGFkZnMudGFkLmh2LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseBegVuR4rWwDh+u/358+9uUCp3D4ByUTlu8pAXGkwjMmgid/VnWoWbezvTMD4j7v/lRFP+HbotD4WNNvHjtIJ1klI07GqINL+Sh+muuPVmARumB4yISRJyCrAg0Y9BUP4U10uTK4pUciqtOy3WWOGmcnNH3oeMz9mkyzbn+l30aKFgubeCZk5ni7VRCWTW7pHs+n4laMYBgBWIOUamgfn1jbpi8j4MUA3Vt/Z3IW5UPp8tXuCM3cw5peQydvw0NYynk+lAhNyWupPQ/ckGS33AZZor3eYMnqgrz/h5QpMstpkpb5LGGoXlbS5CezjVqlRdLw/fuiW8IL0uj15hU6QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAxz/0OiyG4GIHQjflw8fIXeZ6ciuKEC1gEwA4dyFnxNv/+F7hKD8l1aQwVVrYIjzUw1QjwlDsqXwEcxzFAE4xjcO7Luf0HpD3eR0edM4iDmR4yQPro0c7iguueaUWwpAL4Wxop+FsY8YLoz31qynXCQhZiEm45mwt73AzjW58rIyvLv52BgS5W1rw+3n4yjjxGXcNTcjXqTXNKKjGj/Q421hhTdqqlNQXNILZaeXi/qnI+8NE4Bfxo2NVMFUGN44CrcGqMXmgkpvmenwCCJ3uMiX1FLcfRiR49RcrtvnpcLh7z8u2ixbPDBzeXMv4qJddc4W6My6+nfSmtv3jYgijK</X509Certificate> + </X509Data> + </KeyInfo> + </KeyDescriptor> + <KeyDescriptor use="signing"> + <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> + <X509Data> + <X509Certificate>MIIC2DCCAcCgAwIBAgIQdJ+qhazgjLJDd3jeh9VkpzANBgkqhkiG9w0BAQsFADAoMSYwJAYDVQQDEx1BREZTIFNpZ25pbmcgLSBhZGZzLnRhZC5odi5zZTAeFw0xNTEyMDIxMzQ5NDhaFw0yMDEyMDIxMzQ5NDhaMCgxJjAkBgNVBAMTHUFERlMgU2lnbmluZyAtIGFkZnMudGFkLmh2LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvR12vhcEsB93mg6pgwyQxGhZqpS8aEcCzOQwXOApH28y6RlT0qE/mowxX0fOpdBYblbxOurih4vtwx1NTe5CrXsUrpzkHP/hsOAmMGrpC0N5ybOEUegJ/Hk6wTmt7wA7nSfcsMvTUsXQZvKA+xFhCA7AjSMpF8Vv7BeU2O1IZDELU4U7P5iBls1YuMsgdFJ2Eu5LHILhfGaqSi9xkL7loYYwH3iU8MZ52CbOJLEl9uG99E3njSPq3CJ4tWZj1OkBLYf3gBBgvW3tOyYrAJWq5d1LyAh05+PNQQAKTPKHaaV9iAtUgys6M1v5XCUi1rv0nCBwl0iNQuFIiXsegaG4UQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBratRK3aI/quHmQ5fEMOaySihHaQId/26Jq4RQH0yOOhzjsQ9DSGCwwYZOefgi5G7SzQw1m6PJ7WecqT9gRPPT+IPt+KO+dnWQUNgedOZzM5Z0HXSdIUX0h5pxxTbHqExqkj9CZzKHFbiQvZBld7VcJsZW9PB7bM8lg+NAeoGBNdJACx33M59jVa+vPd2pVT5STufgIHkLkDGCqedBEQMFmyAhidVHlJO2cgieqmTjCDiO38ZYdXbwarsYrs6uxmdqUMdRwT4IVkpgyqyeQh/tN+w3QolWu4PX1s76GSYLUKasyK6YZXZDBGlFZDbb0padi0Vasmmg+VvMhuKmRtIP</X509Certificate> + </X509Data> + </KeyInfo> + </KeyDescriptor> + <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs.tad.hv.se/adfs/ls/"/> + <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs.tad.hv.se/adfs/ls/"/> + <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> + <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs.tad.hv.se/adfs/ls/"/> + <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs.tad.hv.se/adfs/ls/"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="E-Mail Address" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Given Name" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Name" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="UPN" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Common Name" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="AD FS 1.x E-Mail Address" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Group" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="AD FS 1.x UPN" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Role" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Surname" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="PPID" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Name ID" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Authentication time stamp" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Authentication method" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Deny only group SID" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Deny only primary SID" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Deny only primary group SID" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Group SID" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Primary group SID" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Primary SID" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Windows account name" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Is Registered User" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Device Identifier" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Device Registration Identifier" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Device Registration DisplayName" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Device OS type" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Device OS Version" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Is Managed Device" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Forwarded Client IP" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Client Application" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Client User Agent" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Client IP" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Endpoint Path" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Proxy" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Application Identifier" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Application policies" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Authority Key Identifier" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Basic Constraint" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Enhanced Key Usage" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Issuer" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Issuer Name" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Key Usage" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Not After" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Not Before" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Certificate Policies" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Public Key" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Certificate Raw Data" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Subject Alternative Name" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Serial Number" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Signature Algorithm" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Subject" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Subject Key Identifier" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Subject Name" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="V2 Template Name" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="V1 Template Name" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Thumbprint" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="X.509 Version" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Inside Corporate Network" Name="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Password Expiration Time" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Password Expiration Days" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Update Password URL" Name="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Authentication Methods References" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Client Request ID" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Alternate Login ID" Name="http://schemas.microsoft.com/ws/2013/11/alternateloginid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> + </IDPSSODescriptor> + <ContactPerson contactType="technical"> + <GivenName>Pär</GivenName> + <SurName>Lauridsen</SurName> + <EmailAddress>mailto:par.lauridsen@hv.se</EmailAddress> + </ContactPerson> +</EntityDescriptor> diff --git a/swamid-2.0/almagest.sai.kau.se.xml b/swamid-2.0/almagest.sai.kau.se.xml new file mode 100644 index 00000000..5e9ca9da --- /dev/null +++ b/swamid-2.0/almagest.sai.kau.se.xml @@ -0,0 +1,84 @@ +<?xml version="1.0" encoding="UTF-8"?> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://almagest.sai.kau.se"> + <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> + </md:Extensions> + <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <md:Extensions> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://almagest.sai.kau.se/Shibboleth.sso/logmein"/> + <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> + <mdui:DisplayName xml:lang="sv">Ladok 3 Tentamensadministration (test)</mdui:DisplayName> + <mdui:DisplayName xml:lang="en">Ladok 3 Exam administration (test)</mdui:DisplayName> + <mdui:Description xml:lang="sv">Testserver för KAU tentaadministration</mdui:Description> + <mdui:Description xml:lang="en">Test server for KAU exam administration</mdui:Description> + </mdui:UIInfo> + </md:Extensions> + <md:KeyDescriptor> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:KeyName>almagest.sai.kau.se</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=almagest.sai.kau.se</ds:X509SubjectName> + <ds:X509Certificate>MIIEADCCAmigAwIBAgIJAIJw80ekmnweMA0GCSqGSIb3DQEBCwUAMB4xHDAaBgNV +BAMTE2FsbWFnZXN0LnNhaS5rYXUuc2UwHhcNMTcwOTEyMTI0ODI1WhcNMjcwOTEw +MTI0ODI1WjAeMRwwGgYDVQQDExNhbG1hZ2VzdC5zYWkua2F1LnNlMIIBojANBgkq +hkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA6pCbvO0v3y17dBIVDBXr80mJoeSyaEL5 +hD7RF5Awz1R7qveTWq47BPK5xEf/M5UgpvlA8LBif9+0LlXaU2H5+UPZ1R3PY0nj +lOhDPBxJotvDaIk669OCVCbCE9q8KPunsqW17BojbXlGEsmiMvcAMToqsqwBnR5R ++UnCFnERTBkbhsAaoz9QfI7+ogKGLXfIyAaR5r+KmKtCJT3edA79mLfEjf4TE3N2 +Xv5ZChPpPYdMQtY6k+zXeyPhT6jJXrze9cUgP+jAbd1hsfOweIFdpLqwHuwrg++Q +z0QuTVMyzzZHXiLMyW/dlv1QPVXYo/4TzZQYx0C+Uj1O6gTiDdu0PAKlKazLnk5D +fS843VduBzmxmXKidE55i+VFszhtxb2wQGmCwN0RkJyY7kNlb4cqXNN9W7oIKf4E +D1EcnPpBy/blZQbXFa/p5ZqQkPiusF/mVhaQ+whnrG/PJMjTEQFVjwPyWltnwsy/ +N6y4Ok2Xgfuc/p9/8kKv6PIobhkn2k+bAgMBAAGjQTA/MB4GA1UdEQQXMBWCE2Fs +bWFnZXN0LnNhaS5rYXUuc2UwHQYDVR0OBBYEFImySCBztzWJ6xn4DgKyfQMS8GwX +MA0GCSqGSIb3DQEBCwUAA4IBgQCBBUPYJ01vp4hg04C3gP/zI3WC2hf8wO04hfhY +j42D6HZMfO2Ff5pCu1SHSML2h4DPyqURCHPXnIFxyFX4H5+kLrrwhz2iBSWBLQQo +yYdJEsfmj7kpduA97bZixeNnNi+Q/gQlAzYWJLCD/lD/5cgfWuNYZ9I2NMS0sTLr +dqYvYFWCtY6Xjl55pfLAgpu57bq+qBAT8q6Bi8jiR8FucCXH0znh14oaur5wpUed +rwKMj83OC3FVYmtHk3CbXBAgK434JKJvFG6vtQL+nKJea0J32u8KpHiLr8bZuQzZ +LygQy0HnwfhBnu4hIZThvVKDymOTV3cLIo4VMM6Z4H3JfuPvgIv8sP5IpPxmWmrJ +x8Qnqt1XgUzpwhobgxu7v9B7jPzJ8ootI5+W+OCQiz6ZOijTflcCXh6k4uBueows +69OPSLV5lYMw97bmq43/DuRWWYZQqgNH5aQ/CoXHW/ilyFV432sNaCbDheTaR6c3 +wGwCM8JWEBn/5y8d2MEoE88o20w= +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> + </md:KeyDescriptor> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://almagest.sai.kau.se/Shibboleth.sso/Artifact/SOAP" index="1"/> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://almagest.sai.kau.se/Shibboleth.sso/Artifact/SOAP" index="2"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://almagest.sai.kau.se/Shibboleth.sso/SLO/SOAP"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://almagest.sai.kau.se/Shibboleth.sso/SLO/Redirect"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://almagest.sai.kau.se/Shibboleth.sso/SLO/POST"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://almagest.sai.kau.se/Shibboleth.sso/SLO/Artifact"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://almagest.sai.kau.se/Shibboleth.sso/SAML2/POST" index="1"/> + </md:SPSSODescriptor> + <md:ContactPerson contactType="technical"> + <md:GivenName>Andreas</md:GivenName> + <md:SurName>Persenius</md:SurName> + <md:EmailAddress>mailto:andreas.persenius@kau.se</md:EmailAddress> + </md:ContactPerson> +</md:EntityDescriptor> diff --git a/swamid-2.0/cloudmore.com-shibboleth.xml b/swamid-2.0/cloudmore.com-shibboleth.xml new file mode 100644 index 00000000..8d032f49 --- /dev/null +++ b/swamid-2.0/cloudmore.com-shibboleth.xml @@ -0,0 +1,94 @@ +<?xml version="1.0" encoding="UTF-8"?> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://cloudmore.com/shibboleth"> + <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> + </md:Extensions> + <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol"> + <md:Extensions> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://cloudmore.com/Shibboleth.sso/Login"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://cloudmore.com/Shibboleth.sso/Login" index="1"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://cloudmore.com/Shibboleth.sso/Login" index="2"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://cloudmore.com/Shibboleth.sso/Login" index="3"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://cloudmore.com/Shibboleth.sso/Login" index="4"/> + <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> + <mdui:DisplayName xml:lang="en">Cloudmore</mdui:DisplayName> + <mdui:Description xml:lang="en">Cloud Brokerage Platform for IT, Business and Public Sector</mdui:Description> + <mdui:InformationURL xml:lang="en">http://web.cloudmore.com/</mdui:InformationURL> + <mdui:Logo height="300" width="300">https://cloudmore.com/Files/Uploads/Shibboleth/Cloudmore-green-icon.png</mdui:Logo> + </mdui:UIInfo> + </md:Extensions> + <md:KeyDescriptor> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:KeyName>stoprvfe01.domain01.net</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=stoprvfe01.domain01.net</ds:X509SubjectName> + <ds:X509Certificate>MIIEDDCCAnSgAwIBAgIJAJOLmVdtpocoMA0GCSqGSIb3DQEBCwUAMCIxIDAeBgNV +BAMTF3N0b3BydmZlMDEuZG9tYWluMDEubmV0MB4XDTE3MDkwNTE5MDYyN1oXDTI3 +MDkwMzE5MDYyN1owIjEgMB4GA1UEAxMXc3RvcHJ2ZmUwMS5kb21haW4wMS5uZXQw +ggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQC4YLswQuTzT9JcYWFe8PFZ +oR/liIkoELde+7fJquGIUps2PflaSFcb8qf8LFik8OqB/WI3d1+ORN6S7TDrXbUN +S+TNz4ngmc+qw3FQrHooleAgciPUpvA68g7qHGEjqqC4MggOWf31da7ICgpl+j8L +rCdGWk0ea4rgH9KT9iercYdJfk41dS6VkwT2ARQVignuDMkqOV9BlR3fEyKFz7VL +Kc+zYz0vtcSMIx85BffZ24oMbETeJkRCFUMqGkagsf/KKeTVRCbEnOosWYsac/Lj +xQxFD+aKaKP5z6Wvd9EDKAa5egS5m556z58LUiUXT4QcRqc43OTcoI1OefeQT+B7 +0chHWZRXGzZWxNsDgbjUhBLcELh1H9ehc99TaNIXeIyYJgfZp2zXAsE8UGUqpL5p +JI+OG/7au2kVipcQqbiMxYm+FhyLqzgRhNQrP4wXPee9Psyvy0ylIwveUY83uwBV +EsAiyg6LD3KnYC4sZlr80GJ4l1Cp+4Q0101q6WeZRjMCAwEAAaNFMEMwIgYDVR0R +BBswGYIXc3RvcHJ2ZmUwMS5kb21haW4wMS5uZXQwHQYDVR0OBBYEFHzZ8nn/1Zj8 +kxrK0kLw3RlA/t9hMA0GCSqGSIb3DQEBCwUAA4IBgQCAOrmhhFLsfqYx6K+wKt7I +HCqbsB0bhM8pccqWmUaUWP1WlRJOupIpOmP5FvIgvVtXsuEzUKd1voPF4DMfzaV6 +ACU6DxLf0lZ/3NrwM9ipVEE/zpXMHvBTn5802wcOIIm7hF+If83QM79ogex6b7gW +oLhWfu1yz+2La4twB+6zkcz9THgkgSn0UtUNwd0HzyyHZ3SZuOMCGUIuyz+19c1n ++KX6CjsXpMcJ4Oc1HsbtCKNkvEwNudxeiXWSWzj5MQHMcALE/ybOiQ/NMmj5SUzt +oySXpA6JvX5PwGbuyuy1j4u6gwunYWXWzA0/bEyYADM47ZfNhzD+52b3sVaM1ROB +TFv0Jq/k9XzQGKyrxphatYKLFZZ92DBDrtnwE3YsIXYc8qzWV7fDbSdvJe6eRBJV +nnp6KW+OGs5W4irV/BM+AE0LMh7hb4xWfN1xO8Z2nrgAWHNJUkFw74FkEa94t9Y4 +KG+MY9n4aaqecV40ScxWptqZOJPVWBH4Yh1BocVylDM= +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> + </md:KeyDescriptor> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://cloudmore.com/Shibboleth.sso/Artifact/SOAP" index="1"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://cloudmore.com/Shibboleth.sso/SLO/SOAP"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://cloudmore.com/Shibboleth.sso/SLO/Redirect"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://cloudmore.com/Shibboleth.sso/SLO/POST"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://cloudmore.com/Shibboleth.sso/SLO/Artifact"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://cloudmore.com/Shibboleth.sso/SAML2/POST" index="1"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://cloudmore.com/Shibboleth.sso/SAML2/Artifact" index="3"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://cloudmore.com/Shibboleth.sso/SAML2/ECP" index="4"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cloudmore.com/Shibboleth.sso/SAML/POST" index="5"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://cloudmore.com/Shibboleth.sso/SAML/Artifact" index="6"/> + </md:SPSSODescriptor> + <md:Organization> + <md:OrganizationName xml:lang="en">Cloudmore AB</md:OrganizationName> + <md:OrganizationDisplayName xml:lang="en">Cloudmore</md:OrganizationDisplayName> + <md:OrganizationURL xml:lang="en">http://www.cloudmore.com/</md:OrganizationURL> + </md:Organization> + <md:ContactPerson contactType="technical"> + <md:EmailAddress>mailto:support@cloudmore.com</md:EmailAddress> + </md:ContactPerson> +</md:EntityDescriptor> diff --git a/swamid-2.0/connect2.sunet.se-shibboleth.sso-metadata.xml b/swamid-2.0/connect2.sunet.se-shibboleth.sso-metadata.xml new file mode 100644 index 00000000..b3a8c0c7 --- /dev/null +++ b/swamid-2.0/connect2.sunet.se-shibboleth.sso-metadata.xml @@ -0,0 +1,104 @@ +<?xml version="1.0" encoding="UTF-8"?> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://connect2.sunet.se/shibboleth"> + <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> + <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> + <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category"> + <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue> + <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue> + </samla:Attribute> + </mdattr:EntityAttributes> + </md:Extensions> + <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <md:Extensions> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect2.sunet.se/Shibboleth.sso/DS/nordu.net"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect2.sunet.se/Shibboleth.sso/DS/nordu.net" index="1"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect2.sunet.se/Shibboleth.sso/DS/nordu.net"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect2.sunet.se/Shibboleth.sso/DS/nordu.net" index="2"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect2.sunet.se/Shibboleth.sso/DS/ds.sunet.se"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect2.sunet.se/Shibboleth.sso/DS/ds.sunet.se" index="3"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect2.sunet.se/Shibboleth.sso/DS/kalmar2"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect2.sunet.se/Shibboleth.sso/DS/kalmar2" index="4"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect2.sunet.se/Shibboleth.sso/Login/feide"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect2.sunet.se/Shibboleth.sso/DS/haka.funet.fi"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect2.sunet.se/Shibboleth.sso/DS/haka.funet.fi" index="5"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect2.sunet.se/Shibboleth.sso/Login/idp.funet.fi"/> + <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> + <mdui:DisplayName xml:lang="en">SUNET E-Meeting Service Backup</mdui:DisplayName> + <mdui:DisplayName xml:lang="sv">SUNET E-mötestjänsten backup miljö</mdui:DisplayName> + <mdui:Description xml:lang="sv">SUNET Connect gör det lätt och enkelt att anordna möten, utbildningar och seminarier som alla kan delta på – oavsett var de befinner sig.</mdui:Description> + <mdui:Description xml:lang="en">SUNET Connect makes it easy and simple to organize meetings, seminars and seminars that everyone can attend - no matter where they are.</mdui:Description> + <mdui:InformationURL xml:lang="sv">https://www.sunet.se/tjanster/connect/</mdui:InformationURL> + </mdui:UIInfo> + </md:Extensions> + <md:KeyDescriptor> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:KeyName>connect2.sunet.se</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>emailAddress=noc@sunet.se,CN=connect2.sunet.se,O=SUNET,C=SE</ds:X509SubjectName> + <ds:X509Certificate>MIID6TCCAtGgAwIBAgIJAK50Oh3eerEmMA0GCSqGSIb3DQEBCwUAMFYxCzAJBgNV +BAYTAlNFMQ4wDAYDVQQKEwVTVU5FVDEaMBgGA1UEAxMRY29ubmVjdDIuc3VuZXQu +c2UxGzAZBgkqhkiG9w0BCQEWDG5vY0BzdW5ldC5zZTAeFw0xNzA5MTQwNzM0MTJa +Fw0yNzA5MTIwNzM0MTJaMFYxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKEwVTVU5FVDEa +MBgGA1UEAxMRY29ubmVjdDIuc3VuZXQuc2UxGzAZBgkqhkiG9w0BCQEWDG5vY0Bz +dW5ldC5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALGOBdrkCk6M +/8F0rfyluEdbiq9J5Sqviai0k5ePZWbm0L04am1A/nUOTa4tMZXZx9450wrNtpwP +IVaFF3kjh0bOwUpfSvcdKhmFWc9jAJHKnTh2PxLVe2qrNeZn79TZHV1BfKjU+SZ8 +lHjjoOlgzj9NjAnhccXSAlOTKgYRhcHh/0iDG5p6LHnqnYMgmGNrkwlg0lgF6TxE +lraukHvqlWWuGZfLLfc8bOiapr7h4HlQtuYhCemhsvpFTelP7NbCklVBNwN3DpKc +2IZCESDQ6NIZU9nQxKG255BeKonT+z9IuxURaDJ1j1nolwrqbFUbAiRJcnmqWowA +oLSCp2FWm7kCAwEAAaOBuTCBtjAdBgNVHQ4EFgQUM5kSqLgiJ88bSHRs6RcT8Oev +8A8wgYYGA1UdIwR/MH2AFDOZEqi4IifPG0h0bOkXE/Dnr/APoVqkWDBWMQswCQYD +VQQGEwJTRTEOMAwGA1UEChMFU1VORVQxGjAYBgNVBAMTEWNvbm5lY3QyLnN1bmV0 +LnNlMRswGQYJKoZIhvcNAQkBFgxub2NAc3VuZXQuc2WCCQCudDod3nqxJjAMBgNV +HRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCny18oBRCXcfkcHfgxWM5mbJtP +6wCjpj4FTQPivBgZcW3WxuuKjmJSoqKqzKWzddQMZthpkdS6On0xGIn5wZLXTKtq +M9StIFEwE4qkuYRKwgsjn9SRMuXkpbOav0rYgyxx1L3FsvKR8rqzBPUp3cDoTQec +haSm8KdbCE0y705k7q6gf6NPltNOoXUcx3z65ITzdGu1iMFeUnc6gUM0xLLUjRxe +WjepeAfFouWXq1BM0IoQcZFNRJ4Dr82fJHt6PsVEKidDo7L8vfSRc+8gOp+K41m5 +6U9JHVDpNeVG7He/lbg1qYnbULEcCpZlKEzjYsOvW49ocXobMr/UcL4hpCD9 +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> + </md:KeyDescriptor> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://connect2.sunet.se/Shibboleth.sso/Artifact/SOAP" index="1"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://connect2.sunet.se/Shibboleth.sso/SLO/SOAP"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://connect2.sunet.se/Shibboleth.sso/SLO/Redirect"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://connect2.sunet.se/Shibboleth.sso/SLO/POST"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://connect2.sunet.se/Shibboleth.sso/SLO/Artifact"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://connect2.sunet.se/Shibboleth.sso/SAML2/POST" index="1"/> + </md:SPSSODescriptor> + <md:Organization> + <md:OrganizationName xml:lang="en">NORDUnet</md:OrganizationName> + <md:OrganizationDisplayName xml:lang="en">NORDUnet A/S</md:OrganizationDisplayName> + <md:OrganizationURL xml:lang="en">http://www.nordu.net</md:OrganizationURL> + </md:Organization> + <md:ContactPerson contactType="technical"> + <md:Company>NORDUnet NOC</md:Company> + <md:EmailAddress>mailto:noc@nordu.net</md:EmailAddress> + </md:ContactPerson> +</md:EntityDescriptor> diff --git a/swamid-2.0/dev.cloudmore.com-shibboleth.xml b/swamid-2.0/dev.cloudmore.com-shibboleth.xml new file mode 100644 index 00000000..46f05471 --- /dev/null +++ b/swamid-2.0/dev.cloudmore.com-shibboleth.xml @@ -0,0 +1,91 @@ +<?xml version="1.0" encoding="UTF-8"?> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://dev.cloudmore.com/shibboleth"> + <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> + </md:Extensions> + <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol"> + <md:Extensions> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://dev.cloudmore.com/Shibboleth.sso/Login"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://dev.cloudmore.com/Shibboleth.sso/Login" index="1"/> + <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> + <mdui:DisplayName xml:lang="en">Cloudmore</mdui:DisplayName> + <mdui:Description xml:lang="en">Cloud Brokerage Platform for IT, Business and Public Sector</mdui:Description> + <mdui:InformationURL xml:lang="en">http://web.cloudmore.com/</mdui:InformationURL> + <mdui:Logo height="300" width="300">https://cloudmore.com/Files/Uploads/Shibboleth/Cloudmore-green-icon.png</mdui:Logo> + </mdui:UIInfo> + </md:Extensions> + <md:KeyDescriptor> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:KeyName>stoprvfe01.domain01.net</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=stoprvfe01.domain01.net</ds:X509SubjectName> + <ds:X509Certificate>MIIEDDCCAnSgAwIBAgIJAJOLmVdtpocoMA0GCSqGSIb3DQEBCwUAMCIxIDAeBgNV +BAMTF3N0b3BydmZlMDEuZG9tYWluMDEubmV0MB4XDTE3MDkwNTE5MDYyN1oXDTI3 +MDkwMzE5MDYyN1owIjEgMB4GA1UEAxMXc3RvcHJ2ZmUwMS5kb21haW4wMS5uZXQw +ggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQC4YLswQuTzT9JcYWFe8PFZ +oR/liIkoELde+7fJquGIUps2PflaSFcb8qf8LFik8OqB/WI3d1+ORN6S7TDrXbUN +S+TNz4ngmc+qw3FQrHooleAgciPUpvA68g7qHGEjqqC4MggOWf31da7ICgpl+j8L +rCdGWk0ea4rgH9KT9iercYdJfk41dS6VkwT2ARQVignuDMkqOV9BlR3fEyKFz7VL +Kc+zYz0vtcSMIx85BffZ24oMbETeJkRCFUMqGkagsf/KKeTVRCbEnOosWYsac/Lj +xQxFD+aKaKP5z6Wvd9EDKAa5egS5m556z58LUiUXT4QcRqc43OTcoI1OefeQT+B7 +0chHWZRXGzZWxNsDgbjUhBLcELh1H9ehc99TaNIXeIyYJgfZp2zXAsE8UGUqpL5p +JI+OG/7au2kVipcQqbiMxYm+FhyLqzgRhNQrP4wXPee9Psyvy0ylIwveUY83uwBV +EsAiyg6LD3KnYC4sZlr80GJ4l1Cp+4Q0101q6WeZRjMCAwEAAaNFMEMwIgYDVR0R +BBswGYIXc3RvcHJ2ZmUwMS5kb21haW4wMS5uZXQwHQYDVR0OBBYEFHzZ8nn/1Zj8 +kxrK0kLw3RlA/t9hMA0GCSqGSIb3DQEBCwUAA4IBgQCAOrmhhFLsfqYx6K+wKt7I +HCqbsB0bhM8pccqWmUaUWP1WlRJOupIpOmP5FvIgvVtXsuEzUKd1voPF4DMfzaV6 +ACU6DxLf0lZ/3NrwM9ipVEE/zpXMHvBTn5802wcOIIm7hF+If83QM79ogex6b7gW +oLhWfu1yz+2La4twB+6zkcz9THgkgSn0UtUNwd0HzyyHZ3SZuOMCGUIuyz+19c1n ++KX6CjsXpMcJ4Oc1HsbtCKNkvEwNudxeiXWSWzj5MQHMcALE/ybOiQ/NMmj5SUzt +oySXpA6JvX5PwGbuyuy1j4u6gwunYWXWzA0/bEyYADM47ZfNhzD+52b3sVaM1ROB +TFv0Jq/k9XzQGKyrxphatYKLFZZ92DBDrtnwE3YsIXYc8qzWV7fDbSdvJe6eRBJV +nnp6KW+OGs5W4irV/BM+AE0LMh7hb4xWfN1xO8Z2nrgAWHNJUkFw74FkEa94t9Y4 +KG+MY9n4aaqecV40ScxWptqZOJPVWBH4Yh1BocVylDM= +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> + </md:KeyDescriptor> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dev.cloudmore.com/Shibboleth.sso/Artifact/SOAP" index="1"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dev.cloudmore.com/Shibboleth.sso/SLO/SOAP"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://dev.cloudmore.com/Shibboleth.sso/SLO/Redirect"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dev.cloudmore.com/Shibboleth.sso/SLO/POST"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dev.cloudmore.com/Shibboleth.sso/SLO/Artifact"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dev.cloudmore.com/Shibboleth.sso/SAML2/POST" index="1"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dev.cloudmore.com/Shibboleth.sso/SAML2/Artifact" index="3"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://dev.cloudmore.com/Shibboleth.sso/SAML2/ECP" index="4"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://dev.cloudmore.com/Shibboleth.sso/SAML/POST" index="5"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://dev.cloudmore.com/Shibboleth.sso/SAML/Artifact" index="6"/> + </md:SPSSODescriptor> + <md:Organization> + <md:OrganizationName xml:lang="en">Cloudmore AB</md:OrganizationName> + <md:OrganizationDisplayName xml:lang="en">Cloudmore</md:OrganizationDisplayName> + <md:OrganizationURL xml:lang="en">http://www.cloudmore.com/</md:OrganizationURL> + </md:Organization> + <md:ContactPerson contactType="technical"> + <md:EmailAddress>mailto:support@cloudmore.com</md:EmailAddress> + </md:ContactPerson> +</md:EntityDescriptor> diff --git a/swamid-2.0/idp.hb.se-idp-shibboleth.xml b/swamid-2.0/idp.hb.se-idp-shibboleth.xml index 5454bc56..55143038 100644 --- a/swamid-2.0/idp.hb.se-idp-shibboleth.xml +++ b/swamid-2.0/idp.hb.se-idp-shibboleth.xml @@ -214,8 +214,8 @@ hdayeb3tw8qRMHjEVgFSXDHRlA== </Organization> <ContactPerson contactType="administrative"> <Company>University of Borås</Company> - <SurName>IT-avdelningen</SurName> - <EmailAddress>mailto:it-avdelningen@hb.se</EmailAddress> + <SurName>Campus and IT services</SurName> + <EmailAddress>mailto:campusservice@hb.se</EmailAddress> <TelephoneNumber>+46 33 435 4690</TelephoneNumber> </ContactPerson> <ContactPerson contactType="technical"> @@ -226,8 +226,8 @@ hdayeb3tw8qRMHjEVgFSXDHRlA== </ContactPerson> <ContactPerson contactType="support"> <Company>University of Borås</Company> - <SurName>IT-avdelningen</SurName> - <EmailAddress>mailto:it-avdelningen@hb.se</EmailAddress> + <SurName>Campus and IT services</SurName> + <EmailAddress>mailto:campusservice@hb.se</EmailAddress> <TelephoneNumber>+46 33 435 4690</TelephoneNumber> </ContactPerson> </EntityDescriptor> diff --git a/swamid-2.0/idp.suni.se-adfs-services-trust.xml b/swamid-2.0/idp.suni.se-adfs-services-trust.xml deleted file mode 100644 index 4106fb82..00000000 --- a/swamid-2.0/idp.suni.se-adfs-services-trust.xml +++ /dev/null @@ -1,83 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://idp.suni.se/adfs/services/trust"> - <Extensions> - <shibmd:Scope regexp="false">suni.se</shibmd:Scope> - </Extensions> - <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> - <Extensions> - <shibmd:Scope regexp="false">suni.se</shibmd:Scope> - <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> - <mdui:DisplayName xml:lang="sv">Södertörns högskola (gamla)</mdui:DisplayName> - <mdui:DisplayName xml:lang="en">Södertörn University (old)</mdui:DisplayName> - <mdui:Description xml:lang="sv">Gammal IDP för Södertörns högskola.(används endast för antagning.se).</mdui:Description> - <mdui:Description xml:lang="en">Old IDP for Södertörn University. (Only used for antagning.se)</mdui:Description> - <mdui:InformationURL xml:lang="sv">https://www.sh.se/</mdui:InformationURL> - <mdui:InformationURL xml:lang="en">https://www.sh.se/p3/ext/content.nsf/aget?openagent&key=startsideportal_engelsk_1308725461229</mdui:InformationURL> - <mdui:Logo height="100" width="100">https://www.sh.se/p3/ext/res.nsf/vRes/global_1448973984543_sh_ny_logo_eng_png/$File/sh-ny-logo-eng.png</mdui:Logo> - </mdui:UIInfo> - </Extensions> - <KeyDescriptor use="encryption"> - <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> - <X509Data> - <X509Certificate>MIIEYzCCA0ugAwIBAgIQZHPOuyVURJge5wdOa1kfEzANBgkqhkiG9w0BAQUFADA2MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEgU1NMIENBMB4XDTE0MDMxMTAwMDAwMFoXDTE3MDQzMDIzNTk1OVowOTEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRQwEgYDVQQDEwtpZHAuc3VuaS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMB0RS/jwsLGyG8DB8mIqgzTcEwb5P/7y9beizxgvlJc3dbauQogUIwZtsUn2q7qbV5h66c68bl8fi+JhtJYWXXu/rA9d6i4cQSdKXJPTMAss2ZobcRmnVSDrj0ZTJ5+JBe+fuYI3cDaLy5rGz9PcgxqINcjM4wW01pKjnZzrVqbJ1dsSfWzU5AkMwVS+10UjQYLSeHg/2PAgfDRovqTqTfMpF16DXwx+OcqnJY2yN0JcpVggQNOE9a4y9L6qe0SYbbTlqbrlrz/X+0e4gQ8sjif4PdB4AXVb0dP9D3pjfLXim8leVarNN2knOPZmmFYWKEBNS5KHlkSnHFIyNFof3UCAwEAAaOCAWgwggFkMB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdXR+qQ47ntMB0GA1UdDgQWBBT3yAYidugFyhjhPMuNGIu6pA6hfzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICHTAIBgZngQwBAgEwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcmwwbQYIKwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAChilodHRwOi8vY3J0LnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNydDAmBggrBgEFBQcwAYYaaHR0cDovL29jc3AudGNzLnRlcmVuYS5vcmcwFgYDVR0RBA8wDYILaWRwLnN1bmkuc2UwDQYJKoZIhvcNAQEFBQADggEBAAdzCLw9BLbfTeYy0fLEWT4nrH5oBJ7G1Si/vdf8dvQlUF8gbtizKI/c7871smaPHge5DdwUwY9vqRkRrzeiM/mGUSgUCkN56Y17eTzmbvRQ6EPjpiZ/dlTBycedq2TmnxLM1VbO9Xx3rK07YdSdDn+y+n4GNJlL4NCED/rVDdsEBoy+nmztLLolGztRZPv8xLbCdE2vompEA7sbDsBv4hNCjsuVSCt8FlX3rz3uqaaNcG3r5tQ8VHtrQ7xCCRScSfoYoI0sgwE5BtThwDAi1arLp/tHN5Ow500zq4m8LZEdmGBZ56M3kIHEn1n8UOUlCMWYtYw1rIhX9FYyT8Dn2bY=</X509Certificate> - </X509Data> - </KeyInfo> - </KeyDescriptor> - <KeyDescriptor use="signing"> - <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> - <X509Data> - <X509Certificate>MIIEYzCCA0ugAwIBAgIQZHPOuyVURJge5wdOa1kfEzANBgkqhkiG9w0BAQUFADA2MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEgU1NMIENBMB4XDTE0MDMxMTAwMDAwMFoXDTE3MDQzMDIzNTk1OVowOTEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRQwEgYDVQQDEwtpZHAuc3VuaS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMB0RS/jwsLGyG8DB8mIqgzTcEwb5P/7y9beizxgvlJc3dbauQogUIwZtsUn2q7qbV5h66c68bl8fi+JhtJYWXXu/rA9d6i4cQSdKXJPTMAss2ZobcRmnVSDrj0ZTJ5+JBe+fuYI3cDaLy5rGz9PcgxqINcjM4wW01pKjnZzrVqbJ1dsSfWzU5AkMwVS+10UjQYLSeHg/2PAgfDRovqTqTfMpF16DXwx+OcqnJY2yN0JcpVggQNOE9a4y9L6qe0SYbbTlqbrlrz/X+0e4gQ8sjif4PdB4AXVb0dP9D3pjfLXim8leVarNN2knOPZmmFYWKEBNS5KHlkSnHFIyNFof3UCAwEAAaOCAWgwggFkMB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdXR+qQ47ntMB0GA1UdDgQWBBT3yAYidugFyhjhPMuNGIu6pA6hfzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICHTAIBgZngQwBAgEwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcmwwbQYIKwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAChilodHRwOi8vY3J0LnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNydDAmBggrBgEFBQcwAYYaaHR0cDovL29jc3AudGNzLnRlcmVuYS5vcmcwFgYDVR0RBA8wDYILaWRwLnN1bmkuc2UwDQYJKoZIhvcNAQEFBQADggEBAAdzCLw9BLbfTeYy0fLEWT4nrH5oBJ7G1Si/vdf8dvQlUF8gbtizKI/c7871smaPHge5DdwUwY9vqRkRrzeiM/mGUSgUCkN56Y17eTzmbvRQ6EPjpiZ/dlTBycedq2TmnxLM1VbO9Xx3rK07YdSdDn+y+n4GNJlL4NCED/rVDdsEBoy+nmztLLolGztRZPv8xLbCdE2vompEA7sbDsBv4hNCjsuVSCt8FlX3rz3uqaaNcG3r5tQ8VHtrQ7xCCRScSfoYoI0sgwE5BtThwDAi1arLp/tHN5Ow500zq4m8LZEdmGBZ56M3kIHEn1n8UOUlCMWYtYw1rIhX9FYyT8Dn2bY=</X509Certificate> - </X509Data> - </KeyInfo> - </KeyDescriptor> - <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.suni.se/adfs/ls/"/> - <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.suni.se/adfs/ls/"/> - <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat> - <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat> - <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> - <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.suni.se/adfs/ls/"/> - <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.suni.se/adfs/ls/"/> - <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.suni.se/adfs/ls/"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/eduPersonScopedAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonScopedAffiliation"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/cn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="cn"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/eduPersonEntitlement" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonEntitlement"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Display Name"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/initials" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Initials"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/norEduPersonNIN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="norEduPersonNIN"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/socialSecurityNumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="socialSecurityNumber"/> - <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/socialSecurityNumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="socialSecurityNumberNotOld"/> - </IDPSSODescriptor> - <Organization> - <OrganizationName xml:lang="sv">Södertörns högskola (gamla)</OrganizationName> - <OrganizationName xml:lang="en">Södertörns University (old)</OrganizationName> - <OrganizationDisplayName xml:lang="sv">Södertörns högskola (gamla)</OrganizationDisplayName> - <OrganizationURL xml:lang="sv">http://www.sh.se/</OrganizationURL> - </Organization> - <ContactPerson contactType="support"> - <GivenName>Tomas</GivenName> - <SurName>Legat</SurName> - <EmailAddress>mailto:server@sh.se</EmailAddress> - <TelephoneNumber>+46(0)86084000</TelephoneNumber> - </ContactPerson> -</EntityDescriptor> diff --git a/swamid-2.0/idp2.rkh.se-idp-shibboleth.xml b/swamid-2.0/idp2.rkh.se-idp-shibboleth.xml index 299c552b..a1be203e 100644 --- a/swamid-2.0/idp2.rkh.se-idp-shibboleth.xml +++ b/swamid-2.0/idp2.rkh.se-idp-shibboleth.xml @@ -1,10 +1,13 @@ <?xml version="1.0" encoding="UTF-8"?> <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://idp2.rkh.se/idp/shibboleth"> <Extensions> - <attr:EntityAttributes xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute"> - <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> + <attr:EntityAttributes xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"> + <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <saml:AttributeValue>http://www.swamid.se/policy/assurance/al1</saml:AttributeValue> </saml:Attribute> + <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> + <saml:AttributeValue>http://refeds.org/category/hide-from-discovery</saml:AttributeValue> + </saml:Attribute> </attr:EntityAttributes> </Extensions> <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0"> diff --git a/swamid-2.0/itslearning.com.xml b/swamid-2.0/itslearning.com.xml new file mode 100644 index 00000000..774682d5 --- /dev/null +++ b/swamid-2.0/itslearning.com.xml @@ -0,0 +1,122 @@ +<?xml version="1.0" encoding="UTF-8"?> +<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="urn:mace:saml2v2.no:services:com.itslearning"> + <Extensions> + <attr:EntityAttributes xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute"> + <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category"> + <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue> + <samla:AttributeValue>http://www.swamid.se/category/eu-adequate-protection</samla:AttributeValue> + </samla:Attribute> + </attr:EntityAttributes> + </Extensions> + <SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <Extensions> + <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> + <mdui:DisplayName xml:lang="en">itslearning</mdui:DisplayName> + <mdui:DisplayName xml:lang="sv">itslearning</mdui:DisplayName> + <mdui:Description xml:lang="en">itslearning is a cloud-based LMS that connects people with passions, ideas, and each other.</mdui:Description> + <mdui:Description xml:lang="sv">itslearning is a cloud-based LMS that connects people with passions, ideas, and each other.</mdui:Description> + <mdui:InformationURL xml:lang="sv">https://itslearning.com/global/higher-education/lms-overview/</mdui:InformationURL> + <mdui:InformationURL xml:lang="en">https://itslearning.com/global/higher-education/lms-overview/</mdui:InformationURL> + <mdui:PrivacyStatementURL xml:lang="sv">https://itslearning.com/global/privacy-policy/</mdui:PrivacyStatementURL> + <mdui:PrivacyStatementURL xml:lang="en">https://itslearning.com/global/privacy-policy/</mdui:PrivacyStatementURL> + </mdui:UIInfo> + </Extensions> + <KeyDescriptor use="signing"> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:X509Data> + <ds:X509Certificate> + MIIGIzCCBQugAwIBAgIRALUG/lMf4ilOPuZcvQG5yDowDQYJKoZIhvcNAQELBQAw + gZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO + BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYD + VQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBT + ZXJ2ZXIgQ0EwHhcNMTUwNzE0MDAwMDAwWhcNMTgwNzEzMjM1OTU5WjCCAQUxCzAJ + BgNVBAYTAk5PMQ0wCwYDVQQREwQ1MDU5MRIwEAYDVQQIEwlIT1JEQUxBTkQxDzAN + BgNVBAcTBkJlcmdlbjEcMBoGA1UECRMTRWR2YXJkIEdyaWVncyBWZWkgMzEYMBYG + A1UEChMPSXRzIExlYXJuaW5nIEFTMRswGQYDVQQLExJpdHNsZWFybmluZyBGcmFu + Y2UxNTAzBgNVBAsTLElzc3VlZCB0aHJvdWdoIEl0cyBMZWFybmluZyBBUyBFLVBL + SSBNYW5hZ2VyMRcwFQYDVQQLEw5JbnN0YW50U1NMIFBybzEdMBsGA1UEAxMUYXV0 + aC5pdHNsZWFybmluZy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB + AQCnMiSYW33IAVgQLVF/43Ke524DM0pehzOVUrZJjwM+VNB5Iz1t0Zd5ZLJ71rPR + HyYTrtlrwiW4bdCOXpj8q8r3x368YawR3vW9pTxvBzADDUE60HLqNnaLzXbEtgOJ + x/fN/y1vEe/ysL7sFgfZYsK6Esa+ZckzRmhjhIA8Y7AzFxnUwo99S5/MfwAjRpkV + lChPFgWFW4zecI+qj092VaDJHpfoGR15cv6onHrqUE8gqKsSZ2LrHrzNCoVGO00R + RS0i0T+yEccvLB0GlIwgK1NJO3BPar25hIV2NHXTck5tn9iLlyXNChKZK0lJMACb + kyiA4etM//NW0xCZG9DHVLCvAgMBAAGjggH4MIIB9DAfBgNVHSMEGDAWgBSa8yva + z61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQUziNakwabutZPrjgskjLsLwud1aMw + DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH + AwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCswKQYIKwYB + BQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeBDAECAjBa + BgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9S + U0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGLBggr + BgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6Ly9jcnQuY29tb2RvY2EuY29t + L0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5j + cnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTA5BgNVHREE + MjAwghRhdXRoLml0c2xlYXJuaW5nLmNvbYIYd3d3LmF1dGguaXRzbGVhcm5pbmcu + Y29tMA0GCSqGSIb3DQEBCwUAA4IBAQBWP/nHSKbTILdOwcCKxyTcG6IYDkUUnwFG + QPRO8dRu0p55j5m2scN+svm3PqrejqNobeh80VcNahdHY/runY+JpzdXohBsS+oL + E7t8lBPW4IlNpRi3OBOywnJ0cGIn5PyaMgDyQoWorgBey2m+wfVtWOlyqSIzHdDC + +2lyPs5rvfbdSzfPeRv+D6/5k/GwCDOz+u/h0ynqDkZojEWShYP0ROckhhUQRxPl + JNq2fHe+JwzyEqLJ/k5UcBzrwmzqy5K2Gaj2i6ySiAmoCVhF9/Dl5Tae6bv55IGI + RZNHXVWClNE2/q9xZotJor1siWGA0F3sZjTHTYK7176mUNDWJyjX + </ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </KeyDescriptor> + <KeyDescriptor use="encryption"> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:X509Data> + <ds:X509Certificate> + MIIGIzCCBQugAwIBAgIRALUG/lMf4ilOPuZcvQG5yDowDQYJKoZIhvcNAQELBQAw + gZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO + BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYD + VQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBT + ZXJ2ZXIgQ0EwHhcNMTUwNzE0MDAwMDAwWhcNMTgwNzEzMjM1OTU5WjCCAQUxCzAJ + BgNVBAYTAk5PMQ0wCwYDVQQREwQ1MDU5MRIwEAYDVQQIEwlIT1JEQUxBTkQxDzAN + BgNVBAcTBkJlcmdlbjEcMBoGA1UECRMTRWR2YXJkIEdyaWVncyBWZWkgMzEYMBYG + A1UEChMPSXRzIExlYXJuaW5nIEFTMRswGQYDVQQLExJpdHNsZWFybmluZyBGcmFu + Y2UxNTAzBgNVBAsTLElzc3VlZCB0aHJvdWdoIEl0cyBMZWFybmluZyBBUyBFLVBL + SSBNYW5hZ2VyMRcwFQYDVQQLEw5JbnN0YW50U1NMIFBybzEdMBsGA1UEAxMUYXV0 + aC5pdHNsZWFybmluZy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB + AQCnMiSYW33IAVgQLVF/43Ke524DM0pehzOVUrZJjwM+VNB5Iz1t0Zd5ZLJ71rPR + HyYTrtlrwiW4bdCOXpj8q8r3x368YawR3vW9pTxvBzADDUE60HLqNnaLzXbEtgOJ + x/fN/y1vEe/ysL7sFgfZYsK6Esa+ZckzRmhjhIA8Y7AzFxnUwo99S5/MfwAjRpkV + lChPFgWFW4zecI+qj092VaDJHpfoGR15cv6onHrqUE8gqKsSZ2LrHrzNCoVGO00R + RS0i0T+yEccvLB0GlIwgK1NJO3BPar25hIV2NHXTck5tn9iLlyXNChKZK0lJMACb + kyiA4etM//NW0xCZG9DHVLCvAgMBAAGjggH4MIIB9DAfBgNVHSMEGDAWgBSa8yva + z61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQUziNakwabutZPrjgskjLsLwud1aMw + DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH + AwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCswKQYIKwYB + BQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeBDAECAjBa + BgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9S + U0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGLBggr + BgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6Ly9jcnQuY29tb2RvY2EuY29t + L0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5j + cnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTA5BgNVHREE + MjAwghRhdXRoLml0c2xlYXJuaW5nLmNvbYIYd3d3LmF1dGguaXRzbGVhcm5pbmcu + Y29tMA0GCSqGSIb3DQEBCwUAA4IBAQBWP/nHSKbTILdOwcCKxyTcG6IYDkUUnwFG + QPRO8dRu0p55j5m2scN+svm3PqrejqNobeh80VcNahdHY/runY+JpzdXohBsS+oL + E7t8lBPW4IlNpRi3OBOywnJ0cGIn5PyaMgDyQoWorgBey2m+wfVtWOlyqSIzHdDC + +2lyPs5rvfbdSzfPeRv+D6/5k/GwCDOz+u/h0ynqDkZojEWShYP0ROckhhUQRxPl + JNq2fHe+JwzyEqLJ/k5UcBzrwmzqy5K2Gaj2i6ySiAmoCVhF9/Dl5Tae6bv55IGI + RZNHXVWClNE2/q9xZotJor1siWGA0F3sZjTHTYK7176mUNDWJyjX + </ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + </KeyDescriptor> + <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.itslearning.com/elogin/SingleLogoutHandler.aspx"/> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> + <AssertionConsumerService index="0" isDefault="true" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.itslearning.com/eLogin/AssertionConsumerService.aspx"/> + </SPSSODescriptor> + <Organization> + <OrganizationName xml:lang="en">itslearning</OrganizationName> + <OrganizationDisplayName xml:lang="en">itslearning</OrganizationDisplayName> + <OrganizationURL xml:lang="en">http://www.itslearning.eu</OrganizationURL> + </Organization> + <ContactPerson xml:lang="en" contactType="technical"> + <EmailAddress>support@itslearning.com</EmailAddress> + </ContactPerson> + <ContactPerson xml:lang="en" contactType="support"> + <EmailAddress>support@itslearning.com</EmailAddress> + </ContactPerson> +</EntityDescriptor> diff --git a/swamid-2.0/kantarainitiative.org-confluence-plugins-servlet-samlsso.xml b/swamid-2.0/kantarainitiative.org-confluence-plugins-servlet-samlsso.xml index 5c7448b9..3f3def10 100644 --- a/swamid-2.0/kantarainitiative.org-confluence-plugins-servlet-samlsso.xml +++ b/swamid-2.0/kantarainitiative.org-confluence-plugins-servlet-samlsso.xml @@ -46,6 +46,5 @@ PMS4rjAWc41dsrr8CuH3t/NKbvDc9Rn6U+qLGttLcJ1Jlpw2i3fPGGJ+osSsX9+h3KUdLv9j7zJB <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat> <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kantarainitiative.org/confluence/plugins/servlet/samlsso" index="0"/> - <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kantarainitiative.org/confluence/plugins/servlet/samlsso" index="1"/> </md:SPSSODescriptor> </md:EntityDescriptor> diff --git a/swamid-2.0/local.cloudmore.com-shibboleth.xml b/swamid-2.0/local.cloudmore.com-shibboleth.xml new file mode 100644 index 00000000..23fd055c --- /dev/null +++ b/swamid-2.0/local.cloudmore.com-shibboleth.xml @@ -0,0 +1,91 @@ +<?xml version="1.0" encoding="UTF-8"?> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://local.cloudmore.com/shibboleth"> + <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> + </md:Extensions> + <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol"> + <md:Extensions> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://local.cloudmore.com/Shibboleth.sso/Login"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://local.cloudmore.com/Shibboleth.sso/Login" index="1"/> + <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> + <mdui:DisplayName xml:lang="en">Cloudmore</mdui:DisplayName> + <mdui:Description xml:lang="en">Cloud Brokerage Platform for IT, Business and Public Sector</mdui:Description> + <mdui:InformationURL xml:lang="en">http://web.cloudmore.com/</mdui:InformationURL> + <mdui:Logo height="300" width="300">https://cloudmore.com/Files/Uploads/Shibboleth/Cloudmore-green-icon.png</mdui:Logo> + </mdui:UIInfo> + </md:Extensions> + <md:KeyDescriptor> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:KeyName>desktop-cu2qb29</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=desktop-cu2qb29</ds:X509SubjectName> + <ds:X509Certificate>MIID9DCCAlygAwIBAgIJAJKf3OTHrjQ/MA0GCSqGSIb3DQEBCwUAMBoxGDAWBgNV +BAMTD2Rlc2t0b3AtY3UycWIyOTAeFw0xNzAyMjcxNDU1MDdaFw0yNzAyMjUxNDU1 +MDdaMBoxGDAWBgNVBAMTD2Rlc2t0b3AtY3UycWIyOTCCAaIwDQYJKoZIhvcNAQEB +BQADggGPADCCAYoCggGBALhxwbvMdesrUcyhorZ9bHNSWWtqJIrHPT9jGJI5W0oJ +SosOLD/mrCSy618yHoYl+oo2nE4u/+VDE2CJhrjkThwp+C3bLI/jTYrn4E2w1cVw +5ws1Cmo7iJ8wEsX4ZpvSpPG7DRUcppzDLbizGUZoZ/7lKDUWEqX+pUErrJCcxk7v +hDlXyXXdkc4R18hUUIQHMu5XHjDQ7NH5rrLmxNcYdLEg9KG44CLmcgz3ptcDXZRp +mhvAr55XtDq/3rk/bJODy65F+P/AzTK1AD3hr/7VtqANfp6Gj+FECC9ahVYcQg9z +8YFrh3T2B86xnRwBpGj5GdAB1Sl48OqpoJvhRd0hAQnxPTyEyr/O3lQX0Ln68Ho2 +0SC+WkSi1GwGP+av8PKZj8UO5KeLwSeUYhqVMMs/jGrfaM278oHWldzo8VfVwsAR +9/chJ6JN3bUum//bdIgwqQyxS+m+5/tCFZ3IAOWraXYJpofG+vtCJH5THWvC/Pfp +P17k0KFHDONEbCy+BMJguwIDAQABoz0wOzAaBgNVHREEEzARgg9kZXNrdG9wLWN1 +MnFiMjkwHQYDVR0OBBYEFBJHwGN/tsmAUm7VVbqf3BLHTKNaMA0GCSqGSIb3DQEB +CwUAA4IBgQC20sT9vv9RVhEvItcTDpV/hOtrhcAtDLfe0jUnycscDbN+zsn9TVE+ +oWyV1a90/YiTbVAdyTW518NjU4APqwghEhHlY2U1wNCsYFxmceQvyCyAAfZjvugR +xxw8YnPc3z2M8sriHpnvLEwG84ZGn5VmKAmFlapmpM3SuhT+jg716oB8ZZuB3IRh +tPrIQXdSEtsL+Ogol+UtbraP1iseSmpFoCNLSpUgsdIf0U4BMXEfVAMv3R1w7elR +FefUWlzgJ1UG0hSKIZilR8YMI0o3fF9nfMDWkGgyV5+fbnogKVNNQIbiFIIIBdhH +a9ikla+Yzxv5MqqlRh0dlbjwuPWUEbxzV01N7gjtUp+m3G8HAWe/84bGNzqW5L0J +ImSwMsvQbjyWBkgs0ruxX7osN1cqyIMRB3KefI7XpBrQXmVqS7IbtGgypYZieVSo +z8vMYWDvzD5siJ/O46xnsMzwTu2JXhVJpR0jzoADSftjsQe+4wgLXVg+46mapDoc +f49DvQ516YA= +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> + </md:KeyDescriptor> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://local.cloudmore.com/Shibboleth.sso/Artifact/SOAP" index="1"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://local.cloudmore.com/Shibboleth.sso/SLO/SOAP"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://local.cloudmore.com/Shibboleth.sso/SLO/Redirect"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://local.cloudmore.com/Shibboleth.sso/SLO/POST"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://local.cloudmore.com/Shibboleth.sso/SLO/Artifact"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://local.cloudmore.com/Shibboleth.sso/SAML2/POST" index="1"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://local.cloudmore.com/Shibboleth.sso/SAML2/Artifact" index="3"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://local.cloudmore.com/Shibboleth.sso/SAML2/ECP" index="4"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://local.cloudmore.com/Shibboleth.sso/SAML/POST" index="5"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://local.cloudmore.com/Shibboleth.sso/SAML/Artifact" index="6"/> + </md:SPSSODescriptor> + <md:Organization> + <md:OrganizationName xml:lang="en">Cloudmore AB</md:OrganizationName> + <md:OrganizationDisplayName xml:lang="en">Cloudmore</md:OrganizationDisplayName> + <md:OrganizationURL xml:lang="en">http://www.cloudmore.com/</md:OrganizationURL> + </md:Organization> + <md:ContactPerson contactType="technical"> + <md:EmailAddress>mailto:support@cloudmore.com</md:EmailAddress> + </md:ContactPerson> +</md:EntityDescriptor> diff --git a/swamid-2.0/pingpong.hj.se-Shibboleth.sso-Metadata.xml b/swamid-2.0/pingpong.hj.se-Shibboleth.sso-Metadata.xml new file mode 100644 index 00000000..e11fdf65 --- /dev/null +++ b/swamid-2.0/pingpong.hj.se-Shibboleth.sso-Metadata.xml @@ -0,0 +1,61 @@ +<?xml version="1.0" encoding="UTF-8"?> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://pingpong.hj.se/Shibboleth.sso/Metadata"> + <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> + </md:Extensions> + <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <md:Extensions> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://pingpong.hj.se/Shibboleth.sso/Login"/> + </md:Extensions> + <md:KeyDescriptor> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:KeyName>pingpong.hj.se</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=pingpong.hj.se</ds:X509SubjectName> + <ds:X509Certificate>MIIC8TCCAdmgAwIBAgIJAK3zQYIO0jRMMA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNV +BAMTDnBpbmdwb25nLmhqLnNlMB4XDTE2MDQxMjIxMDAxMFoXDTI2MDQxMDIxMDAx +MFowGTEXMBUGA1UEAxMOcGluZ3BvbmcuaGouc2UwggEiMA0GCSqGSIb3DQEBAQUA +A4IBDwAwggEKAoIBAQCdfDnktBk/j3kXQERkPKhxU74wL6Gj7jfi7Q7tOiXkK9gt +WYOX1xwzGBipaJD+JDFdyoQwhywUWoNC1nCwq+meqWIE5BiqKfz58uLo7yVZbq0D +CyfD1CxS2bXU199gS9nRcvVaEPGcj5olWz4onD4Rnj62Wgp2gGBmDdrAOQUVUp35 +pz80/f4d9KcoS3EE+85JKU8nzA4Juw1rmof5xzZsmiy879mTbFcZlIe2ecLKcjlx ++53Bii5K3yg9kKqaUxVr1q/BBR3DZvVbVjLa/BFYDLDRaHcvkkWAEP0IPEyKxERs +2bLnJG23Pu191tT95MKakKf/8CzRrvfD/sZDhjKTAgMBAAGjPDA6MBkGA1UdEQQS +MBCCDnBpbmdwb25nLmhqLnNlMB0GA1UdDgQWBBQgr6cXLkmpK0aO9RWn09Mc0Hqi +ADANBgkqhkiG9w0BAQUFAAOCAQEAJoIRG6ifIdpnQ5f8s9C1KAY/Vp4zzErZFVQh +Y9p5vyKTBnEGcusx3DSWPqWSaohwWXgQVutNckAkzrt1Q8uyUKEq6Bbj/P6DHbBW +sHEFZ3Be2aDb5KbVV8Ta/XbCBLYi/GwIUrPFqBqcb58iv8FfDbpAV2xIE5nvlFFZ +GtDtNLwffFEUat79nolyrP+nXJRXdysvquW6nz8dFNDNIfrBS+bEhybOph+8w07E +CLSz0W8sV0xK8CBbmHuoY7gZxMT32Fr1zANIjpWh7HyO5sZmHtSYCM329oQbQuhe +/NAOaJdHrKUZuut5eeRGapGK1milxeKhTnB/Ou3BNtjlDPUJBg== +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> + </md:KeyDescriptor> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pingpong.hj.se/Shibboleth.sso/SAML2/POST" index="1"/> + </md:SPSSODescriptor> +</md:EntityDescriptor> diff --git a/swamid-2.0/portaluu.onricoh.se-shibboleth.xml b/swamid-2.0/portaluu.onricoh.se-shibboleth.xml index a03c4db3..4c22bbf6 100644 --- a/swamid-2.0/portaluu.onricoh.se-shibboleth.xml +++ b/swamid-2.0/portaluu.onricoh.se-shibboleth.xml @@ -17,18 +17,16 @@ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> + <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> + <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> + <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue> + <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue> + </samla:Attribute> + </mdattr:EntityAttributes> </md:Extensions> <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <md:Extensions> <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> - <Extensions xmlns="urn:mace:shibboleth:2.0:native:sp:config"> - <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> - <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> - <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue> - <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue> - </samla:Attribute> - </mdattr:EntityAttributes> - </Extensions> <mdui:DisplayName xml:lang="en">eduPrint</mdui:DisplayName> <mdui:DisplayName xml:lang="sv">eduPrint</mdui:DisplayName> <mdui:Description xml:lang="en">eduPrint is a print and photocopying system for students and employees at Uppsala University. Use eduPrint to print, make photocopies and scan documents and images.</mdui:Description> diff --git a/swamid-2.0/prestaging.cloudmore.com-shibboleth.xml b/swamid-2.0/prestaging.cloudmore.com-shibboleth.xml new file mode 100644 index 00000000..e4574ce6 --- /dev/null +++ b/swamid-2.0/prestaging.cloudmore.com-shibboleth.xml @@ -0,0 +1,92 @@ +<?xml version="1.0" encoding="UTF-8"?> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://prestaging.cloudmore.com/shibboleth"> + <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> + </md:Extensions> + <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol"> + <md:Extensions> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://prestaging.cloudmore.com/Shibboleth.sso/Login"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://prestaging.cloudmore.com/Shibboleth.sso/Login" index="1"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://prestaging.cloudmore.com/Shibboleth.sso/Login" index="2"/> + <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> + <mdui:DisplayName xml:lang="en">Cloudmore</mdui:DisplayName> + <mdui:Description xml:lang="en">Cloud Brokerage Platform for IT, Business and Public Sector</mdui:Description> + <mdui:InformationURL xml:lang="en">http://web.cloudmore.com/</mdui:InformationURL> + <mdui:Logo height="300" width="300">https://cloudmore.com/Files/Uploads/Shibboleth/Cloudmore-green-icon.png</mdui:Logo> + </mdui:UIInfo> + </md:Extensions> + <md:KeyDescriptor> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:KeyName>stoprvfe01.domain01.net</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=stoprvfe01.domain01.net</ds:X509SubjectName> + <ds:X509Certificate>MIIEDDCCAnSgAwIBAgIJAJOLmVdtpocoMA0GCSqGSIb3DQEBCwUAMCIxIDAeBgNV +BAMTF3N0b3BydmZlMDEuZG9tYWluMDEubmV0MB4XDTE3MDkwNTE5MDYyN1oXDTI3 +MDkwMzE5MDYyN1owIjEgMB4GA1UEAxMXc3RvcHJ2ZmUwMS5kb21haW4wMS5uZXQw +ggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQC4YLswQuTzT9JcYWFe8PFZ +oR/liIkoELde+7fJquGIUps2PflaSFcb8qf8LFik8OqB/WI3d1+ORN6S7TDrXbUN +S+TNz4ngmc+qw3FQrHooleAgciPUpvA68g7qHGEjqqC4MggOWf31da7ICgpl+j8L +rCdGWk0ea4rgH9KT9iercYdJfk41dS6VkwT2ARQVignuDMkqOV9BlR3fEyKFz7VL +Kc+zYz0vtcSMIx85BffZ24oMbETeJkRCFUMqGkagsf/KKeTVRCbEnOosWYsac/Lj +xQxFD+aKaKP5z6Wvd9EDKAa5egS5m556z58LUiUXT4QcRqc43OTcoI1OefeQT+B7 +0chHWZRXGzZWxNsDgbjUhBLcELh1H9ehc99TaNIXeIyYJgfZp2zXAsE8UGUqpL5p +JI+OG/7au2kVipcQqbiMxYm+FhyLqzgRhNQrP4wXPee9Psyvy0ylIwveUY83uwBV +EsAiyg6LD3KnYC4sZlr80GJ4l1Cp+4Q0101q6WeZRjMCAwEAAaNFMEMwIgYDVR0R +BBswGYIXc3RvcHJ2ZmUwMS5kb21haW4wMS5uZXQwHQYDVR0OBBYEFHzZ8nn/1Zj8 +kxrK0kLw3RlA/t9hMA0GCSqGSIb3DQEBCwUAA4IBgQCAOrmhhFLsfqYx6K+wKt7I +HCqbsB0bhM8pccqWmUaUWP1WlRJOupIpOmP5FvIgvVtXsuEzUKd1voPF4DMfzaV6 +ACU6DxLf0lZ/3NrwM9ipVEE/zpXMHvBTn5802wcOIIm7hF+If83QM79ogex6b7gW +oLhWfu1yz+2La4twB+6zkcz9THgkgSn0UtUNwd0HzyyHZ3SZuOMCGUIuyz+19c1n ++KX6CjsXpMcJ4Oc1HsbtCKNkvEwNudxeiXWSWzj5MQHMcALE/ybOiQ/NMmj5SUzt +oySXpA6JvX5PwGbuyuy1j4u6gwunYWXWzA0/bEyYADM47ZfNhzD+52b3sVaM1ROB +TFv0Jq/k9XzQGKyrxphatYKLFZZ92DBDrtnwE3YsIXYc8qzWV7fDbSdvJe6eRBJV +nnp6KW+OGs5W4irV/BM+AE0LMh7hb4xWfN1xO8Z2nrgAWHNJUkFw74FkEa94t9Y4 +KG+MY9n4aaqecV40ScxWptqZOJPVWBH4Yh1BocVylDM= +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> + </md:KeyDescriptor> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://prestaging.cloudmore.com/Shibboleth.sso/Artifact/SOAP" index="1"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://prestaging.cloudmore.com/Shibboleth.sso/SLO/SOAP"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://prestaging.cloudmore.com/Shibboleth.sso/SLO/Redirect"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://prestaging.cloudmore.com/Shibboleth.sso/SLO/POST"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://prestaging.cloudmore.com/Shibboleth.sso/SLO/Artifact"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://prestaging.cloudmore.com/Shibboleth.sso/SAML2/POST" index="1"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://prestaging.cloudmore.com/Shibboleth.sso/SAML2/Artifact" index="3"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://prestaging.cloudmore.com/Shibboleth.sso/SAML2/ECP" index="4"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://prestaging.cloudmore.com/Shibboleth.sso/SAML/POST" index="5"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://prestaging.cloudmore.com/Shibboleth.sso/SAML/Artifact" index="6"/> + </md:SPSSODescriptor> + <md:Organization> + <md:OrganizationName xml:lang="en">Cloudmore AB</md:OrganizationName> + <md:OrganizationDisplayName xml:lang="en">Cloudmore</md:OrganizationDisplayName> + <md:OrganizationURL xml:lang="en">http://www.cloudmore.com/</md:OrganizationURL> + </md:Organization> + <md:ContactPerson contactType="technical"> + <md:EmailAddress>mailto:support@cloudmore.com</md:EmailAddress> + </md:ContactPerson> +</md:EntityDescriptor> diff --git a/swamid-2.0/redcap.ki.se-shibboleth.xml b/swamid-2.0/redcap.ki.se-shibboleth.xml new file mode 100644 index 00000000..8a4278f1 --- /dev/null +++ b/swamid-2.0/redcap.ki.se-shibboleth.xml @@ -0,0 +1,95 @@ +<?xml version="1.0" encoding="UTF-8"?> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://redcap.ki.se/shibboleth"> + <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> + <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> + <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category"> + <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue> + <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue> + </samla:Attribute> + </mdattr:EntityAttributes> + </md:Extensions> + <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol"> + <md:Extensions> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://redcap.ki.se/Shibboleth.sso/Login"/> + <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> + <mdui:DisplayName xml:lang="sv">REDCap - Karolinska Institutet</mdui:DisplayName> + <mdui:DisplayName xml:lang="en">REDCap - Karolinska Institutet</mdui:DisplayName> + <mdui:Description xml:lang="sv">REDCap datainsamlingsverktyg för forskare på Karolinska Institutet</mdui:Description> + <mdui:Description xml:lang="en">REDCap data collection tool for researchers at Karolinska Institutet</mdui:Description> + </mdui:UIInfo> + </md:Extensions> + <md:KeyDescriptor> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:KeyName>kircweb02.ki.se</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=kircweb02.ki.se</ds:X509SubjectName> + <ds:X509Certificate>MIID9DCCAlygAwIBAgIJANTts0REhI9OMA0GCSqGSIb3DQEBCwUAMBoxGDAWBgNV +BAMTD2tpcmN3ZWIwMi5raS5zZTAeFw0xNzA2MTMxNDU2MTBaFw0yNzA2MTExNDU2 +MTBaMBoxGDAWBgNVBAMTD2tpcmN3ZWIwMi5raS5zZTCCAaIwDQYJKoZIhvcNAQEB +BQADggGPADCCAYoCggGBANilbH5Eghlskz++f1MKSiFmRs4Ufril17ERj/wHRjyW +LF0P/7ZwZTOFS7YefYxrdLXfLjynnjAnXwNxk6Z9JuqTNpsiDrLqpGj+UJ1O4Vxj +FveZqEemK3z7WPWoLg3IVDK2BMa5RgCBEJ+xvDAgaZblELHv4m5zdcRwXUgyBkKi +dMeJ3k7yVW6+7NBQSRwgaGZQYJ8uKR6M3CHJdEDhZeq5JiEbGT0ZbEQO6KIJ5PP1 +gJno8CeheMwifRvb4CKUIzEjvrpv0WASwpde/j0pbwWJ3uMDOKp8tswMayZHYnGr +a2BCXbfzIkpj3cgZQ2BOeNg92MWVRBPEF+mFaWqrfIQAmMHO2rB65aPhb+XaEktR +Zkj0aNVBMwF7exAG9UC5+06czkJ1RhQeb8FN2+TX1QWwMKfd6sFtVQSWltfgXIbD +DMBeVuC3SW6Fo6M1bPlX7lpVR6ZkyBrfB8AUSaMbrL51fF9ZuWfdZAqLHg0s6fIE +i4k/J1C1c/eCF7/DEtPu6wIDAQABoz0wOzAaBgNVHREEEzARgg9raXJjd2ViMDIu +a2kuc2UwHQYDVR0OBBYEFOgLHOprx64wQ+8aB1c/e2zErq+PMA0GCSqGSIb3DQEB +CwUAA4IBgQCFv+Qvf4jh7+NDllAaOcriC+Q//o0CbXYZ7i+7wPI2XMXhkMchkhWD +melhaum7lZuj27h1K6Q/1EPJ+h/zjRnoTSld3lu/Iud5Hvop/rbWsVrOiGwUx21F +Ifv+B/Jhx85zWWyxKz6Q3Q20fABMNB0F3+JoXJ7AbGKHtQGwEGEYJrbZuUKdFRjP +vEUsYjQJjoqI8IYGj/jSbO729E9B+LV19Du5m9+8ZoxwYg1MKPY50r5fPgrOmjKp +UHyb4mX6dssg9GxtK7F1MPFGOt8BACx3HB6ELdlYtq69+9TvkFEzWAY/QodBlHAc +nf2UYuiwaOTric4Xmwsc9H7mdCmvacNuop+XjUu7XIBOIomgtukJ502CtJpBTSTV +hWjzcjusX4Q04zS8/IfOv1uMCogu29UnnuS2EB3hfw2sdT/0uLnLhTynO3sFplSb +nL71cJpvF0I3mQ3CrfoTkEW21VuwKoEs62tS8wFCNXcImaOUQMhm7LBe9kp05jC5 +DOBgIJcDatI= +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> + </md:KeyDescriptor> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://redcap.ki.se/Shibboleth.sso/Artifact/SOAP" index="1"/> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://redcap.ki.se/Shibboleth.sso/Artifact/SOAP" index="2"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://redcap.ki.se/Shibboleth.sso/SLO/SOAP"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://redcap.ki.se/Shibboleth.sso/SLO/Redirect"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://redcap.ki.se/Shibboleth.sso/SLO/POST"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://redcap.ki.se/Shibboleth.sso/SLO/Artifact"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://redcap.ki.se/Shibboleth.sso/SAML2/POST" index="1"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://redcap.ki.se/Shibboleth.sso/SAML2/Artifact" index="3"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://redcap.ki.se/Shibboleth.sso/SAML2/ECP" index="4"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://redcap.ki.se/Shibboleth.sso/SAML/POST" index="5"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://redcap.ki.se/Shibboleth.sso/SAML/Artifact" index="6"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://redcap.ki.se/Shibboleth.sso/SAML2/POST" index="7"/> + </md:SPSSODescriptor> + <md:ContactPerson contactType="administrative"> + <md:GivenName>Michal</md:GivenName> + <md:SurName>Kment</md:SurName> + <md:EmailAddress>mailto:michal.kment@ki.se</md:EmailAddress> + </md:ContactPerson> +</md:EntityDescriptor> diff --git a/swamid-2.0/redcap.tst.ki.se-shibboleth.xml b/swamid-2.0/redcap.tst.ki.se-shibboleth.xml new file mode 100644 index 00000000..05cfa1f7 --- /dev/null +++ b/swamid-2.0/redcap.tst.ki.se-shibboleth.xml @@ -0,0 +1,91 @@ +<?xml version="1.0" encoding="UTF-8"?> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://redcap.tst.ki.se/shibboleth"> + <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> + <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> + <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category"> + <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue> + <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue> + </samla:Attribute> + </mdattr:EntityAttributes> + </md:Extensions> + <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <md:Extensions> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://redcap.tst.ki.se/Shibboleth.sso/DS/Login"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://redcap.tst.ki.se/Shibboleth.sso/DS/Login" index="1"/> + <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> + <mdui:DisplayName xml:lang="sv">REDCap - Karolinska Institutet (test)</mdui:DisplayName> + <mdui:DisplayName xml:lang="en">REDCap - Karolinska Institutet (test)</mdui:DisplayName> + <mdui:Description xml:lang="sv">REDCap datainsamlingsverktyg för forskare på Karolinska Institutet</mdui:Description> + <mdui:Description xml:lang="en">REDCap data collection tool for researchers at Karolinska Institutet</mdui:Description> + </mdui:UIInfo> + </md:Extensions> + <md:KeyDescriptor> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:KeyName>kitstrcweb01.tst.ki.se</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=kitstrcweb01.tst.ki.se</ds:X509SubjectName> + <ds:X509Certificate>MIIECTCCAnGgAwIBAgIJAP3vO5Tgfa3oMA0GCSqGSIb3DQEBCwUAMCExHzAdBgNV +BAMTFmtpdHN0cmN3ZWIwMS50c3Qua2kuc2UwHhcNMTcwNjEzMDc1NzExWhcNMjcw +NjExMDc1NzExWjAhMR8wHQYDVQQDExZraXRzdHJjd2ViMDEudHN0LmtpLnNlMIIB +ojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAuLIFz5Hq1AguBFIu+sdGx9tv +0kZulE1yzftYlEv+faAWMQIp1fOL8WwF8XM2LamU+OdQ4pxq3WcCQxd04kZ5h7Nl +kRgtGVaOhrXTBS5hiBXD0Y5FUk7KM3gJabzfdBFERTkK3iFyyxFbyOMoXdvh0QvX +yWA5XwdRoDoAJvv49oSlYkcyhhhUWPJVxJsOg5DScIwfNCXcR62QXUr1OBgv95mL +W1qGybhxhGkTSTYS//BfOF+6u4wUERIhWCqTJ8GXw5W6GuOvIaZXx3UDr53k4KLB +VPowZhVF23MgqCTdN8khOdJA0Fy08xuKyoOZVEePrTGjDvwKZS6fpoiI0Ycoq5d4 +1dc5dPFB84OdEXCACZnkCCt+S5MIzlb17Pl+h0DP0j7jEtLtS+tVX0kgJxBexhgW +h91g+UU11AUDJ1xZgpJg5I4OEzjdF9W6K/+EV156oc6iGsOqIM7eZWPtxZg08zJm +VWrkJ1cdhFhnscrCCYBOIgP/Obvx8+5Pll6te9ADAgMBAAGjRDBCMCEGA1UdEQQa +MBiCFmtpdHN0cmN3ZWIwMS50c3Qua2kuc2UwHQYDVR0OBBYEFA1Iz6/3hgIQFbRY +o8xpWXyxBdJ+MA0GCSqGSIb3DQEBCwUAA4IBgQAbjB/IwQR+XVVweB0RNNSJ+S8k +0khGp+Bpab8NBGSsEY4W1hGn4lS1G/EHgmy+woSuVTYELF3hLEk8nEiiqjHHDFO5 +g69h++EVSHtio9TsrbnD8Oj8mJktNWMRyPbqr6iRcZ0QumJuPH/8y9xYaTg5Ysi5 +xT1+lUL9yZFwq2mIT3XpBQ2wvIpn4tN4eAAuVbAGk8hJ9MkTrQaP3RdWVu9eJWwu +LyjudMQkmcaN/1yhjkHG4zSqFp1F96RGAB2JaRlp53xZWhhUZY6JDINffYQxnc0t +uDu+x0M0CGz38WNOE/SxBKUCPOcu1UGYoGue9hgHuiAjUbhTneuBCcsvYKzSSgL0 +4HZqaoFpD/IZzS2I8oil9KTiWH4FL3uW1yDDlcK88Ela4FQXam7oR50HecHEaTvZ +7P+5W09xwWZfY6XhCziV4uUDu2Dya5qspePpSBj++xlZP65bs9td2TNK0y2gDdOo +Gve8ozn6yxplJyB0jvZae8kfE4LtXr4adWlYG2E= +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> + </md:KeyDescriptor> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://redcap.tst.ki.se/Shibboleth.sso/Artifact/SOAP" index="1"/> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://redcap.tst.ki.se/Shibboleth.sso/Artifact/SOAP" index="2"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://redcap.tst.ki.se/Shibboleth.sso/SLO/SOAP"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://redcap.tst.ki.se/Shibboleth.sso/SLO/Redirect"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://redcap.tst.ki.se/Shibboleth.sso/SLO/POST"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://redcap.tst.ki.se/Shibboleth.sso/SLO/Artifact"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://redcap.tst.ki.se/Shibboleth.sso/SAML2/POST" index="1"/> + </md:SPSSODescriptor> + <md:ContactPerson contactType="administrative"> + <md:GivenName>Michal</md:GivenName> + <md:SurName>Kment</md:SurName> + <md:EmailAddress>mailto:michal.kment@ki.se</md:EmailAddress> + </md:ContactPerson> +</md:EntityDescriptor> diff --git a/swamid-2.0/registrera.hb.se-shibboleth.xml b/swamid-2.0/registrera.hb.se-shibboleth.xml deleted file mode 100644 index 9fdc2816..00000000 --- a/swamid-2.0/registrera.hb.se-shibboleth.xml +++ /dev/null @@ -1,101 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://registrera.hb.se/shibboleth"> - <md:Extensions> - <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> - <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category"> - <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue> - <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue> - <samla:AttributeValue>http://www.swamid.se/category/sfs-1993-1153</samla:AttributeValue> - </samla:Attribute> - </mdattr:EntityAttributes> - </md:Extensions> - <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol"> - <md:Extensions> - <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> - <mdui:DisplayName xml:lang="sv">HB Registrering</mdui:DisplayName> - <mdui:DisplayName xml:lang="en">HB Registration</mdui:DisplayName> - <mdui:Description xml:lang="sv">Studentportal för registrering och kontoskapande på Högskolan i Borås.</mdui:Description> - <mdui:Description xml:lang="en">Studentportal for registration and account creation at Högskolan i Borås.</mdui:Description> - </mdui:UIInfo> - </md:Extensions> - <md:KeyDescriptor use="signing"> - <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> - <ds:KeyName>registrera.hb.se</ds:KeyName> - <ds:KeyName>vm-registrera.hb.se</ds:KeyName> - <ds:X509Data> - <ds:X509SubjectName>CN=registrera.hb.se,OU=GF,O=H\C3\B6gskolan i Bor\C3\A5s,C=SE</ds:X509SubjectName> - <ds:X509Certificate>MIIECjCCAvKgAwIBAgIRAMRSDmNt6njEH0n9VYTNaVgwDQYJKoZIhvcNAQEFBQAw -NjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5B -IFNTTCBDQTAeFw0wOTEyMTQwMDAwMDBaFw0xMjEyMTMyMzU5NTlaMFMxCzAJBgNV -BAYTAlNFMRwwGgYDVQQKDBNIw7Znc2tvbGFuIGkgQm9yw6VzMQswCQYDVQQLEwJH -RjEZMBcGA1UEAxMQcmVnaXN0cmVyYS5oYi5zZTCBnzANBgkqhkiG9w0BAQEFAAOB -jQAwgYkCgYEAyN72d/ptyFijjHr3r/6TzZUHYbBAxMBfLCLhBcTYUoSs1NmVfq4v -j9Gg9o9p4YHNkciQ3IlG/gX6YpbhdVNVAwoer+NAAwv7kyh6pCPYs1/UbT2cNdt4 -+2pmVGYYvephTGdiPD/l6+eJ2MSLIjg1OPyLLIc55/QwckVZ+aNxG5UCAwEAAaOC -AXgwggF0MB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdXR+qQ47ntMB0GA1UdDgQW -BBThMU05NRahK0xF+83OWb60YYywkDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/ -BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGAYDVR0gBBEwDzAN -BgsrBgEEAbIxAQICHTA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLnRjcy50 -ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNybDBtBggrBgEFBQcBAQRhMF8wNQYIKwYB -BQUHMAKGKWh0dHA6Ly9jcnQudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0EuY3J0 -MCYGCCsGAQUFBzABhhpodHRwOi8vb2NzcC50Y3MudGVyZW5hLm9yZzAwBgNVHREE -KTAnghByZWdpc3RyZXJhLmhiLnNlghN2bS1yZWdpc3RyZXJhLmhiLnNlMA0GCSqG -SIb3DQEBBQUAA4IBAQCb7n3q9y9pWZoFLkQTfjkf+/CmXKP2KqLYRDutieeAN7HG -m4odw7GslpKCcl7wkrRRGRAMj0SIbKP8sQoBfTebL1tIM6Yj+Tba2Ew+u0aGnXpv -YuBPTLErr2fkkk/ZcY4JeqB3FTqes195SZF8WVtxJeI88dFMjK9kOLA5CK2EE/bd -y+LBcpEC8uLx4GF6FJl5eQbnrR25A+VDqkxY+UtAVX/3m+XIeIg6n70LvnFTJmy+ -MbcotK0FqbwSIN7oyLWe5SjUSkrf/LAD/R3CXyGZvcGuUx3cX1ur7exlKMun6/lP -Ni1kp0+3QaewFNePHmM8yl2mPmQulTWmlzOZN9ue -</ds:X509Certificate> - </ds:X509Data> - </ds:KeyInfo> - </md:KeyDescriptor> - <md:KeyDescriptor use="encryption"> - <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> - <ds:KeyName>registrera.hb.se</ds:KeyName> - <ds:KeyName>vm-registrera.hb.se</ds:KeyName> - <ds:X509Data> - <ds:X509SubjectName>CN=registrera.hb.se,OU=GF,O=H\C3\B6gskolan i Bor\C3\A5s,C=SE</ds:X509SubjectName> - <ds:X509Certificate>MIIECjCCAvKgAwIBAgIRAMRSDmNt6njEH0n9VYTNaVgwDQYJKoZIhvcNAQEFBQAw -NjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5B -IFNTTCBDQTAeFw0wOTEyMTQwMDAwMDBaFw0xMjEyMTMyMzU5NTlaMFMxCzAJBgNV -BAYTAlNFMRwwGgYDVQQKDBNIw7Znc2tvbGFuIGkgQm9yw6VzMQswCQYDVQQLEwJH -RjEZMBcGA1UEAxMQcmVnaXN0cmVyYS5oYi5zZTCBnzANBgkqhkiG9w0BAQEFAAOB -jQAwgYkCgYEAyN72d/ptyFijjHr3r/6TzZUHYbBAxMBfLCLhBcTYUoSs1NmVfq4v -j9Gg9o9p4YHNkciQ3IlG/gX6YpbhdVNVAwoer+NAAwv7kyh6pCPYs1/UbT2cNdt4 -+2pmVGYYvephTGdiPD/l6+eJ2MSLIjg1OPyLLIc55/QwckVZ+aNxG5UCAwEAAaOC -AXgwggF0MB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdXR+qQ47ntMB0GA1UdDgQW -BBThMU05NRahK0xF+83OWb60YYywkDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/ -BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGAYDVR0gBBEwDzAN -BgsrBgEEAbIxAQICHTA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLnRjcy50 -ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNybDBtBggrBgEFBQcBAQRhMF8wNQYIKwYB -BQUHMAKGKWh0dHA6Ly9jcnQudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0EuY3J0 -MCYGCCsGAQUFBzABhhpodHRwOi8vb2NzcC50Y3MudGVyZW5hLm9yZzAwBgNVHREE -KTAnghByZWdpc3RyZXJhLmhiLnNlghN2bS1yZWdpc3RyZXJhLmhiLnNlMA0GCSqG -SIb3DQEBBQUAA4IBAQCb7n3q9y9pWZoFLkQTfjkf+/CmXKP2KqLYRDutieeAN7HG -m4odw7GslpKCcl7wkrRRGRAMj0SIbKP8sQoBfTebL1tIM6Yj+Tba2Ew+u0aGnXpv -YuBPTLErr2fkkk/ZcY4JeqB3FTqes195SZF8WVtxJeI88dFMjK9kOLA5CK2EE/bd -y+LBcpEC8uLx4GF6FJl5eQbnrR25A+VDqkxY+UtAVX/3m+XIeIg6n70LvnFTJmy+ -MbcotK0FqbwSIN7oyLWe5SjUSkrf/LAD/R3CXyGZvcGuUx3cX1ur7exlKMun6/lP -Ni1kp0+3QaewFNePHmM8yl2mPmQulTWmlzOZN9ue -</ds:X509Certificate> - </ds:X509Data> - </ds:KeyInfo> - </md:KeyDescriptor> - <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://registrera.hb.se/Shibboleth.sso/Artifact/SOAP" index="1"/> - <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://registrera.hb.se/Shibboleth.sso/SLO/SOAP"/> - <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://registrera.hb.se/Shibboleth.sso/SLO/Redirect"/> - <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://registrera.hb.se/Shibboleth.sso/SLO/POST"/> - <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://registrera.hb.se/Shibboleth.sso/SLO/Artifact"/> - <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://registrera.hb.se/Shibboleth.sso/NIM/SOAP"/> - <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://registrera.hb.se/Shibboleth.sso/NIM/Redirect"/> - <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://registrera.hb.se/Shibboleth.sso/NIM/POST"/> - <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://registrera.hb.se/Shibboleth.sso/NIM/Artifact"/> - <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://registrera.hb.se/Shibboleth.sso/SAML2/POST" index="1"/> - <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://registrera.hb.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/> - <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://registrera.hb.se/Shibboleth.sso/SAML2/Artifact" index="3"/> - <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://registrera.hb.se/Shibboleth.sso/SAML2/ECP" index="4"/> - <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://registrera.hb.se/Shibboleth.sso/SAML/POST" index="5"/> - <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://registrera.hb.se/Shibboleth.sso/SAML/Artifact" index="6"/> - </md:SPSSODescriptor> -</md:EntityDescriptor> diff --git a/swamid-2.0/scalear-saml.herokuapp.com.xml b/swamid-2.0/scalear-saml.herokuapp.com.xml index 5a61fc2f..0151e980 100644 --- a/swamid-2.0/scalear-saml.herokuapp.com.xml +++ b/swamid-2.0/scalear-saml.herokuapp.com.xml @@ -29,11 +29,12 @@ </ds:KeyInfo> </md:KeyDescriptor> <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat> + <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" index="1" Location="https://scalear-saml.herokuapp.com/saml/consume"/> </md:SPSSODescriptor> <md:Organization> <md:OrganizationName xml:lang="en">Scalable Learning</md:OrganizationName> <md:OrganizationDisplayName xml:lang="en">Scalable Learning</md:OrganizationDisplayName> - <md:OrganizationURL xml:lang="en">www.scalable-learning.com</md:OrganizationURL> + <md:OrganizationURL xml:lang="en">https://www.scalable-learning.com</md:OrganizationURL> </md:Organization> </md:EntityDescriptor> diff --git a/swamid-2.0/scalear-staging2.herokuapp.com.xml b/swamid-2.0/scalear-staging2.herokuapp.com.xml index b25203f0..84057d0d 100644 --- a/swamid-2.0/scalear-staging2.herokuapp.com.xml +++ b/swamid-2.0/scalear-staging2.herokuapp.com.xml @@ -48,9 +48,8 @@ qONqqzvm+WBOIQ== </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> - <md:NameIDFormat> -urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress -</md:NameIDFormat> + <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat> + <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" index="1" Location="https://scalear-staging2.herokuapp.com/saml/consume"/> <md:AttributeConsumingService index="0"> <md:ServiceName xml:lang="en">Scalable Learning</md:ServiceName> diff --git a/swamid-2.0/selfservice.hb.se-shibboleth.xml b/swamid-2.0/selfservice.hb.se-shibboleth.xml index 597d31e9..ebf94887 100644 --- a/swamid-2.0/selfservice.hb.se-shibboleth.xml +++ b/swamid-2.0/selfservice.hb.se-shibboleth.xml @@ -1,22 +1,22 @@ <?xml version="1.0" encoding="UTF-8"?> <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://selfservice.hb.se/Shibboleth"> - <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"> - <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> - <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> - <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> - <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> - <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> - <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> - <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> - <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> - <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> - <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> - <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> - <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> - <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> - <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> - <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> + <md:Extensions> + <alg:DigestMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> + <alg:DigestMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> + <alg:DigestMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <alg:DigestMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> + <alg:DigestMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> + <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> + <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> + <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> + <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> + <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> + <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> + <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category"> <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue> @@ -32,18 +32,18 @@ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://selfservice.hb.se/Shibboleth.sso/DS/ds.swamid.se"/> <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://selfservice.hb.se/Shibboleth.sso/DS/ds.swamid.se" index="2"/> <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://selfservice.hb.se/Shibboleth.sso/WAYF/shibboleth.antagning.se"/> - <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://registrera.hb.se/Shibboleth.sso/Login"/> - <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://registrera.hb.se/Shibboleth.sso/Login" index="1"/> - <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://registrera.hb.se/Shibboleth.sso/DS/ds.swamid.se"/> - <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://registrera.hb.se/Shibboleth.sso/DS/ds.swamid.se" index="2"/> - <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://registrera.hb.se/Shibboleth.sso/WAYF/shibboleth.antagning.se"/> <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://konto.hb.se/Shibboleth.sso/Login"/> <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://konto.hb.se/Shibboleth.sso/Login" index="1"/> <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://konto.hb.se/Shibboleth.sso/DS/ds.swamid.se"/> <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://konto.hb.se/Shibboleth.sso/DS/ds.swamid.se" index="2"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://admin.konto.hb.se/Shibboleth.sso/Login"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://admin.konto.hb.se/Shibboleth.sso/Login" index="1"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://admin.konto.hb.se/Shibboleth.sso/DS/ds.swamid.se"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://admin.konto.hb.se/Shibboleth.sso/DS/ds.swamid.se" index="2"/> <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://konto.hb.se/Shibboleth.sso/WAYF/shibboleth.antagning.se"/> <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://konto.hb.se/Shibboleth.sso/WAYF/login.idp.eduid.se"/> <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://konto.hb.se/Shibboleth.sso/https://idp.hb.se/idp/profile/Shibboleth/SSO"/> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://admin.konto.hb.se/Shibboleth.sso/https://idp.hb.se/idp/profile/Shibboleth/SSO"/> <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> <mdui:DisplayName xml:lang="sv">HB SelfService</mdui:DisplayName> <mdui:DisplayName xml:lang="en">HB SelfService</mdui:DisplayName> @@ -86,34 +86,34 @@ JiEYVlHMJBAwzl9O8U5S35FL0p5iFCCIEvwgoNzeaktYyd0JXC847Y75LM1RcA== <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> </md:KeyDescriptor> <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://selfservice.hb.se/Shibboleth.sso/Artifact/SOAP" index="1"/> - <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://registrera.hb.se/Shibboleth.sso/Artifact/SOAP" index="1"/> <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://konto.hb.se/Shibboleth.sso/Artifact/SOAP" index="1"/> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://admin.konto.hb.se/Shibboleth.sso/Artifact/SOAP" index="1"/> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://selfservice.hb.se/Shibboleth.sso/SLO/SOAP"/> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://selfservice.hb.se/Shibboleth.sso/SLO/Redirect"/> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://selfservice.hb.se/Shibboleth.sso/SLO/POST"/> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://selfservice.hb.se/Shibboleth.sso/SLO/Artifact"/> - <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://registrera.hb.se/Shibboleth.sso/SLO/SOAP"/> - <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://registrera.hb.se/Shibboleth.sso/SLO/Redirect"/> - <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://registrera.hb.se/Shibboleth.sso/SLO/POST"/> - <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://registrera.hb.se/Shibboleth.sso/SLO/Artifact"/> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://konto.hb.se/Shibboleth.sso/SLO/SOAP"/> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://konto.hb.se/Shibboleth.sso/SLO/Redirect"/> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://konto.hb.se/Shibboleth.sso/SLO/POST"/> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://konto.hb.se/Shibboleth.sso/SLO/Artifact"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://admin.konto.hb.se/Shibboleth.sso/SLO/SOAP"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://admin.konto.hb.se/Shibboleth.sso/SLO/Redirect"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://admin.konto.hb.se/Shibboleth.sso/SLO/POST"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://admin.konto.hb.se/Shibboleth.sso/SLO/Artifact"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://selfservice.hb.se/Shibboleth.sso/SAML2/POST" index="1"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://selfservice.hb.se/Shibboleth.sso/SAML2/Artifact" index="3"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://selfservice.hb.se/Shibboleth.sso/SAML2/ECP" index="4"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://selfservice.hb.se/Shibboleth.sso/SAML/POST" index="5"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://selfservice.hb.se/Shibboleth.sso/SAML/Artifact" index="6"/> - <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://registrera.hb.se/Shibboleth.sso/SAML2/POST" index="1"/> - <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://registrera.hb.se/Shibboleth.sso/SAML2/Artifact" index="3"/> - <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://registrera.hb.se/Shibboleth.sso/SAML2/ECP" index="4"/> - <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://registrera.hb.se/Shibboleth.sso/SAML/POST" index="5"/> - <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://registrera.hb.se/Shibboleth.sso/SAML/Artifact" index="6"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://konto.hb.se/Shibboleth.sso/SAML2/POST" index="1"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://konto.hb.se/Shibboleth.sso/SAML2/Artifact" index="3"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://konto.hb.se/Shibboleth.sso/SAML2/ECP" index="4"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://konto.hb.se/Shibboleth.sso/SAML/POST" index="5"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://konto.hb.se/Shibboleth.sso/SAML/Artifact" index="6"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://admin.konto.hb.se/Shibboleth.sso/SAML2/POST" index="1"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://admin.konto.hb.se/Shibboleth.sso/SAML2/Artifact" index="3"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://admin.konto.hb.se/Shibboleth.sso/SAML2/ECP" index="4"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://admin.konto.hb.se/Shibboleth.sso/SAML/POST" index="5"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://admin.konto.hb.se/Shibboleth.sso/SAML/Artifact" index="6"/> </md:SPSSODescriptor> </md:EntityDescriptor> diff --git a/swamid-2.0/shibboleth.msacademicverify.com-shibboleth-sp.xml b/swamid-2.0/shibboleth.msacademicverify.com-shibboleth-sp.xml index e3122a3b..3ea42757 100644 --- a/swamid-2.0/shibboleth.msacademicverify.com-shibboleth-sp.xml +++ b/swamid-2.0/shibboleth.msacademicverify.com-shibboleth-sp.xml @@ -62,8 +62,8 @@ <EmailAddress>mailto:avesupp@microsoft.com</EmailAddress> </ContactPerson> <ContactPerson contactType="administrative"> - <GivenName>Jhansi Reddy</GivenName> - <EmailAddress>mailto:jhansir@microsoft.com</EmailAddress> + <GivenName>Gaurav Kakodkar</GivenName> + <EmailAddress>mailto:gauraka@microsoft.com</EmailAddress> </ContactPerson> <ContactPerson contactType="support"> <GivenName>AVE Support</GivenName> diff --git a/swamid-2.0/staging.cloudmore.com-shibboleth.xml b/swamid-2.0/staging.cloudmore.com-shibboleth.xml new file mode 100644 index 00000000..e489216f --- /dev/null +++ b/swamid-2.0/staging.cloudmore.com-shibboleth.xml @@ -0,0 +1,92 @@ +<?xml version="1.0" encoding="UTF-8"?> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://staging.cloudmore.com/shibboleth"> + <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> + <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> + </md:Extensions> + <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol"> + <md:Extensions> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://staging.cloudmore.com/Shibboleth.sso/Login"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://staging.cloudmore.com/Shibboleth.sso/Login" index="1"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://staging.cloudmore.com/Shibboleth.sso/Login" index="2"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://staging.cloudmore.com/Shibboleth.sso/Login" index="3"/> + <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> + <mdui:DisplayName xml:lang="en">Cloudmore</mdui:DisplayName> + <mdui:Description xml:lang="en">Cloud Brokerage Platform for IT, Business and Public Sector</mdui:Description> + <mdui:InformationURL xml:lang="en">http://web.cloudmore.com/</mdui:InformationURL> + <mdui:Logo height="300" width="300">https://cloudmore.com/Files/Uploads/Shibboleth/Cloudmore-green-icon.png</mdui:Logo> + </mdui:UIInfo> + </md:Extensions> + <md:KeyDescriptor> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:KeyName>stoprvfe01.domain01.net</ds:KeyName> + <ds:X509Data> + <ds:X509SubjectName>CN=stoprvfe01.domain01.net</ds:X509SubjectName> + <ds:X509Certificate>MIIEDDCCAnSgAwIBAgIJAJOLmVdtpocoMA0GCSqGSIb3DQEBCwUAMCIxIDAeBgNV +BAMTF3N0b3BydmZlMDEuZG9tYWluMDEubmV0MB4XDTE3MDkwNTE5MDYyN1oXDTI3 +MDkwMzE5MDYyN1owIjEgMB4GA1UEAxMXc3RvcHJ2ZmUwMS5kb21haW4wMS5uZXQw +ggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQC4YLswQuTzT9JcYWFe8PFZ +oR/liIkoELde+7fJquGIUps2PflaSFcb8qf8LFik8OqB/WI3d1+ORN6S7TDrXbUN +S+TNz4ngmc+qw3FQrHooleAgciPUpvA68g7qHGEjqqC4MggOWf31da7ICgpl+j8L +rCdGWk0ea4rgH9KT9iercYdJfk41dS6VkwT2ARQVignuDMkqOV9BlR3fEyKFz7VL +Kc+zYz0vtcSMIx85BffZ24oMbETeJkRCFUMqGkagsf/KKeTVRCbEnOosWYsac/Lj +xQxFD+aKaKP5z6Wvd9EDKAa5egS5m556z58LUiUXT4QcRqc43OTcoI1OefeQT+B7 +0chHWZRXGzZWxNsDgbjUhBLcELh1H9ehc99TaNIXeIyYJgfZp2zXAsE8UGUqpL5p +JI+OG/7au2kVipcQqbiMxYm+FhyLqzgRhNQrP4wXPee9Psyvy0ylIwveUY83uwBV +EsAiyg6LD3KnYC4sZlr80GJ4l1Cp+4Q0101q6WeZRjMCAwEAAaNFMEMwIgYDVR0R +BBswGYIXc3RvcHJ2ZmUwMS5kb21haW4wMS5uZXQwHQYDVR0OBBYEFHzZ8nn/1Zj8 +kxrK0kLw3RlA/t9hMA0GCSqGSIb3DQEBCwUAA4IBgQCAOrmhhFLsfqYx6K+wKt7I +HCqbsB0bhM8pccqWmUaUWP1WlRJOupIpOmP5FvIgvVtXsuEzUKd1voPF4DMfzaV6 +ACU6DxLf0lZ/3NrwM9ipVEE/zpXMHvBTn5802wcOIIm7hF+If83QM79ogex6b7gW +oLhWfu1yz+2La4twB+6zkcz9THgkgSn0UtUNwd0HzyyHZ3SZuOMCGUIuyz+19c1n ++KX6CjsXpMcJ4Oc1HsbtCKNkvEwNudxeiXWSWzj5MQHMcALE/ybOiQ/NMmj5SUzt +oySXpA6JvX5PwGbuyuy1j4u6gwunYWXWzA0/bEyYADM47ZfNhzD+52b3sVaM1ROB +TFv0Jq/k9XzQGKyrxphatYKLFZZ92DBDrtnwE3YsIXYc8qzWV7fDbSdvJe6eRBJV +nnp6KW+OGs5W4irV/BM+AE0LMh7hb4xWfN1xO8Z2nrgAWHNJUkFw74FkEa94t9Y4 +KG+MY9n4aaqecV40ScxWptqZOJPVWBH4Yh1BocVylDM= +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/> + <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> + </md:KeyDescriptor> + <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://staging.cloudmore.com/Shibboleth.sso/Artifact/SOAP" index="1"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://staging.cloudmore.com/Shibboleth.sso/SLO/SOAP"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://staging.cloudmore.com/Shibboleth.sso/SLO/Redirect"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://staging.cloudmore.com/Shibboleth.sso/SLO/POST"/> + <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://staging.cloudmore.com/Shibboleth.sso/SLO/Artifact"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://staging.cloudmore.com/Shibboleth.sso/SAML2/POST" index="1"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://staging.cloudmore.com/Shibboleth.sso/SAML2/ECP" index="4"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://staging.cloudmore.com/Shibboleth.sso/SAML/POST" index="5"/> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://staging.cloudmore.com/Shibboleth.sso/SAML/Artifact" index="6"/> + </md:SPSSODescriptor> + <md:Organization> + <md:OrganizationName xml:lang="en">Cloudmore AB</md:OrganizationName> + <md:OrganizationDisplayName xml:lang="en">Cloudmore</md:OrganizationDisplayName> + <md:OrganizationURL xml:lang="en">http://www.cloudmore.com/</md:OrganizationURL> + </md:Organization> + <md:ContactPerson contactType="technical"> + <md:EmailAddress>mailto:support@cloudmore.com</md:EmailAddress> + </md:ContactPerson> +</md:EntityDescriptor> diff --git a/swamid-2.0/student.utb2.ladok.se-student-sp.xml b/swamid-2.0/student.utb2.ladok.se-student-sp.xml index 2cb3f99f..21164139 100644 --- a/swamid-2.0/student.utb2.ladok.se-student-sp.xml +++ b/swamid-2.0/student.utb2.ladok.se-student-sp.xml @@ -30,12 +30,14 @@ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://student.utb2.ladok.se/Shibboleth.sso/Login"/> <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://student.utb2.ladok.se/Shibboleth.sso/Login" index="1"/> <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> - <mdui:DisplayName xml:lang="sv">Ladok student.utb2.ladok.se</mdui:DisplayName> - <mdui:DisplayName xml:lang="en">Ladok student.utb2.ladok.se</mdui:DisplayName> - <mdui:InformationURL xml:lang="sv">https://www.ladok.se/</mdui:InformationURL> + <mdui:DisplayName xml:lang="sv">Ladok studentgränssnitt student.utb2.ladok.se</mdui:DisplayName> + <mdui:DisplayName xml:lang="en">Ladok student web student.utb2.ladok.se</mdui:DisplayName> <mdui:Description xml:lang="sv">Studieadministrativt systemstöd för universitet och högskolor i Sverige (Ladok)</mdui:Description> <mdui:Description xml:lang="en">Administration system for higher education in Sweden (Ladok)</mdui:Description> - <mdui:Logo height="64" width="64">https://student.utb2.ladok.se/branded/HSK/logo.png</mdui:Logo> + <mdui:Logo xml:lang="sv" width="96" height="98">https://student.utb2.ladok.se/logo/ladok_sv.png</mdui:Logo> + <mdui:Logo xml:lang="en" width="96" height="98">https://student.utb2.ladok.se/logo/ladok_en.png</mdui:Logo> + <mdui:InformationURL xml:lang="sv">http://www.ladok.se/</mdui:InformationURL> + <mdui:InformationURL xml:lang="en">http://www.ladok.se/</mdui:InformationURL> </mdui:UIInfo> </md:Extensions> <md:KeyDescriptor> @@ -44,25 +46,7 @@ <ds:KeyName>student.utb2.ladok.se</ds:KeyName> <ds:X509Data> <ds:X509SubjectName>CN=student.utb2.ladok.se</ds:X509SubjectName> - <ds:X509Certificate>MIIDMDCCAhigAwIBAgIJAPStLfWtHv8eMA0GCSqGSIb3DQEBCwUAMCAxHjAcBgNV -BAMTFXN0dWRlbnQudXRiMi5sYWRvay5zZTAeFw0xNzAzMTMxMTE2MjRaFw0yNzAz -MTExMTE2MjRaMCAxHjAcBgNVBAMTFXN0dWRlbnQudXRiMi5sYWRvay5zZTCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOHMrGo61ebP4mT48B02x/WdSwpm -qG0RDGdcPx01jqNRph3bQj2PbWGpFBt2mRJALZCCbf9sIhGiaXWYROJxn54mWIkj -eQv5rgzjhj/FcCxiVm3Er8Dq6tv3vjZwcuH5q9/SxGGRQO6bo5igNebqEgAeoXFl -FFVO2apZP5qE4BZ8Fb+8mZbpsVnqEfe0AXCT4Lsd22zoN7P43HslWWYeli5dcg11 -/AK3Rde+SSD4nfhYJZw3XrWdOV1cquG0BdCd/JKH0oVb08yZPs06XELuLYFAjkYK -hWDRBV0YSZHpO9HFozBymBZKi7BTMrsTSoi1dv6m72pB4eUaBDbv5/lWyHECAwEA -AaNtMGswSgYDVR0RBEMwQYIVc3R1ZGVudC51dGIyLmxhZG9rLnNlhihodHRwczov -L3N0dWRlbnQudXRiMi5sYWRvay5zZS9zdHVkZW50LXNwMB0GA1UdDgQWBBSKmgbx -JDLd0/W1fs93U05dmzalRzANBgkqhkiG9w0BAQsFAAOCAQEAZlLv1eyFfQita2n/ -OlbHh5WR24EQos4lJd+g1pznm0M7KqfI2p+18HxDoC5P/S3mpV1EANdU2NGd2foS -pbcQ8aoBTg6nFa/kHqObUkdneozEMMAGt+jecsFaR0oWmsBpp/yMViRrYEmFF+sv -eoKnMsOtpdd/SmKBaexq2hNpGZXDylBzsd4i4N9EYaq1rbPTinFoLbQQL5D0/FTM -bEpwFk9wqlwDyoODf67DB0n+oEyluHhfi7sKzEupjsGnmsZYGMTlCxOtUW+cwTY1 -4xqevJh6KPmpUjpRCWRMEIkCUEwfNB/D23IkXYoYpr3cy2VFPL9rAKHPANAyOH6j -EkBQkA== -</ds:X509Certificate> + <ds:X509Certificate>MIIDMDCCAhigAwIBAgIJAKAR9zTEEIJvMA0GCSqGSIb3DQEBCwUAMCAxHjAcBgNVBAMTFXN0dWRlbnQudXRiMi5sYWRvay5zZTAeFw0xNzA5MTEwODQ1MDdaFw0yNzA5MDkwODQ1MDdaMCAxHjAcBgNVBAMTFXN0dWRlbnQudXRiMi5sYWRvay5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALrVHWfo2d1CKpW1zEeWKC3MQnnHzlSfOW0NcsnAvGY44wU2sCuP2OxtJcVO8fXLt88DSTakvRPca4ipwW+8phNUa3KMDz5fcIWI557t+VvbuaHfc6BbaP4tLBGoOIGEQ9bdE6rhHKpP5UXOgwW1bRRPAyWSwn9vw7GI0PHpsYNibQa4mHvHIitCffHQTyz+jgD1Z7sxNIjkCVrojkfG2HYHMg+LFSnGh+K6C61PBmr7N0mJwQATJhNasXvAaj730UU26xFPJaRwtTiRtMnZ0Lf1rg99R0Nd82XnoopAVgTgL51dW1+cy4yHyfzeXei7gHWKRVJ+5EbUzWpfuoyyp2UCAwEAAaNtMGswSgYDVR0RBEMwQYIVc3R1ZGVudC51dGIyLmxhZG9rLnNlhihodHRwczovL3N0dWRlbnQudXRiMi5sYWRvay5zZS9zdHVkZW50LXNwMB0GA1UdDgQWBBS9YsQVdfuPYd2qyk05NsezqmfvHzANBgkqhkiG9w0BAQsFAAOCAQEACCnlmV7HyuaQ2k0vq0bgxd2vHiYF3MS660aJnAyQIY07Kh5FqQR2NdJkOOYQYrw1Adaa/2fFw2fUi86UcSswKWimleloMHx4Nwjit48cR4c6f3SSFJHNVI71IasSMv/ImRb4tN1cV1aNm+wYIfA1hikjYs/qnbz6KM17oxiAzNWwa8hy+WR/9/Yek3QXucRx4e0U/cM02xOlzko8OvdyW8Iko5PTNbGArY43y5V9pMwAH76HDNHVMCzLmMbIoYr0tFAbzicEFcjf/z0Kryklsd9alzCa6pWEtHDj2XozzaV0vZO1Ka5UGZn2OuKFPzglavkUk6/AkmFFYYkW1uxd7g==</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> @@ -90,4 +74,22 @@ EkBQkA== <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://student.utb2.ladok.se/Shibboleth.sso/SAML/POST" index="5"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://student.utb2.ladok.se/Shibboleth.sso/SAML/Artifact" index="6"/> </md:SPSSODescriptor> + <md:ContactPerson contactType="administrative"> + <md:Company>ITS, Umeå universitet</md:Company> + <md:SurName>Simon Johansson</md:SurName> + <md:EmailAddress>ladoksupport@its.umu.se</md:EmailAddress> + <md:TelephoneNumber>46907866600</md:TelephoneNumber> + </md:ContactPerson> + <md:ContactPerson contactType="technical"> + <md:Company>ITS, Umeå universitet</md:Company> + <md:SurName>Simon Johansson</md:SurName> + <md:EmailAddress>ladoksupport@its.umu.se</md:EmailAddress> + <md:TelephoneNumber>46907866600</md:TelephoneNumber> + </md:ContactPerson> + <md:ContactPerson contactType="support"> + <md:Company>ITS, Umeå universitet</md:Company> + <md:SurName>Ladok-supporten</md:SurName> + <md:EmailAddress>ladoksupport@its.umu.se</md:EmailAddress> + <md:TelephoneNumber>46907866600</md:TelephoneNumber> + </md:ContactPerson> </md:EntityDescriptor> diff --git a/swamid-2.0/test-rkh.pingpong.net-Shibboleth.sso-Metadata.xml b/swamid-2.0/test-rkh.pingpong.net-Shibboleth.sso-Metadata.xml new file mode 100644 index 00000000..73d88ff9 --- /dev/null +++ b/swamid-2.0/test-rkh.pingpong.net-Shibboleth.sso-Metadata.xml @@ -0,0 +1,42 @@ +<?xml version="1.0" encoding="UTF-8"?> +<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://test-rkh.pingpong.net/Shibboleth.sso/Metadata"> + <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <md:Extensions> + <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> + <mdui:DisplayName xml:lang="sv">TEST-PING PONG vid RKH </mdui:DisplayName> + <mdui:DisplayName xml:lang="en">TEST-PING PONG at RKH </mdui:DisplayName> + <mdui:Description xml:lang="sv">TEST-versionen av Lärplattformen PING PONG vid Röda korsets högskola. </mdui:Description> + <mdui:Description xml:lang="en">TEST-versionen av The learning platform PING PONG at The Swedish Red Cross University College. </mdui:Description> + <mdui:Logo height="168" width="50">https://test-rkh.pingpong.net/login/pingpong-logo-168x50.png </mdui:Logo> + <mdui:Logo height="16" width="16">https://test-rkh.pingpong.net/login/pingpong-logo-16x16.png + </mdui:Logo> + </mdui:UIInfo> + <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://test-rkh.pingpong.net/Shibboleth.sso/Login"/> + </md:Extensions> + <md:KeyDescriptor> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:X509Data> + <ds:X509Certificate>MIIDAzCCAeugAwIBAgIJAMVvfL7J0nz+MA0GCSqGSIb3DQEBBQUAMB8xHTAbBgNV +BAMTFGtydXNiYXIucGluZ3BvbmcubmV0MB4XDTEyMDYyODE1MDYzMFoXDTIyMDYy +NjE1MDYzMFowHzEdMBsGA1UEAxMUa3J1c2Jhci5waW5ncG9uZy5uZXQwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvh+Jg4oen/vUUGtx9eAaYY5rXtTFl +1nMfq5x3XghdSV8uPg4bQ6VXw/9fZVTnAO3iFrF1LrfjuZWhZN2iL40nXfM1isSR +mDZDF7CgqwsnoaVodgS/OyL9Q9iGOaXrM2lrN4ucuFAZcd3MUIrZjyBp3jtWkuTp +T1VHnicxVWbT8VsjrWAdj1MUFv2IeWPP1it+4dwUDZrLqKhRWnFAo8zGHXiyO+aw +U1Qb/52EShNykDHWBbtzgadLhPQzWQy5E457wvNVFbad0cc29vASufbIhzBGE/U3 +DdVI6jphpn5QMZfHhl9BLoqr9MJh1F1BRlL+HOcLXbQqg0JD/d1d7XAjAgMBAAGj +QjBAMB8GA1UdEQQYMBaCFGtydXNiYXIucGluZ3BvbmcubmV0MB0GA1UdDgQWBBQd +qBIVHafXKIz/Jr3tdLtcKbzR8zANBgkqhkiG9w0BAQUFAAOCAQEAKYOuyj800ABK +R99elNxsDEddcjmIJQbO5tAosETGVlyqqdWL2D1rtSw0CTQiaba5Ae/TcgR/fnOv +1g3uBZA26iQPbzsKGKYsB21aUEPJO0ZVhTdcid1tS672fOIZf1Y8+hmNh1psAurp +DNOpoBNLoM8S8P95Q7hM6xLM76D1R61q4kO3np/YLYwNQSsHnHddu8/9oJu5j7oV +KGPGrSczPfxG4plIUxm5tzNkHqNyYQttKrXGqdtCdkwjtYxS48G/ba1XkR/+baMf +D8OuFV1n1oNCM9fqRzlCOyA7ISZyMlfiMCP3HXs53AcrRAnUKYwkP6Q4dIPS3C4Y +LaCAPwuThQ== +</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </md:KeyDescriptor> + <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test-rkh.pingpong.net/Shibboleth.sso/SAML2/POST" index="1"/> + </md:SPSSODescriptor> +</md:EntityDescriptor> diff --git a/swamid-2.0/test.itslearning.com.xml b/swamid-2.0/test.itslearning.com.xml new file mode 100644 index 00000000..06cd9ef8 --- /dev/null +++ b/swamid-2.0/test.itslearning.com.xml @@ -0,0 +1,88 @@ +<?xml version="1.0" encoding="UTF-8"?> +<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="urn:mace:saml2v2.no:services:com.itslearning.test"> + <Extensions> + <attr:EntityAttributes xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute"> + <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category"> + <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue> + <samla:AttributeValue>http://www.swamid.se/category/eu-adequate-protection</samla:AttributeValue> + </samla:Attribute> + </attr:EntityAttributes> + </Extensions> + <SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <Extensions> + <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> + <mdui:DisplayName xml:lang="en">itslearning</mdui:DisplayName> + <mdui:DisplayName xml:lang="sv">itslearning</mdui:DisplayName> + <mdui:Description xml:lang="en">itslearning is a cloud-based LMS that connects people with passions, ideas, and each other.</mdui:Description> + <mdui:Description xml:lang="sv">itslearning is a cloud-based LMS that connects people with passions, ideas, and each other.</mdui:Description> + <mdui:InformationURL xml:lang="sv">https://itslearning.com/global/higher-education/lms-overview/</mdui:InformationURL> + <mdui:InformationURL xml:lang="en">https://itslearning.com/global/higher-education/lms-overview/</mdui:InformationURL> + <mdui:PrivacyStatementURL xml:lang="sv">https://itslearning.com/global/privacy-policy/</mdui:PrivacyStatementURL> + <mdui:PrivacyStatementURL xml:lang="en">https://itslearning.com/global/privacy-policy/</mdui:PrivacyStatementURL> + </mdui:UIInfo> + </Extensions> + <KeyDescriptor use="signing"> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:X509Data> + <ds:X509Certificate>MIIDSjCCAjKgAwIBAgIJANHlAs0Pmk6oMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV +BAMTG3Rlc3QuZWxvZ2luLml0c2xlYXJuaW5nLmNvbTAeFw0xMTA5MzAxMjExMzda +Fw0yMTA5MjcxMjExMzdaMCYxJDAiBgNVBAMTG3Rlc3QuZWxvZ2luLml0c2xlYXJu +aW5nLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOt9qnZRgl4E +zl58ZnyfD9+LHqkEwFeG1Y74/MnUftwMOsMqsZL7tvCgIflx5K9YQ4oFZR8FSVu7 +ZSqp/93uP0iMymHCxqYl7raJnAzOCHdAorucV1Epyqf+Is0NfNYcFDlr/r4jPx7d +GLjeKqkXwuvdctlLy56m5avaGgryzqwx5dB68WHOixY7ds63cx6412PXkiV2r5Ly +JiwRU+FWfajgsXRG86LXqyFj2iwPbjcNHx6iKLQ+Q31gmZuwhIFpSwTB2+Gxkx9O +l/b/c5C4eAuxHKjtS3IXgTxtYAKevLvd2OGGFoKAduodnaBJw2aQF5j/BUBhS/id +K/pAnP3QNuECAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3Bl +blNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFJ9dNm6hCTPor+EU +TkkicbHDgscTMB8GA1UdIwQYMBaAFJ9dNm6hCTPor+EUTkkicbHDgscTMA0GCSqG +SIb3DQEBBQUAA4IBAQCV8x7Ee10nAPNTHcT1NldwxzMiawBm3+nFLbbakNGlELno +cPK6317hlwNcrXxsvitrm8atJj1SCnRhybN8+qNynytoz/9g+g0kCYcXkn17yoJV +cBhcgn2gebMgy8m5o5/mtBSYSLJpkILZFUnsOvGU+dqBlnkmwgEWQNqvd8HMciPV +pC6bXuEDApnz2Ma20sPgm5J1aWQMshJLh4aUj54qQjWlGgoUEaKJWRHkUqhPMFZ+ +pPxFefcnvS2BADNY6p7jdfy+/wYcNVq9BJlg2jcp12rv27D++qmyRxsRH+47L/xC +L0Gxkp4Wyq0nkpjQ4E2v9nFsPiXf4kL8Cc7Oa87n</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </KeyDescriptor> + <KeyDescriptor use="encryption"> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:X509Data> + <ds:X509Certificate>MIIDSjCCAjKgAwIBAgIJANHlAs0Pmk6oMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV +BAMTG3Rlc3QuZWxvZ2luLml0c2xlYXJuaW5nLmNvbTAeFw0xMTA5MzAxMjExMzda +Fw0yMTA5MjcxMjExMzdaMCYxJDAiBgNVBAMTG3Rlc3QuZWxvZ2luLml0c2xlYXJu +aW5nLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOt9qnZRgl4E +zl58ZnyfD9+LHqkEwFeG1Y74/MnUftwMOsMqsZL7tvCgIflx5K9YQ4oFZR8FSVu7 +ZSqp/93uP0iMymHCxqYl7raJnAzOCHdAorucV1Epyqf+Is0NfNYcFDlr/r4jPx7d +GLjeKqkXwuvdctlLy56m5avaGgryzqwx5dB68WHOixY7ds63cx6412PXkiV2r5Ly +JiwRU+FWfajgsXRG86LXqyFj2iwPbjcNHx6iKLQ+Q31gmZuwhIFpSwTB2+Gxkx9O +l/b/c5C4eAuxHKjtS3IXgTxtYAKevLvd2OGGFoKAduodnaBJw2aQF5j/BUBhS/id +K/pAnP3QNuECAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3Bl +blNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFJ9dNm6hCTPor+EU +TkkicbHDgscTMB8GA1UdIwQYMBaAFJ9dNm6hCTPor+EUTkkicbHDgscTMA0GCSqG +SIb3DQEBBQUAA4IBAQCV8x7Ee10nAPNTHcT1NldwxzMiawBm3+nFLbbakNGlELno +cPK6317hlwNcrXxsvitrm8atJj1SCnRhybN8+qNynytoz/9g+g0kCYcXkn17yoJV +cBhcgn2gebMgy8m5o5/mtBSYSLJpkILZFUnsOvGU+dqBlnkmwgEWQNqvd8HMciPV +pC6bXuEDApnz2Ma20sPgm5J1aWQMshJLh4aUj54qQjWlGgoUEaKJWRHkUqhPMFZ+ +pPxFefcnvS2BADNY6p7jdfy+/wYcNVq9BJlg2jcp12rv27D++qmyRxsRH+47L/xC +L0Gxkp4Wyq0nkpjQ4E2v9nFsPiXf4kL8Cc7Oa87n</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + </KeyDescriptor> + <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.itsltest.com/elogin/SingleLogoutHandler.aspx"/> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> + <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.itsltest.com/elogin/AssertionConsumerService.aspx" index="0" isDefault="true"/> + </SPSSODescriptor> + <Organization> + <OrganizationName xml:lang="en">itslearning (test)</OrganizationName> + <OrganizationDisplayName xml:lang="en">itslearning (test)</OrganizationDisplayName> + <OrganizationURL xml:lang="en">http://www.itslearning.eu</OrganizationURL> + </Organization> + <ContactPerson xml:lang="en" contactType="technical"> + <EmailAddress>support@itslearning.com</EmailAddress> + </ContactPerson> + <ContactPerson xml:lang="en" contactType="support"> + <EmailAddress>support@itslearning.com</EmailAddress> + </ContactPerson> +</EntityDescriptor> diff --git a/swamid-2.0/test.scalable-learning.com.xml b/swamid-2.0/test.scalable-learning.com.xml index 24a0e60d..73d4563d 100644 --- a/swamid-2.0/test.scalable-learning.com.xml +++ b/swamid-2.0/test.scalable-learning.com.xml @@ -48,10 +48,7 @@ ROE= </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> - <md:NameIDFormat> -urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress -</md:NameIDFormat> - <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat> + <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat> <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" index="1" Location="https://test.scalable-learning.com/saml/consume"/> <md:AttributeConsumingService index="0"> diff --git a/swamid-2.0/testshib.msacademicverify.com-shibboleth-sp.xml b/swamid-2.0/testshib.msacademicverify.com-shibboleth-sp.xml index c6b7fff8..d0eae56e 100644 --- a/swamid-2.0/testshib.msacademicverify.com-shibboleth-sp.xml +++ b/swamid-2.0/testshib.msacademicverify.com-shibboleth-sp.xml @@ -56,7 +56,7 @@ wWE+vceD2r7oFUYHr1E07cyX20HwNU1LL3TthPaNhs7M2ImLlYHapw== <EmailAddress>mailto:Gerry.OBrien@microsoft.com</EmailAddress> </ContactPerson> <ContactPerson contactType="administrative"> - <GivenName>Jhansi Reddy</GivenName> - <EmailAddress>mailto:Jhansi.reddy@microsoft.com</EmailAddress> + <GivenName>Gaurav Kakodkar</GivenName> + <EmailAddress>mailto:gauraka@microsoft.com</EmailAddress> </ContactPerson> </EntityDescriptor> diff --git a/swamid-2.0/wiki.edugain.org-shibboleth.xml b/swamid-2.0/wiki.edugain.org-shibboleth.xml deleted file mode 100644 index bd0bee1b..00000000 --- a/swamid-2.0/wiki.edugain.org-shibboleth.xml +++ /dev/null @@ -1,84 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:metadata saml-schema-metadata-2.0.xsd urn:mace:shibboleth:metadata:1.0 shibboleth-metadata-1.0.xsd http://www.w3.org/2000/09/xmldsig# xmldsig-core-schema.xsd" entityID="https://wiki.edugain.org/shibboleth"> - <Extensions> - <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> - <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> - <saml:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</saml:AttributeValue> - <saml:AttributeValue>http://refeds.org/category/research-and-scholarship</saml:AttributeValue> - </saml:Attribute> - </mdattr:EntityAttributes> - </Extensions> - <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol"> - <Extensions> - <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://wiki.edugain.org/Shibboleth.sso/Login"/> - <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://wiki.edugain.org/Shibboleth.sso/Login" index="1"/> - <mdui:UIInfo> - <mdui:PrivacyStatementURL xml:lang="en">https://wiki.edugain.org/eduGAIN:Privacy_policy</mdui:PrivacyStatementURL> - <mdui:DisplayName xml:lang="en">eduGAIN Wiki</mdui:DisplayName> - <mdui:Description xml:lang="en">This wiki provides recommendations and instructions on how to enable web services for eduGAIN.</mdui:Description> - <mdui:InformationURL xml:lang="en">http://wiki.edugain.org/</mdui:InformationURL> - <mdui:DisplayName xml:lang="de">eduGAIN Wiki</mdui:DisplayName> - <mdui:Description xml:lang="de">Dieses Wiki enthält Empfehlungen und Anleitungen um Webdienste für eduGAIN anzupassen.</mdui:Description> - <mdui:DisplayName xml:lang="fr">eduGAIN Wiki</mdui:DisplayName> - <mdui:Description xml:lang="fr">Ce wiki met à disposition des recommandations et instructions expliquant comment intégrer des services web dans eduGAIN.</mdui:Description> - </mdui:UIInfo> - </Extensions> - <KeyDescriptor> - <ds:KeyInfo> - <ds:X509Data> - <ds:X509Certificate> -MIIC9zCCAd+gAwIBAgIJAMU9QRxFmNAuMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV -BAMTEHdpa2kuZWR1Z2Fpbi5vcmcwHhcNMTMwNzA0MTAzMTE0WhcNMjMwNzAyMTAz -MTE0WjAbMRkwFwYDVQQDExB3aWtpLmVkdWdhaW4ub3JnMIIBIjANBgkqhkiG9w0B -AQEFAAOCAQ8AMIIBCgKCAQEAnspkp3AJPuXFtIhJc3XTBKG8xF3Qk5CMvmDercSB -iBBJrQXsAKY+wEzZkH3gc3kFDP5J0uLHQ0wjZhwL5F7XBcqiIvbavIRtcxqVLGwQ -bySVZOfWimpm9LSguiJciJv5dPqhIyMHHkExhi6WLlqY9Am3vkvep5th7nZJ/Idt -XMMb+PkhSfmQRoZyZGh5n7nkbY88w3DHH9+i1HbyaCNS/+m2/BxQarEKWEWMngcm -yZX+eAY70QX8O9p3RTS3PT8fhgXp+gbCQWec33c1dbC37RZZQg3Iku4qlZIQc4ER -SCIkFF4x0qSCPjwDVHX2d2UypHJnbve2tKahUeOyXhtGEwIDAQABoz4wPDAbBgNV -HREEFDASghB3aWtpLmVkdWdhaW4ub3JnMB0GA1UdDgQWBBQmj8sgTfdCBiqStP+T -QyNcyrFNRTANBgkqhkiG9w0BAQUFAAOCAQEAXSa71FEzhRl0gbcHK3cKI/8SRsuM -BSJJNS/3fHQgr3q3Kozffd5r8i1sVQWd76FqjmN2ueqkYBT0XAAFTnvWUnhzSX6o -ZR7cNBsibRZHqbMQPOnxWk2IKafGT8HG+BTX/TD6ghX8OXbixuB9I+n9jNTphFGi -XklReN3a7H5LfzJZNw/IsEt/iII3vM0C3CG4udft7vPHUxoz/sg7vLB1QI5oCIKQ -czsnN6gKOhE3R9xBXmXEAe+7t0j+xUllfMpzN1visnwJfrBqmPxWZtoAofjZBUxy -nzhoxAesljRTtndfuhYcEnXorpwi2N+4SCaYnF1inyMnJz7xau5lKyxPhA== - </ds:X509Certificate> - </ds:X509Data> - </ds:KeyInfo> - </KeyDescriptor> - <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat> - <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> - <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat> - <AssertionConsumerService index="1" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://wiki.edugain.org/Shibboleth.sso/SAML2/POST"/> - <AssertionConsumerService index="2" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://wiki.edugain.org/Shibboleth.sso/SAML2/Artifact"/> - <AssertionConsumerService index="3" Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://wiki.edugain.org/Shibboleth.sso/SAML2/ECP"/> - <AssertionConsumerService index="4" isDefault="true" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://wiki.edugain.org/Shibboleth.sso/SAML/POST"/> - <AssertionConsumerService index="5" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://wiki.edugain.org/Shibboleth.sso/SAML/Artifact"/> - <AttributeConsumingService index="1"> - <ServiceName xml:lang="en">eduGAIN Wiki</ServiceName> - <ServiceDescription xml:lang="en">This wiki provides recommendations and instructions on how to enable web services for eduGAIN.</ServiceDescription> - <RequestedAttribute FriendlyName="eduPersonTargetedID" isRequired="true" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> - <RequestedAttribute FriendlyName="eduPersonPrincipalName" isRequired="true" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> - <RequestedAttribute FriendlyName="email" isRequired="false" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> - <RequestedAttribute FriendlyName="displayName" isRequired="false" Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> - <RequestedAttribute FriendlyName="surname" isRequired="false" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> - <RequestedAttribute FriendlyName="givenName" isRequired="false" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> - </AttributeConsumingService> - </SPSSODescriptor> - <Organization> - <OrganizationName xml:lang="en">geant.net</OrganizationName> - <OrganizationDisplayName xml:lang="en">GÉANT</OrganizationDisplayName> - <OrganizationURL xml:lang="en">http://www.geant.net/</OrganizationURL> - </Organization> - <ContactPerson contactType="support"> - <GivenName>eduGAIN</GivenName> - <SurName>Integration</SurName> - <EmailAddress>mailto:edugain-integration@geant.net</EmailAddress> - </ContactPerson> - <ContactPerson contactType="technical"> - <GivenName>eduGAIN</GivenName> - <SurName>Operation</SurName> - <EmailAddress>mailto:edugain-ot@geant.net</EmailAddress> - </ContactPerson> -</EntityDescriptor> diff --git a/swamid-2.0/www.scalable-learning.com.xml b/swamid-2.0/www.scalable-learning.com.xml index 5d337d8b..1c6ae3ef 100644 --- a/swamid-2.0/www.scalable-learning.com.xml +++ b/swamid-2.0/www.scalable-learning.com.xml @@ -47,9 +47,8 @@ fkpQngoTsFRNOJ5gwo2dZAVQYRBKXToI2elv5qW151WnpWn9gdQjaW7zzKSkPDRf </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> - <md:NameIDFormat> -urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress -</md:NameIDFormat> + <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat> + <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" index="1" Location="https://www.scalable-learning.com/saml/consume"/> <md:AttributeConsumingService index="0"> <md:ServiceName xml:lang="en">Scalable Learning</md:ServiceName> @@ -66,6 +65,14 @@ urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress <md:Organization> <md:OrganizationName xml:lang="en">Scalable Learning</md:OrganizationName> <md:OrganizationDisplayName xml:lang="en">Scalable Learning</md:OrganizationDisplayName> - <md:OrganizationURL xml:lang="en">www.scalable-learning.com</md:OrganizationURL> + <md:OrganizationURL xml:lang="en">https://www.scalable-learning.com</md:OrganizationURL> </md:Organization> + <md:ContactPerson xmlns="urn:oasis:names:tc:SAML:2.0:metadata" contactType="technical"> + <Company>ScalableLearning</Company> + <EmailAddress>mailto:support@scalable-learning.com</EmailAddress> + </md:ContactPerson> + <md:ContactPerson xmlns="urn:oasis:names:tc:SAML:2.0:metadata" contactType="administrative"> + <Company>ScalableLearning</Company> + <EmailAddress>mailto:support@scalable-learning.com</EmailAddress> + </md:ContactPerson> </md:EntityDescriptor> diff --git a/swamid-2.0/www.utb2.ladok.se-gui-sp.xml b/swamid-2.0/www.utb2.ladok.se-gui-sp.xml index fdec7332..4ad85b88 100644 --- a/swamid-2.0/www.utb2.ladok.se-gui-sp.xml +++ b/swamid-2.0/www.utb2.ladok.se-gui-sp.xml @@ -31,10 +31,12 @@ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> <mdui:DisplayName xml:lang="sv">Ladok www.utb2.ladok.se</mdui:DisplayName> <mdui:DisplayName xml:lang="en">Ladok www.utb2.ladok.se</mdui:DisplayName> - <mdui:InformationURL xml:lang="sv">https://www.ladok.se/</mdui:InformationURL> <mdui:Description xml:lang="sv">Studieadministrativt systemstöd för universitet och högskolor i Sverige (Ladok)</mdui:Description> <mdui:Description xml:lang="en">Administration system for higher education in Sweden (Ladok)</mdui:Description> - <mdui:Logo height="64" width="64">https://www.utb2.ladok.se/branded/HSK/logo.png</mdui:Logo> + <mdui:Logo xml:lang="sv" width="96" height="98">https://www.utb2.ladok.se/logo/ladok_sv.png</mdui:Logo> + <mdui:Logo xml:lang="en" width="96" height="98">https://www.utb2.ladok.se/logo/ladok_en.png</mdui:Logo> + <mdui:InformationURL xml:lang="sv">http://www.ladok.se/</mdui:InformationURL> + <mdui:InformationURL xml:lang="en">http://www.ladok.se/</mdui:InformationURL> </mdui:UIInfo> </md:Extensions> <md:KeyDescriptor> @@ -43,24 +45,7 @@ <ds:KeyName>www.utb2.ladok.se</ds:KeyName> <ds:X509Data> <ds:X509SubjectName>CN=www.utb2.ladok.se</ds:X509SubjectName> - <ds:X509Certificate>MIIDHDCCAgSgAwIBAgIJAIf7iqkGRjAYMA0GCSqGSIb3DQEBCwUAMBwxGjAYBgNV -BAMTEXd3dy51dGIyLmxhZG9rLnNlMB4XDTE3MDMxMzA5NTk1OVoXDTI3MDMxMTA5 -NTk1OVowHDEaMBgGA1UEAxMRd3d3LnV0YjIubGFkb2suc2UwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQDMMRaelknlKLqzo0ieyuezfWszMG34yEsWGx/i -ELokGpYrxuPM7amP+E5V2DbsmWgBTJFD+zkV3es2EQPt5CVD9Lt1JRD/Fnyax3aP -83VURF+joV3J+fp1VSfEcvE5lZkUncan8Vdj/xs2pLJUP3MtN7VbLSwjDJvYpyp6 -+hJxtldh6xJ3NcA6+XyY/ZAHHbK0GG/u1mMjUk28E5aZv3U4Lwb3h77rGZrGP3r8 -5KyI3VYexjbwkklfepFS2iFx6rGHs64Kq9Z0/7SlnYRIEF0A8GPxrmYYMYKM0QOs -7zG9X0nHMNdEOpo2QZberJs7xbs4XKgOgf4iKMpjn/4qKeLbAgMBAAGjYTBfMD4G -A1UdEQQ3MDWCEXd3dy51dGIyLmxhZG9rLnNlhiBodHRwczovL3d3dy51dGIyLmxh -ZG9rLnNlL2d1aS1zcDAdBgNVHQ4EFgQUv6vJR6glRnsS32nclhRryJOAN94wDQYJ -KoZIhvcNAQELBQADggEBAAL5pkqnkYJeezBb8Agmp8uHSMd+8laNbhv0fvUhGznV -y+PgROw7HZ15oMZ0vXZlHpeRWpDJ39D0mjgmZDVG2TqoQQh5NVTjsEfFMeRybDPw -ejvY8pFEBFxejqpizIYFGELUG1K+K0QRIOWY0rBojWP0uceRJqMW7DQQMTRBkDKG -f21oSOpTDq5Qsynm3dRESp+ur5gBnONn0ayIuVehypt80sXLpF3QOCf/8cgTlKTA -J2SulBZ/GU8WpyiZFlc7c2Ngw+yFfpOR5+6ez5jApKvwQ2vVm23BIdJw0KFq6Aln -soJZI3B7GaeKhEWM6sEi+O9NIG7neyjJMWpXT0xQxec= -</ds:X509Certificate> + <ds:X509Certificate>MIIDHDCCAgSgAwIBAgIJAPbas4xUoylGMA0GCSqGSIb3DQEBCwUAMBwxGjAYBgNVBAMTEXd3dy51dGIyLmxhZG9rLnNlMB4XDTE3MDkxMTA4MzQyOVoXDTI3MDkwOTA4MzQyOVowHDEaMBgGA1UEAxMRd3d3LnV0YjIubGFkb2suc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFXKWe12Tgp7gaml8ig7fJ6fpclWYzBkbicnfzjWdRJjsjAz+Gsah1fAfHngB7fOyanxh/LqOw/nTZ2dOojIH9+aSkObDY0dnmZtMIL7FZBr119VXqKCAvdm+mv0OgMY0tDaqtcTzBCLUSpEndkq7qqfkZJrH9lL39bl2y56GBOsPp5cD2J7f2s3SdZKcqslODLfplKjU0mWy2gSGZEp3Ug8U8ARZLpA8NFGTqAk4LhhvRVJdWjVOuQ6d2KnvSiG64Hnm4hLoXCXMKRJPtuHbrw5oC1EHrUTpca/t03bK/BL8W9P6hGy2isV0dckmi5s2LBF1HkYKjEJwLq0WuvMXBAgMBAAGjYTBfMD4GA1UdEQQ3MDWCEXd3dy51dGIyLmxhZG9rLnNlhiBodHRwczovL3d3dy51dGIyLmxhZG9rLnNlL2d1aS1zcDAdBgNVHQ4EFgQUj0BdzK5wRDsho7wGPzs1fgYOZp4wDQYJKoZIhvcNAQELBQADggEBADD6kIPqxgY7pwcr8ODZjxmb98pFXxk/oDt/hz9N+gUsbI1/kMHpJj18wijMszh4Wrnt/0D17mJxIcvmHl2KMpVgqor+sSKKU9OlC9ArtlquEaBk0Oppqn0VK5HJRDQehV+YfszbUClKXwFGJ2EBFtBq5xPCr2CoggvS7jAcmOzgk2/XTygdoNW1vc7hxZ6Rj2rjBM8gR7vLGW83HxQ0epGC/n28OAUPURU7g8TiXqMgOyhKM4iJqF2wU/d8oQ9QVnH0vETud43Uk66EobTGrFnKhdi/xp3mx8wDr0aJf5u2RXtmeH7cjxJnonRzkZR+mp6Ydij9ELcpHgQWNgRK3T0=</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> @@ -88,4 +73,22 @@ soJZI3B7GaeKhEWM6sEi+O9NIG7neyjJMWpXT0xQxec= <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.utb2.ladok.se/Shibboleth.sso/SAML/POST" index="5"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.utb2.ladok.se/Shibboleth.sso/SAML/Artifact" index="6"/> </md:SPSSODescriptor> + <md:ContactPerson contactType="administrative"> + <md:Company>ITS, Umeå universitet</md:Company> + <md:SurName>Simon Johansson</md:SurName> + <md:EmailAddress>ladoksupport@its.umu.se</md:EmailAddress> + <md:TelephoneNumber>46907866600</md:TelephoneNumber> + </md:ContactPerson> + <md:ContactPerson contactType="technical"> + <md:Company>ITS, Umeå universitet</md:Company> + <md:SurName>Simon Johansson</md:SurName> + <md:EmailAddress>ladoksupport@its.umu.se</md:EmailAddress> + <md:TelephoneNumber>46907866600</md:TelephoneNumber> + </md:ContactPerson> + <md:ContactPerson contactType="support"> + <md:Company>ITS, Umeå universitet</md:Company> + <md:SurName>Ladok-supporten</md:SurName> + <md:EmailAddress>ladoksupport@its.umu.se</md:EmailAddress> + <md:TelephoneNumber>46907866600</md:TelephoneNumber> + </md:ContactPerson> </md:EntityDescriptor> |