From 1c7173e456b81877f662c75ee87b381b7a987649 Mon Sep 17 00:00:00 2001
From: Björn Mattsson <Bjorn.Mattsson@bth.se>
Date: Thu, 31 Aug 2017 11:39:08 +0200
Subject: Resolved SWAMID-184 remove of idp.suni.se

---
 swamid-2.0/idp.suni.se-adfs-services-trust.xml | 83 --------------------------
 swamid-idp-2.0.mxml                            |  1 -
 2 files changed, 84 deletions(-)
 delete mode 100644 swamid-2.0/idp.suni.se-adfs-services-trust.xml

diff --git a/swamid-2.0/idp.suni.se-adfs-services-trust.xml b/swamid-2.0/idp.suni.se-adfs-services-trust.xml
deleted file mode 100644
index 4106fb82..00000000
--- a/swamid-2.0/idp.suni.se-adfs-services-trust.xml
+++ /dev/null
@@ -1,83 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://idp.suni.se/adfs/services/trust">
-  <Extensions>
-    <shibmd:Scope regexp="false">suni.se</shibmd:Scope>
-  </Extensions>
-  <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
-    <Extensions>
-      <shibmd:Scope regexp="false">suni.se</shibmd:Scope>
-      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
-        <mdui:DisplayName xml:lang="sv">Södertörns högskola (gamla)</mdui:DisplayName>
-        <mdui:DisplayName xml:lang="en">Södertörn University (old)</mdui:DisplayName>
-        <mdui:Description xml:lang="sv">Gammal IDP för Södertörns högskola.(används endast för antagning.se).</mdui:Description>
-        <mdui:Description xml:lang="en">Old IDP for Södertörn University. (Only used for antagning.se)</mdui:Description>
-        <mdui:InformationURL xml:lang="sv">https://www.sh.se/</mdui:InformationURL>
-        <mdui:InformationURL xml:lang="en">https://www.sh.se/p3/ext/content.nsf/aget?openagent&amp;key=startsideportal_engelsk_1308725461229</mdui:InformationURL>
-        <mdui:Logo height="100" width="100">https://www.sh.se/p3/ext/res.nsf/vRes/global_1448973984543_sh_ny_logo_eng_png/$File/sh-ny-logo-eng.png</mdui:Logo>
-      </mdui:UIInfo>
-    </Extensions>
-    <KeyDescriptor use="encryption">
-      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
-        <X509Data>
-          <X509Certificate>MIIEYzCCA0ugAwIBAgIQZHPOuyVURJge5wdOa1kfEzANBgkqhkiG9w0BAQUFADA2MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEgU1NMIENBMB4XDTE0MDMxMTAwMDAwMFoXDTE3MDQzMDIzNTk1OVowOTEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRQwEgYDVQQDEwtpZHAuc3VuaS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMB0RS/jwsLGyG8DB8mIqgzTcEwb5P/7y9beizxgvlJc3dbauQogUIwZtsUn2q7qbV5h66c68bl8fi+JhtJYWXXu/rA9d6i4cQSdKXJPTMAss2ZobcRmnVSDrj0ZTJ5+JBe+fuYI3cDaLy5rGz9PcgxqINcjM4wW01pKjnZzrVqbJ1dsSfWzU5AkMwVS+10UjQYLSeHg/2PAgfDRovqTqTfMpF16DXwx+OcqnJY2yN0JcpVggQNOE9a4y9L6qe0SYbbTlqbrlrz/X+0e4gQ8sjif4PdB4AXVb0dP9D3pjfLXim8leVarNN2knOPZmmFYWKEBNS5KHlkSnHFIyNFof3UCAwEAAaOCAWgwggFkMB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdXR+qQ47ntMB0GA1UdDgQWBBT3yAYidugFyhjhPMuNGIu6pA6hfzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICHTAIBgZngQwBAgEwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcmwwbQYIKwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAChilodHRwOi8vY3J0LnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNydDAmBggrBgEFBQcwAYYaaHR0cDovL29jc3AudGNzLnRlcmVuYS5vcmcwFgYDVR0RBA8wDYILaWRwLnN1bmkuc2UwDQYJKoZIhvcNAQEFBQADggEBAAdzCLw9BLbfTeYy0fLEWT4nrH5oBJ7G1Si/vdf8dvQlUF8gbtizKI/c7871smaPHge5DdwUwY9vqRkRrzeiM/mGUSgUCkN56Y17eTzmbvRQ6EPjpiZ/dlTBycedq2TmnxLM1VbO9Xx3rK07YdSdDn+y+n4GNJlL4NCED/rVDdsEBoy+nmztLLolGztRZPv8xLbCdE2vompEA7sbDsBv4hNCjsuVSCt8FlX3rz3uqaaNcG3r5tQ8VHtrQ7xCCRScSfoYoI0sgwE5BtThwDAi1arLp/tHN5Ow500zq4m8LZEdmGBZ56M3kIHEn1n8UOUlCMWYtYw1rIhX9FYyT8Dn2bY=</X509Certificate>
-        </X509Data>
-      </KeyInfo>
-    </KeyDescriptor>
-    <KeyDescriptor use="signing">
-      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
-        <X509Data>
-          <X509Certificate>MIIEYzCCA0ugAwIBAgIQZHPOuyVURJge5wdOa1kfEzANBgkqhkiG9w0BAQUFADA2MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEgU1NMIENBMB4XDTE0MDMxMTAwMDAwMFoXDTE3MDQzMDIzNTk1OVowOTEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRQwEgYDVQQDEwtpZHAuc3VuaS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMB0RS/jwsLGyG8DB8mIqgzTcEwb5P/7y9beizxgvlJc3dbauQogUIwZtsUn2q7qbV5h66c68bl8fi+JhtJYWXXu/rA9d6i4cQSdKXJPTMAss2ZobcRmnVSDrj0ZTJ5+JBe+fuYI3cDaLy5rGz9PcgxqINcjM4wW01pKjnZzrVqbJ1dsSfWzU5AkMwVS+10UjQYLSeHg/2PAgfDRovqTqTfMpF16DXwx+OcqnJY2yN0JcpVggQNOE9a4y9L6qe0SYbbTlqbrlrz/X+0e4gQ8sjif4PdB4AXVb0dP9D3pjfLXim8leVarNN2knOPZmmFYWKEBNS5KHlkSnHFIyNFof3UCAwEAAaOCAWgwggFkMB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdXR+qQ47ntMB0GA1UdDgQWBBT3yAYidugFyhjhPMuNGIu6pA6hfzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICHTAIBgZngQwBAgEwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcmwwbQYIKwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAChilodHRwOi8vY3J0LnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNydDAmBggrBgEFBQcwAYYaaHR0cDovL29jc3AudGNzLnRlcmVuYS5vcmcwFgYDVR0RBA8wDYILaWRwLnN1bmkuc2UwDQYJKoZIhvcNAQEFBQADggEBAAdzCLw9BLbfTeYy0fLEWT4nrH5oBJ7G1Si/vdf8dvQlUF8gbtizKI/c7871smaPHge5DdwUwY9vqRkRrzeiM/mGUSgUCkN56Y17eTzmbvRQ6EPjpiZ/dlTBycedq2TmnxLM1VbO9Xx3rK07YdSdDn+y+n4GNJlL4NCED/rVDdsEBoy+nmztLLolGztRZPv8xLbCdE2vompEA7sbDsBv4hNCjsuVSCt8FlX3rz3uqaaNcG3r5tQ8VHtrQ7xCCRScSfoYoI0sgwE5BtThwDAi1arLp/tHN5Ow500zq4m8LZEdmGBZ56M3kIHEn1n8UOUlCMWYtYw1rIhX9FYyT8Dn2bY=</X509Certificate>
-        </X509Data>
-      </KeyInfo>
-    </KeyDescriptor>
-    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.suni.se/adfs/ls/"/>
-    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.suni.se/adfs/ls/"/>
-    <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
-    <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
-    <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
-    <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.suni.se/adfs/ls/"/>
-    <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.suni.se/adfs/ls/"/>
-    <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.suni.se/adfs/ls/"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/eduPersonScopedAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonScopedAffiliation"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/cn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="cn"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/eduPersonEntitlement" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonEntitlement"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Display Name"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/initials" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Initials"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/norEduPersonNIN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="norEduPersonNIN"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/socialSecurityNumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="socialSecurityNumber"/>
-    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/socialSecurityNumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="socialSecurityNumberNotOld"/>
-  </IDPSSODescriptor>
-  <Organization>
-    <OrganizationName xml:lang="sv">Södertörns högskola (gamla)</OrganizationName>
-    <OrganizationName xml:lang="en">Södertörns University (old)</OrganizationName>
-    <OrganizationDisplayName xml:lang="sv">Södertörns högskola (gamla)</OrganizationDisplayName>
-    <OrganizationURL xml:lang="sv">http://www.sh.se/</OrganizationURL>
-  </Organization>
-  <ContactPerson contactType="support">
-    <GivenName>Tomas</GivenName>
-    <SurName>Legat</SurName>
-    <EmailAddress>mailto:server@sh.se</EmailAddress>
-    <TelephoneNumber>+46(0)86084000</TelephoneNumber>
-  </ContactPerson>
-</EntityDescriptor>
diff --git a/swamid-idp-2.0.mxml b/swamid-idp-2.0.mxml
index c3b98d5d..50402ba9 100644
--- a/swamid-idp-2.0.mxml
+++ b/swamid-idp-2.0.mxml
@@ -11,7 +11,6 @@
   <xi:include href="swamid-2.0/login.ki.se-idp-shibboleth.xml"/>
   <xi:include href="swamid-2.0/idp.qa.lnu.se-idp-shibboleth.xml"/>
   <xi:include href="swamid-2.0/adfs01.fhs.se-adfs-services-trust.xml"/>
-  <xi:include href="swamid-2.0/idp.suni.se-adfs-services-trust.xml"/>
   <xi:include href="swamid-2.0/idp3.hig.se-idp-shibboleth.xml"/>
   <xi:include href="swamid-2.0/idp.sics.se-idp-shibboleth.xml"/>
   <xi:include href="swamid-2.0/idp.his.se-idp-shibboleth.xml"/>
-- 
cgit v1.2.3


From e12029fe2711d76b6837f3f14adaf1750faf3061 Mon Sep 17 00:00:00 2001
From: Björn Mattsson <Bjorn.Mattsson@bth.se>
Date: Thu, 31 Aug 2017 11:53:49 +0200
Subject: Resolved SWAMID-185 added local.cloudmore.com

---
 sp-with-simplesign                            |  1 +
 swamid-2.0/local.cloudmore.com-shibboleth.xml | 78 +++++++++++++++++++++++++++
 swamid-sp-2.0.mxml                            |  1 +
 3 files changed, 80 insertions(+)
 create mode 100644 swamid-2.0/local.cloudmore.com-shibboleth.xml

diff --git a/sp-with-simplesign b/sp-with-simplesign
index 60f5223b..3ef52b47 100644
--- a/sp-with-simplesign
+++ b/sp-with-simplesign
@@ -133,6 +133,7 @@ ladok3test.its.umu.se-gui-sp.xml
 ladok3test.its.umu.se-user-idp.xml
 lartorget.sll.se-shibbolet.xml
 livesrv.ex.vr.se-idp-shibboleth.xml
+local.cloudmore.com-shibboleth.xml
 login-dev.du.se-idp-shibboleth.xml
 login.du.se-idp-shibboleth.xml
 login.idp.hhs.se-idp-shibboleth.xml
diff --git a/swamid-2.0/local.cloudmore.com-shibboleth.xml b/swamid-2.0/local.cloudmore.com-shibboleth.xml
new file mode 100644
index 00000000..e36d8f99
--- /dev/null
+++ b/swamid-2.0/local.cloudmore.com-shibboleth.xml
@@ -0,0 +1,78 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://local.cloudmore.com/shibboleth">
+  <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+  </md:Extensions>
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+    <md:Extensions>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="http://local.cloudmore.com/Shibboleth.sso/Login"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="http://local.cloudmore.com/Shibboleth.sso/Login" index="1"/>
+    </md:Extensions>
+    <md:KeyDescriptor>
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:KeyName>desktop-cu2qb29</ds:KeyName>
+        <ds:X509Data>
+          <ds:X509SubjectName>CN=desktop-cu2qb29</ds:X509SubjectName>
+          <ds:X509Certificate>MIID9DCCAlygAwIBAgIJAJKf3OTHrjQ/MA0GCSqGSIb3DQEBCwUAMBoxGDAWBgNV
+BAMTD2Rlc2t0b3AtY3UycWIyOTAeFw0xNzAyMjcxNDU1MDdaFw0yNzAyMjUxNDU1
+MDdaMBoxGDAWBgNVBAMTD2Rlc2t0b3AtY3UycWIyOTCCAaIwDQYJKoZIhvcNAQEB
+BQADggGPADCCAYoCggGBALhxwbvMdesrUcyhorZ9bHNSWWtqJIrHPT9jGJI5W0oJ
+SosOLD/mrCSy618yHoYl+oo2nE4u/+VDE2CJhrjkThwp+C3bLI/jTYrn4E2w1cVw
+5ws1Cmo7iJ8wEsX4ZpvSpPG7DRUcppzDLbizGUZoZ/7lKDUWEqX+pUErrJCcxk7v
+hDlXyXXdkc4R18hUUIQHMu5XHjDQ7NH5rrLmxNcYdLEg9KG44CLmcgz3ptcDXZRp
+mhvAr55XtDq/3rk/bJODy65F+P/AzTK1AD3hr/7VtqANfp6Gj+FECC9ahVYcQg9z
+8YFrh3T2B86xnRwBpGj5GdAB1Sl48OqpoJvhRd0hAQnxPTyEyr/O3lQX0Ln68Ho2
+0SC+WkSi1GwGP+av8PKZj8UO5KeLwSeUYhqVMMs/jGrfaM278oHWldzo8VfVwsAR
+9/chJ6JN3bUum//bdIgwqQyxS+m+5/tCFZ3IAOWraXYJpofG+vtCJH5THWvC/Pfp
+P17k0KFHDONEbCy+BMJguwIDAQABoz0wOzAaBgNVHREEEzARgg9kZXNrdG9wLWN1
+MnFiMjkwHQYDVR0OBBYEFBJHwGN/tsmAUm7VVbqf3BLHTKNaMA0GCSqGSIb3DQEB
+CwUAA4IBgQC20sT9vv9RVhEvItcTDpV/hOtrhcAtDLfe0jUnycscDbN+zsn9TVE+
+oWyV1a90/YiTbVAdyTW518NjU4APqwghEhHlY2U1wNCsYFxmceQvyCyAAfZjvugR
+xxw8YnPc3z2M8sriHpnvLEwG84ZGn5VmKAmFlapmpM3SuhT+jg716oB8ZZuB3IRh
+tPrIQXdSEtsL+Ogol+UtbraP1iseSmpFoCNLSpUgsdIf0U4BMXEfVAMv3R1w7elR
+FefUWlzgJ1UG0hSKIZilR8YMI0o3fF9nfMDWkGgyV5+fbnogKVNNQIbiFIIIBdhH
+a9ikla+Yzxv5MqqlRh0dlbjwuPWUEbxzV01N7gjtUp+m3G8HAWe/84bGNzqW5L0J
+ImSwMsvQbjyWBkgs0ruxX7osN1cqyIMRB3KefI7XpBrQXmVqS7IbtGgypYZieVSo
+z8vMYWDvzD5siJ/O46xnsMzwTu2JXhVJpR0jzoADSftjsQe+4wgLXVg+46mapDoc
+f49DvQ516YA=
+</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </md:KeyDescriptor>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://local.cloudmore.com/Shibboleth.sso/Artifact/SOAP" index="1"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://local.cloudmore.com/Shibboleth.sso/SLO/SOAP"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://local.cloudmore.com/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://local.cloudmore.com/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://local.cloudmore.com/Shibboleth.sso/SLO/Artifact"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://local.cloudmore.com/Shibboleth.sso/SAML2/POST" index="1"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="http://local.cloudmore.com/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://local.cloudmore.com/Shibboleth.sso/SAML2/Artifact" index="3"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="http://local.cloudmore.com/Shibboleth.sso/SAML2/ECP" index="4"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://local.cloudmore.com/Shibboleth.sso/SAML/POST" index="5"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://local.cloudmore.com/Shibboleth.sso/SAML/Artifact" index="6"/>
+  </md:SPSSODescriptor>
+</md:EntityDescriptor>
diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml
index e614d80d..40f4dd12 100644
--- a/swamid-sp-2.0.mxml
+++ b/swamid-sp-2.0.mxml
@@ -666,4 +666,5 @@
   <xi:include href="swamid-2.0/portaluu.onricoh.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/kantarainitiative.org-confluence-plugins-servlet-samlsso.xml"/>
   <xi:include href="swamid-2.0/zoom-saas-idp-proxy.sunet.se-sp.xml"/>
+  <xi:include href="swamid-2.0/local.cloudmore.com-shibboleth.xml"/>
 </md:EntitiesDescriptor>
-- 
cgit v1.2.3


From dbbaae574b8f6c510951044db4d994c30ee768cb Mon Sep 17 00:00:00 2001
From: Björn Mattsson <Bjorn.Mattsson@bth.se>
Date: Thu, 31 Aug 2017 11:58:02 +0200
Subject: Resolved SWAMID-180

---
 swamid-2.0/kantarainitiative.org-confluence-plugins-servlet-samlsso.xml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/swamid-2.0/kantarainitiative.org-confluence-plugins-servlet-samlsso.xml b/swamid-2.0/kantarainitiative.org-confluence-plugins-servlet-samlsso.xml
index 5c7448b9..3f3def10 100644
--- a/swamid-2.0/kantarainitiative.org-confluence-plugins-servlet-samlsso.xml
+++ b/swamid-2.0/kantarainitiative.org-confluence-plugins-servlet-samlsso.xml
@@ -46,6 +46,5 @@ PMS4rjAWc41dsrr8CuH3t/NKbvDc9Rn6U+qLGttLcJ1Jlpw2i3fPGGJ+osSsX9+h3KUdLv9j7zJB
     <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
     <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kantarainitiative.org/confluence/plugins/servlet/samlsso" index="0"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kantarainitiative.org/confluence/plugins/servlet/samlsso" index="1"/>
   </md:SPSSODescriptor>
 </md:EntityDescriptor>
-- 
cgit v1.2.3


From a357b266316fb4f6eff06c5e5787e2dcf9349dfd Mon Sep 17 00:00:00 2001
From: Paul Scott <paul.scott@kau.se>
Date: Thu, 31 Aug 2017 20:34:39 +0200
Subject: Cleanup

---
 swamid-2.0/test.scalable-learning.com.xml | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/swamid-2.0/test.scalable-learning.com.xml b/swamid-2.0/test.scalable-learning.com.xml
index 24a0e60d..73d4563d 100644
--- a/swamid-2.0/test.scalable-learning.com.xml
+++ b/swamid-2.0/test.scalable-learning.com.xml
@@ -48,10 +48,7 @@ ROE=
         </ds:X509Data>
       </ds:KeyInfo>
     </md:KeyDescriptor>
-    <md:NameIDFormat>
-urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
-</md:NameIDFormat>
-    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
+    <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
     <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" index="1" Location="https://test.scalable-learning.com/saml/consume"/>
     <md:AttributeConsumingService index="0">
-- 
cgit v1.2.3


From 6984231814825dac74d268e9e3f9746dcb7ac067 Mon Sep 17 00:00:00 2001
From: Paul Scott <paul.scott@kau.se>
Date: Thu, 31 Aug 2017 20:38:02 +0200
Subject: More cleanup

---
 swamid-2.0/scalear-staging2.herokuapp.com.xml |  4 +---
 swamid-2.0/www.scalable-learning.com.xml      | 14 ++++++++++----
 2 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/swamid-2.0/scalear-staging2.herokuapp.com.xml b/swamid-2.0/scalear-staging2.herokuapp.com.xml
index b25203f0..8c35e8c4 100644
--- a/swamid-2.0/scalear-staging2.herokuapp.com.xml
+++ b/swamid-2.0/scalear-staging2.herokuapp.com.xml
@@ -48,9 +48,7 @@ qONqqzvm+WBOIQ==
         </ds:X509Data>
       </ds:KeyInfo>
     </md:KeyDescriptor>
-    <md:NameIDFormat>
-urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
-</md:NameIDFormat>
+    <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" index="1" Location="https://scalear-staging2.herokuapp.com/saml/consume"/>
     <md:AttributeConsumingService index="0">
       <md:ServiceName xml:lang="en">Scalable Learning</md:ServiceName>
diff --git a/swamid-2.0/www.scalable-learning.com.xml b/swamid-2.0/www.scalable-learning.com.xml
index 5d337d8b..cbc241dd 100644
--- a/swamid-2.0/www.scalable-learning.com.xml
+++ b/swamid-2.0/www.scalable-learning.com.xml
@@ -47,9 +47,7 @@ fkpQngoTsFRNOJ5gwo2dZAVQYRBKXToI2elv5qW151WnpWn9gdQjaW7zzKSkPDRf
         </ds:X509Data>
       </ds:KeyInfo>
     </md:KeyDescriptor>
-    <md:NameIDFormat>
-urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
-</md:NameIDFormat>
+    <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" index="1" Location="https://www.scalable-learning.com/saml/consume"/>
     <md:AttributeConsumingService index="0">
       <md:ServiceName xml:lang="en">Scalable Learning</md:ServiceName>
@@ -66,6 +64,14 @@ urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
   <md:Organization>
     <md:OrganizationName xml:lang="en">Scalable Learning</md:OrganizationName>
     <md:OrganizationDisplayName xml:lang="en">Scalable Learning</md:OrganizationDisplayName>
-    <md:OrganizationURL xml:lang="en">www.scalable-learning.com</md:OrganizationURL>
+    <md:OrganizationURL xml:lang="en">https://www.scalable-learning.com</md:OrganizationURL>
   </md:Organization>
+  <md:ContactPerson xmlns="urn:oasis:names:tc:SAML:2.0:metadata" contactType="technical">
+    <Company>ScalableLearning</Company>
+    <EmailAddress>mailto:support@scalable-learning.com</EmailAddress>
+  </md:ContactPerson>
+  <md:ContactPerson xmlns="urn:oasis:names:tc:SAML:2.0:metadata" contactType="administrative">
+    <Company>ScalableLearning</Company>
+    <EmailAddress>mailto:support@scalable-learning.com</EmailAddress>
+  </md:ContactPerson>
 </md:EntityDescriptor>
-- 
cgit v1.2.3


From edbd9035acb660c937d446566bdd835409f14a40 Mon Sep 17 00:00:00 2001
From: Paul Scott <paul.scott@kau.se>
Date: Fri, 1 Sep 2017 10:16:39 +0200
Subject: More eduGAIN cleanup

---
 swamid-2.0/scalear-saml.herokuapp.com.xml     | 3 ++-
 swamid-2.0/scalear-staging2.herokuapp.com.xml | 1 +
 swamid-2.0/www.scalable-learning.com.xml      | 1 +
 3 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/swamid-2.0/scalear-saml.herokuapp.com.xml b/swamid-2.0/scalear-saml.herokuapp.com.xml
index 5a61fc2f..0151e980 100644
--- a/swamid-2.0/scalear-saml.herokuapp.com.xml
+++ b/swamid-2.0/scalear-saml.herokuapp.com.xml
@@ -29,11 +29,12 @@
       </ds:KeyInfo>
     </md:KeyDescriptor>
     <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
+    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" index="1" Location="https://scalear-saml.herokuapp.com/saml/consume"/>
   </md:SPSSODescriptor>
   <md:Organization>
     <md:OrganizationName xml:lang="en">Scalable Learning</md:OrganizationName>
     <md:OrganizationDisplayName xml:lang="en">Scalable Learning</md:OrganizationDisplayName>
-    <md:OrganizationURL xml:lang="en">www.scalable-learning.com</md:OrganizationURL>
+    <md:OrganizationURL xml:lang="en">https://www.scalable-learning.com</md:OrganizationURL>
   </md:Organization>
 </md:EntityDescriptor>
diff --git a/swamid-2.0/scalear-staging2.herokuapp.com.xml b/swamid-2.0/scalear-staging2.herokuapp.com.xml
index 8c35e8c4..84057d0d 100644
--- a/swamid-2.0/scalear-staging2.herokuapp.com.xml
+++ b/swamid-2.0/scalear-staging2.herokuapp.com.xml
@@ -49,6 +49,7 @@ qONqqzvm+WBOIQ==
       </ds:KeyInfo>
     </md:KeyDescriptor>
     <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
+    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" index="1" Location="https://scalear-staging2.herokuapp.com/saml/consume"/>
     <md:AttributeConsumingService index="0">
       <md:ServiceName xml:lang="en">Scalable Learning</md:ServiceName>
diff --git a/swamid-2.0/www.scalable-learning.com.xml b/swamid-2.0/www.scalable-learning.com.xml
index cbc241dd..1c6ae3ef 100644
--- a/swamid-2.0/www.scalable-learning.com.xml
+++ b/swamid-2.0/www.scalable-learning.com.xml
@@ -48,6 +48,7 @@ fkpQngoTsFRNOJ5gwo2dZAVQYRBKXToI2elv5qW151WnpWn9gdQjaW7zzKSkPDRf
       </ds:KeyInfo>
     </md:KeyDescriptor>
     <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
+    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" index="1" Location="https://www.scalable-learning.com/saml/consume"/>
     <md:AttributeConsumingService index="0">
       <md:ServiceName xml:lang="en">Scalable Learning</md:ServiceName>
-- 
cgit v1.2.3


From 33a6a2f0c0c31404465aa3ae2dfa15b4e75cbe2f Mon Sep 17 00:00:00 2001
From: Paul Scott <paul.scott@kau.se>
Date: Fri, 1 Sep 2017 13:12:42 +0200
Subject: Resolves SWAMIDOPS-187

---
 swamid-2.0/portaluu.onricoh.se-shibboleth.xml | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

diff --git a/swamid-2.0/portaluu.onricoh.se-shibboleth.xml b/swamid-2.0/portaluu.onricoh.se-shibboleth.xml
index a03c4db3..4c22bbf6 100644
--- a/swamid-2.0/portaluu.onricoh.se-shibboleth.xml
+++ b/swamid-2.0/portaluu.onricoh.se-shibboleth.xml
@@ -17,18 +17,16 @@
     <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
     <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
     <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+    <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+      <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+        <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+        <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
+      </samla:Attribute>
+    </mdattr:EntityAttributes>
   </md:Extensions>
   <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
     <md:Extensions>
       <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
-        <Extensions xmlns="urn:mace:shibboleth:2.0:native:sp:config">
-          <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
-            <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
-              <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
-              <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
-            </samla:Attribute>
-          </mdattr:EntityAttributes>
-        </Extensions>
         <mdui:DisplayName xml:lang="en">eduPrint</mdui:DisplayName>
         <mdui:DisplayName xml:lang="sv">eduPrint</mdui:DisplayName>
         <mdui:Description xml:lang="en">eduPrint is a print and photocopying system for students and employees at Uppsala University. Use eduPrint to print, make photocopies and scan documents and images.</mdui:Description>
-- 
cgit v1.2.3


From 57466af09d8c840954f2494eb198e8e1caeb3a92 Mon Sep 17 00:00:00 2001
From: Björn Mattsson <Bjorn.Mattsson@bth.se>
Date: Thu, 7 Sep 2017 09:24:12 +0200
Subject: Resolved SWAMID-192

---
 swamid-2.0/shibboleth.msacademicverify.com-shibboleth-sp.xml | 4 ++--
 swamid-2.0/testshib.msacademicverify.com-shibboleth-sp.xml   | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/swamid-2.0/shibboleth.msacademicverify.com-shibboleth-sp.xml b/swamid-2.0/shibboleth.msacademicverify.com-shibboleth-sp.xml
index e3122a3b..3ea42757 100644
--- a/swamid-2.0/shibboleth.msacademicverify.com-shibboleth-sp.xml
+++ b/swamid-2.0/shibboleth.msacademicverify.com-shibboleth-sp.xml
@@ -62,8 +62,8 @@
     <EmailAddress>mailto:avesupp@microsoft.com</EmailAddress>
   </ContactPerson>
   <ContactPerson contactType="administrative">
-    <GivenName>Jhansi Reddy</GivenName>
-    <EmailAddress>mailto:jhansir@microsoft.com</EmailAddress>
+    <GivenName>Gaurav Kakodkar</GivenName>
+    <EmailAddress>mailto:gauraka@microsoft.com</EmailAddress>
   </ContactPerson>
   <ContactPerson contactType="support">
     <GivenName>AVE Support</GivenName>
diff --git a/swamid-2.0/testshib.msacademicverify.com-shibboleth-sp.xml b/swamid-2.0/testshib.msacademicverify.com-shibboleth-sp.xml
index c6b7fff8..d0eae56e 100644
--- a/swamid-2.0/testshib.msacademicverify.com-shibboleth-sp.xml
+++ b/swamid-2.0/testshib.msacademicverify.com-shibboleth-sp.xml
@@ -56,7 +56,7 @@ wWE+vceD2r7oFUYHr1E07cyX20HwNU1LL3TthPaNhs7M2ImLlYHapw==
     <EmailAddress>mailto:Gerry.OBrien@microsoft.com</EmailAddress>
   </ContactPerson>
   <ContactPerson contactType="administrative">
-    <GivenName>Jhansi Reddy</GivenName>
-    <EmailAddress>mailto:Jhansi.reddy@microsoft.com</EmailAddress>
+    <GivenName>Gaurav Kakodkar</GivenName>
+    <EmailAddress>mailto:gauraka@microsoft.com</EmailAddress>
   </ContactPerson>
 </EntityDescriptor>
-- 
cgit v1.2.3


From 3e221501bba46a2afb39dbd6e4bbb34943c431b7 Mon Sep 17 00:00:00 2001
From: Paul Scott <paul.scott@kau.se>
Date: Fri, 8 Sep 2017 09:39:26 +0200
Subject: Resolves SWAMIDOPS-191

---
 swamid-2.0/adfs.tad.hv.se-adfs-services-trust.xml | 709 ++++++++++++++++++++++
 swamid-testing-idp-1.0.mxml                       |   1 +
 2 files changed, 710 insertions(+)
 create mode 100644 swamid-2.0/adfs.tad.hv.se-adfs-services-trust.xml

diff --git a/swamid-2.0/adfs.tad.hv.se-adfs-services-trust.xml b/swamid-2.0/adfs.tad.hv.se-adfs-services-trust.xml
new file mode 100644
index 00000000..fbe8d40b
--- /dev/null
+++ b/swamid-2.0/adfs.tad.hv.se-adfs-services-trust.xml
@@ -0,0 +1,709 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="http://adfs.tad.hv.se/adfs/services/trust">
+  <RoleDescriptor xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ServiceDisplayName="University West" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:ApplicationServiceType">
+    <KeyDescriptor use="encryption">
+      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+        <X509Data>
+          <X509Certificate>MIIC3jCCAcagAwIBAgIQJUPVHNhj+JtCSmkUzj+l+TANBgkqhkiG9w0BAQsFADArMSkwJwYDVQQDEyBBREZTIEVuY3J5cHRpb24gLSBhZGZzLnRhZC5odi5zZTAeFw0xNTEyMDIxMzUwMDNaFw0yMDEyMDIxMzUwMDNaMCsxKTAnBgNVBAMTIEFERlMgRW5jcnlwdGlvbiAtIGFkZnMudGFkLmh2LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseBegVuR4rWwDh+u/358+9uUCp3D4ByUTlu8pAXGkwjMmgid/VnWoWbezvTMD4j7v/lRFP+HbotD4WNNvHjtIJ1klI07GqINL+Sh+muuPVmARumB4yISRJyCrAg0Y9BUP4U10uTK4pUciqtOy3WWOGmcnNH3oeMz9mkyzbn+l30aKFgubeCZk5ni7VRCWTW7pHs+n4laMYBgBWIOUamgfn1jbpi8j4MUA3Vt/Z3IW5UPp8tXuCM3cw5peQydvw0NYynk+lAhNyWupPQ/ckGS33AZZor3eYMnqgrz/h5QpMstpkpb5LGGoXlbS5CezjVqlRdLw/fuiW8IL0uj15hU6QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAxz/0OiyG4GIHQjflw8fIXeZ6ciuKEC1gEwA4dyFnxNv/+F7hKD8l1aQwVVrYIjzUw1QjwlDsqXwEcxzFAE4xjcO7Luf0HpD3eR0edM4iDmR4yQPro0c7iguueaUWwpAL4Wxop+FsY8YLoz31qynXCQhZiEm45mwt73AzjW58rIyvLv52BgS5W1rw+3n4yjjxGXcNTcjXqTXNKKjGj/Q421hhTdqqlNQXNILZaeXi/qnI+8NE4Bfxo2NVMFUGN44CrcGqMXmgkpvmenwCCJ3uMiX1FLcfRiR49RcrtvnpcLh7z8u2ixbPDBzeXMv4qJddc4W6My6+nfSmtv3jYgijK</X509Certificate>
+        </X509Data>
+      </KeyInfo>
+    </KeyDescriptor>
+    <fed:ClaimTypesRequested>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress">
+        <auth:DisplayName>E-Mail Address</auth:DisplayName>
+        <auth:Description>The e-mail address of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname">
+        <auth:DisplayName>Given Name</auth:DisplayName>
+        <auth:Description>The given name of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name">
+        <auth:DisplayName>Name</auth:DisplayName>
+        <auth:Description>The unique name of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn">
+        <auth:DisplayName>UPN</auth:DisplayName>
+        <auth:Description>The user principal name (UPN) of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/CommonName">
+        <auth:DisplayName>Common Name</auth:DisplayName>
+        <auth:Description>The common name of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/EmailAddress">
+        <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
+        <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/Group">
+        <auth:DisplayName>Group</auth:DisplayName>
+        <auth:Description>A group that the user is a member of</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/UPN">
+        <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
+        <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role">
+        <auth:DisplayName>Role</auth:DisplayName>
+        <auth:Description>A role that the user has</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname">
+        <auth:DisplayName>Surname</auth:DisplayName>
+        <auth:Description>The surname of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier">
+        <auth:DisplayName>PPID</auth:DisplayName>
+        <auth:Description>The private identifier of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier">
+        <auth:DisplayName>Name ID</auth:DisplayName>
+        <auth:Description>The SAML name identifier of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant">
+        <auth:DisplayName>Authentication time stamp</auth:DisplayName>
+        <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod">
+        <auth:DisplayName>Authentication method</auth:DisplayName>
+        <auth:Description>The method used to authenticate the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid">
+        <auth:DisplayName>Deny only group SID</auth:DisplayName>
+        <auth:Description>The deny-only group SID of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid">
+        <auth:DisplayName>Deny only primary SID</auth:DisplayName>
+        <auth:Description>The deny-only primary SID of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid">
+        <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
+        <auth:Description>The deny-only primary group SID of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid">
+        <auth:DisplayName>Group SID</auth:DisplayName>
+        <auth:Description>The group SID of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid">
+        <auth:DisplayName>Primary group SID</auth:DisplayName>
+        <auth:Description>The primary group SID of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid">
+        <auth:DisplayName>Primary SID</auth:DisplayName>
+        <auth:Description>The primary SID of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname">
+        <auth:DisplayName>Windows account name</auth:DisplayName>
+        <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser">
+        <auth:DisplayName>Is Registered User</auth:DisplayName>
+        <auth:Description>User is registered to use this device</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier">
+        <auth:DisplayName>Device Identifier</auth:DisplayName>
+        <auth:Description>Identifier of the device</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid">
+        <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
+        <auth:Description>Identifier for Device Registration</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname">
+        <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
+        <auth:Description>Display name of Device Registration</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype">
+        <auth:DisplayName>Device OS type</auth:DisplayName>
+        <auth:Description>OS type of the device</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion">
+        <auth:DisplayName>Device OS Version</auth:DisplayName>
+        <auth:Description>OS version of the device</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged">
+        <auth:DisplayName>Is Managed Device</auth:DisplayName>
+        <auth:Description>Device is managed by a management service</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip">
+        <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
+        <auth:Description>IP address of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application">
+        <auth:DisplayName>Client Application</auth:DisplayName>
+        <auth:Description>Type of the Client Application</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent">
+        <auth:DisplayName>Client User Agent</auth:DisplayName>
+        <auth:Description>Device type the client is using to access the application</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip">
+        <auth:DisplayName>Client IP</auth:DisplayName>
+        <auth:Description>IP address of the client</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path">
+        <auth:DisplayName>Endpoint Path</auth:DisplayName>
+        <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy">
+        <auth:DisplayName>Proxy</auth:DisplayName>
+        <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid">
+        <auth:DisplayName>Application Identifier</auth:DisplayName>
+        <auth:Description>Identifier for the Relying Party</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy">
+        <auth:DisplayName>Application policies</auth:DisplayName>
+        <auth:Description>Application policies of the certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier">
+        <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
+        <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints">
+        <auth:DisplayName>Basic Constraint</auth:DisplayName>
+        <auth:Description>One of the basic constraints of the certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku">
+        <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
+        <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer">
+        <auth:DisplayName>Issuer</auth:DisplayName>
+        <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername">
+        <auth:DisplayName>Issuer Name</auth:DisplayName>
+        <auth:Description>The distinguished name of the certificate issuer</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage">
+        <auth:DisplayName>Key Usage</auth:DisplayName>
+        <auth:Description>One of the key usages of the certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter">
+        <auth:DisplayName>Not After</auth:DisplayName>
+        <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore">
+        <auth:DisplayName>Not Before</auth:DisplayName>
+        <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy">
+        <auth:DisplayName>Certificate Policies</auth:DisplayName>
+        <auth:Description>The policies under which the certificate has been issued</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa">
+        <auth:DisplayName>Public Key</auth:DisplayName>
+        <auth:Description>Public Key of the certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata">
+        <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
+        <auth:Description>The raw data of the certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san">
+        <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
+        <auth:Description>One of the alternative names of the certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber">
+        <auth:DisplayName>Serial Number</auth:DisplayName>
+        <auth:Description>The serial number of a certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm">
+        <auth:DisplayName>Signature Algorithm</auth:DisplayName>
+        <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject">
+        <auth:DisplayName>Subject</auth:DisplayName>
+        <auth:Description>The subject from the certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier">
+        <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
+        <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname">
+        <auth:DisplayName>Subject Name</auth:DisplayName>
+        <auth:Description>The subject distinguished name from a certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation">
+        <auth:DisplayName>V2 Template Name</auth:DisplayName>
+        <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename">
+        <auth:DisplayName>V1 Template Name</auth:DisplayName>
+        <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint">
+        <auth:DisplayName>Thumbprint</auth:DisplayName>
+        <auth:Description>Thumbprint of the certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version">
+        <auth:DisplayName>X.509 Version</auth:DisplayName>
+        <auth:Description>The X.509 format version of a certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork">
+        <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
+        <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime">
+        <auth:DisplayName>Password Expiration Time</auth:DisplayName>
+        <auth:Description>Used to display the time when the password expires</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays">
+        <auth:DisplayName>Password Expiration Days</auth:DisplayName>
+        <auth:Description>Used to display the number of days to password expiry</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl">
+        <auth:DisplayName>Update Password URL</auth:DisplayName>
+        <auth:Description>Used to display the web address of update password service</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences">
+        <auth:DisplayName>Authentication Methods References</auth:DisplayName>
+        <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id">
+        <auth:DisplayName>Client Request ID</auth:DisplayName>
+        <auth:Description>Identifier for a user session</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2013/11/alternateloginid">
+        <auth:DisplayName>Alternate Login ID</auth:DisplayName>
+        <auth:Description>Alternate login ID of the user</auth:Description>
+      </auth:ClaimType>
+    </fed:ClaimTypesRequested>
+    <fed:TargetScopes>
+      <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+        <Address>https://adfs.tad.hv.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
+      </EndpointReference>
+      <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+        <Address>https://adfs.tad.hv.se/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256</Address>
+      </EndpointReference>
+      <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+        <Address>https://adfs.tad.hv.se/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256</Address>
+      </EndpointReference>
+      <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+        <Address>https://adfs.tad.hv.se/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256</Address>
+      </EndpointReference>
+      <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+        <Address>https://adfs.tad.hv.se/adfs/ls/</Address>
+      </EndpointReference>
+      <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+        <Address>http://adfs.tad.hv.se/adfs/services/trust</Address>
+      </EndpointReference>
+    </fed:TargetScopes>
+    <fed:ApplicationServiceEndpoint>
+      <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+        <Address>https://adfs.tad.hv.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
+      </EndpointReference>
+    </fed:ApplicationServiceEndpoint>
+    <fed:PassiveRequestorEndpoint>
+      <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+        <Address>https://adfs.tad.hv.se/adfs/ls/</Address>
+      </EndpointReference>
+    </fed:PassiveRequestorEndpoint>
+  </RoleDescriptor>
+  <RoleDescriptor xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ServiceDisplayName="University West" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:SecurityTokenServiceType">
+    <KeyDescriptor use="signing">
+      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+        <X509Data>
+          <X509Certificate>MIIC2DCCAcCgAwIBAgIQdJ+qhazgjLJDd3jeh9VkpzANBgkqhkiG9w0BAQsFADAoMSYwJAYDVQQDEx1BREZTIFNpZ25pbmcgLSBhZGZzLnRhZC5odi5zZTAeFw0xNTEyMDIxMzQ5NDhaFw0yMDEyMDIxMzQ5NDhaMCgxJjAkBgNVBAMTHUFERlMgU2lnbmluZyAtIGFkZnMudGFkLmh2LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvR12vhcEsB93mg6pgwyQxGhZqpS8aEcCzOQwXOApH28y6RlT0qE/mowxX0fOpdBYblbxOurih4vtwx1NTe5CrXsUrpzkHP/hsOAmMGrpC0N5ybOEUegJ/Hk6wTmt7wA7nSfcsMvTUsXQZvKA+xFhCA7AjSMpF8Vv7BeU2O1IZDELU4U7P5iBls1YuMsgdFJ2Eu5LHILhfGaqSi9xkL7loYYwH3iU8MZ52CbOJLEl9uG99E3njSPq3CJ4tWZj1OkBLYf3gBBgvW3tOyYrAJWq5d1LyAh05+PNQQAKTPKHaaV9iAtUgys6M1v5XCUi1rv0nCBwl0iNQuFIiXsegaG4UQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBratRK3aI/quHmQ5fEMOaySihHaQId/26Jq4RQH0yOOhzjsQ9DSGCwwYZOefgi5G7SzQw1m6PJ7WecqT9gRPPT+IPt+KO+dnWQUNgedOZzM5Z0HXSdIUX0h5pxxTbHqExqkj9CZzKHFbiQvZBld7VcJsZW9PB7bM8lg+NAeoGBNdJACx33M59jVa+vPd2pVT5STufgIHkLkDGCqedBEQMFmyAhidVHlJO2cgieqmTjCDiO38ZYdXbwarsYrs6uxmdqUMdRwT4IVkpgyqyeQh/tN+w3QolWu4PX1s76GSYLUKasyK6YZXZDBGlFZDbb0padi0Vasmmg+VvMhuKmRtIP</X509Certificate>
+        </X509Data>
+      </KeyInfo>
+    </KeyDescriptor>
+    <fed:TokenTypesOffered>
+      <fed:TokenType Uri="urn:oasis:names:tc:SAML:2.0:assertion"/>
+      <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion"/>
+    </fed:TokenTypesOffered>
+    <fed:ClaimTypesOffered>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress">
+        <auth:DisplayName>E-Mail Address</auth:DisplayName>
+        <auth:Description>The e-mail address of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname">
+        <auth:DisplayName>Given Name</auth:DisplayName>
+        <auth:Description>The given name of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name">
+        <auth:DisplayName>Name</auth:DisplayName>
+        <auth:Description>The unique name of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn">
+        <auth:DisplayName>UPN</auth:DisplayName>
+        <auth:Description>The user principal name (UPN) of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/CommonName">
+        <auth:DisplayName>Common Name</auth:DisplayName>
+        <auth:Description>The common name of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/EmailAddress">
+        <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
+        <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/Group">
+        <auth:DisplayName>Group</auth:DisplayName>
+        <auth:Description>A group that the user is a member of</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/claims/UPN">
+        <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
+        <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role">
+        <auth:DisplayName>Role</auth:DisplayName>
+        <auth:Description>A role that the user has</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname">
+        <auth:DisplayName>Surname</auth:DisplayName>
+        <auth:Description>The surname of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier">
+        <auth:DisplayName>PPID</auth:DisplayName>
+        <auth:Description>The private identifier of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier">
+        <auth:DisplayName>Name ID</auth:DisplayName>
+        <auth:Description>The SAML name identifier of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant">
+        <auth:DisplayName>Authentication time stamp</auth:DisplayName>
+        <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod">
+        <auth:DisplayName>Authentication method</auth:DisplayName>
+        <auth:Description>The method used to authenticate the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid">
+        <auth:DisplayName>Deny only group SID</auth:DisplayName>
+        <auth:Description>The deny-only group SID of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid">
+        <auth:DisplayName>Deny only primary SID</auth:DisplayName>
+        <auth:Description>The deny-only primary SID of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid">
+        <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
+        <auth:Description>The deny-only primary group SID of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid">
+        <auth:DisplayName>Group SID</auth:DisplayName>
+        <auth:Description>The group SID of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid">
+        <auth:DisplayName>Primary group SID</auth:DisplayName>
+        <auth:Description>The primary group SID of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid">
+        <auth:DisplayName>Primary SID</auth:DisplayName>
+        <auth:Description>The primary SID of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname">
+        <auth:DisplayName>Windows account name</auth:DisplayName>
+        <auth:Description>The domain account name of the user in the form of domain\user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser">
+        <auth:DisplayName>Is Registered User</auth:DisplayName>
+        <auth:Description>User is registered to use this device</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier">
+        <auth:DisplayName>Device Identifier</auth:DisplayName>
+        <auth:Description>Identifier of the device</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid">
+        <auth:DisplayName>Device Registration Identifier</auth:DisplayName>
+        <auth:Description>Identifier for Device Registration</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname">
+        <auth:DisplayName>Device Registration DisplayName</auth:DisplayName>
+        <auth:Description>Display name of Device Registration</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype">
+        <auth:DisplayName>Device OS type</auth:DisplayName>
+        <auth:Description>OS type of the device</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion">
+        <auth:DisplayName>Device OS Version</auth:DisplayName>
+        <auth:Description>OS version of the device</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged">
+        <auth:DisplayName>Is Managed Device</auth:DisplayName>
+        <auth:Description>Device is managed by a management service</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip">
+        <auth:DisplayName>Forwarded Client IP</auth:DisplayName>
+        <auth:Description>IP address of the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application">
+        <auth:DisplayName>Client Application</auth:DisplayName>
+        <auth:Description>Type of the Client Application</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent">
+        <auth:DisplayName>Client User Agent</auth:DisplayName>
+        <auth:Description>Device type the client is using to access the application</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip">
+        <auth:DisplayName>Client IP</auth:DisplayName>
+        <auth:Description>IP address of the client</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path">
+        <auth:DisplayName>Endpoint Path</auth:DisplayName>
+        <auth:Description>Absolute Endpoint path which can be used to determine active versus passive clients</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy">
+        <auth:DisplayName>Proxy</auth:DisplayName>
+        <auth:Description>DNS name of the federation server proxy that passed the request</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid">
+        <auth:DisplayName>Application Identifier</auth:DisplayName>
+        <auth:Description>Identifier for the Relying Party</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy">
+        <auth:DisplayName>Application policies</auth:DisplayName>
+        <auth:Description>Application policies of the certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier">
+        <auth:DisplayName>Authority Key Identifier</auth:DisplayName>
+        <auth:Description>The Authority Key Identifier extension of the certificate that signed an issued certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints">
+        <auth:DisplayName>Basic Constraint</auth:DisplayName>
+        <auth:Description>One of the basic constraints of the certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku">
+        <auth:DisplayName>Enhanced Key Usage</auth:DisplayName>
+        <auth:Description>Describes one of the enhanced key usages of the certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer">
+        <auth:DisplayName>Issuer</auth:DisplayName>
+        <auth:Description>The name of the certificate authority that issued the X.509 certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername">
+        <auth:DisplayName>Issuer Name</auth:DisplayName>
+        <auth:Description>The distinguished name of the certificate issuer</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage">
+        <auth:DisplayName>Key Usage</auth:DisplayName>
+        <auth:Description>One of the key usages of the certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter">
+        <auth:DisplayName>Not After</auth:DisplayName>
+        <auth:Description>Date in local time after which a certificate is no longer valid</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore">
+        <auth:DisplayName>Not Before</auth:DisplayName>
+        <auth:Description>The date in local time on which a certificate becomes valid</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy">
+        <auth:DisplayName>Certificate Policies</auth:DisplayName>
+        <auth:Description>The policies under which the certificate has been issued</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa">
+        <auth:DisplayName>Public Key</auth:DisplayName>
+        <auth:Description>Public Key of the certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata">
+        <auth:DisplayName>Certificate Raw Data</auth:DisplayName>
+        <auth:Description>The raw data of the certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san">
+        <auth:DisplayName>Subject Alternative Name</auth:DisplayName>
+        <auth:Description>One of the alternative names of the certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber">
+        <auth:DisplayName>Serial Number</auth:DisplayName>
+        <auth:Description>The serial number of a certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm">
+        <auth:DisplayName>Signature Algorithm</auth:DisplayName>
+        <auth:Description>The algorithm used to create the signature of a certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject">
+        <auth:DisplayName>Subject</auth:DisplayName>
+        <auth:Description>The subject from the certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier">
+        <auth:DisplayName>Subject Key Identifier</auth:DisplayName>
+        <auth:Description>Describes the subject key identifier of the certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname">
+        <auth:DisplayName>Subject Name</auth:DisplayName>
+        <auth:Description>The subject distinguished name from a certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation">
+        <auth:DisplayName>V2 Template Name</auth:DisplayName>
+        <auth:Description>The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename">
+        <auth:DisplayName>V1 Template Name</auth:DisplayName>
+        <auth:Description>The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint">
+        <auth:DisplayName>Thumbprint</auth:DisplayName>
+        <auth:Description>Thumbprint of the certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version">
+        <auth:DisplayName>X.509 Version</auth:DisplayName>
+        <auth:Description>The X.509 format version of a certificate</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork">
+        <auth:DisplayName>Inside Corporate Network</auth:DisplayName>
+        <auth:Description>Used to indicate if a request originated inside corporate network</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime">
+        <auth:DisplayName>Password Expiration Time</auth:DisplayName>
+        <auth:Description>Used to display the time when the password expires</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays">
+        <auth:DisplayName>Password Expiration Days</auth:DisplayName>
+        <auth:Description>Used to display the number of days to password expiry</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl">
+        <auth:DisplayName>Update Password URL</auth:DisplayName>
+        <auth:Description>Used to display the web address of update password service</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/claims/authnmethodsreferences">
+        <auth:DisplayName>Authentication Methods References</auth:DisplayName>
+        <auth:Description>Used to indicate all authentication methods used to authenticate the user</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id">
+        <auth:DisplayName>Client Request ID</auth:DisplayName>
+        <auth:Description>Identifier for a user session</auth:Description>
+      </auth:ClaimType>
+      <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Optional="true" Uri="http://schemas.microsoft.com/ws/2013/11/alternateloginid">
+        <auth:DisplayName>Alternate Login ID</auth:DisplayName>
+        <auth:Description>Alternate login ID of the user</auth:Description>
+      </auth:ClaimType>
+    </fed:ClaimTypesOffered>
+    <fed:SecurityTokenServiceEndpoint>
+      <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+        <Address>https://adfs.tad.hv.se/adfs/services/trust/2005/certificatemixed</Address>
+        <Metadata>
+          <Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+            <wsx:MetadataSection xmlns="" Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex">
+              <wsx:MetadataReference>
+                <Address xmlns="http://www.w3.org/2005/08/addressing">https://adfs.tad.hv.se/adfs/services/trust/mex</Address>
+              </wsx:MetadataReference>
+            </wsx:MetadataSection>
+          </Metadata>
+        </Metadata>
+      </EndpointReference>
+    </fed:SecurityTokenServiceEndpoint>
+    <fed:PassiveRequestorEndpoint>
+      <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+        <Address>https://adfs.tad.hv.se/adfs/ls/</Address>
+      </EndpointReference>
+    </fed:PassiveRequestorEndpoint>
+  </RoleDescriptor>
+  <SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <KeyDescriptor use="encryption">
+      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+        <X509Data>
+          <X509Certificate>MIIC3jCCAcagAwIBAgIQJUPVHNhj+JtCSmkUzj+l+TANBgkqhkiG9w0BAQsFADArMSkwJwYDVQQDEyBBREZTIEVuY3J5cHRpb24gLSBhZGZzLnRhZC5odi5zZTAeFw0xNTEyMDIxMzUwMDNaFw0yMDEyMDIxMzUwMDNaMCsxKTAnBgNVBAMTIEFERlMgRW5jcnlwdGlvbiAtIGFkZnMudGFkLmh2LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseBegVuR4rWwDh+u/358+9uUCp3D4ByUTlu8pAXGkwjMmgid/VnWoWbezvTMD4j7v/lRFP+HbotD4WNNvHjtIJ1klI07GqINL+Sh+muuPVmARumB4yISRJyCrAg0Y9BUP4U10uTK4pUciqtOy3WWOGmcnNH3oeMz9mkyzbn+l30aKFgubeCZk5ni7VRCWTW7pHs+n4laMYBgBWIOUamgfn1jbpi8j4MUA3Vt/Z3IW5UPp8tXuCM3cw5peQydvw0NYynk+lAhNyWupPQ/ckGS33AZZor3eYMnqgrz/h5QpMstpkpb5LGGoXlbS5CezjVqlRdLw/fuiW8IL0uj15hU6QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAxz/0OiyG4GIHQjflw8fIXeZ6ciuKEC1gEwA4dyFnxNv/+F7hKD8l1aQwVVrYIjzUw1QjwlDsqXwEcxzFAE4xjcO7Luf0HpD3eR0edM4iDmR4yQPro0c7iguueaUWwpAL4Wxop+FsY8YLoz31qynXCQhZiEm45mwt73AzjW58rIyvLv52BgS5W1rw+3n4yjjxGXcNTcjXqTXNKKjGj/Q421hhTdqqlNQXNILZaeXi/qnI+8NE4Bfxo2NVMFUGN44CrcGqMXmgkpvmenwCCJ3uMiX1FLcfRiR49RcrtvnpcLh7z8u2ixbPDBzeXMv4qJddc4W6My6+nfSmtv3jYgijK</X509Certificate>
+        </X509Data>
+      </KeyInfo>
+    </KeyDescriptor>
+    <KeyDescriptor use="signing">
+      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+        <X509Data>
+          <X509Certificate>MIIC2DCCAcCgAwIBAgIQdJ+qhazgjLJDd3jeh9VkpzANBgkqhkiG9w0BAQsFADAoMSYwJAYDVQQDEx1BREZTIFNpZ25pbmcgLSBhZGZzLnRhZC5odi5zZTAeFw0xNTEyMDIxMzQ5NDhaFw0yMDEyMDIxMzQ5NDhaMCgxJjAkBgNVBAMTHUFERlMgU2lnbmluZyAtIGFkZnMudGFkLmh2LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvR12vhcEsB93mg6pgwyQxGhZqpS8aEcCzOQwXOApH28y6RlT0qE/mowxX0fOpdBYblbxOurih4vtwx1NTe5CrXsUrpzkHP/hsOAmMGrpC0N5ybOEUegJ/Hk6wTmt7wA7nSfcsMvTUsXQZvKA+xFhCA7AjSMpF8Vv7BeU2O1IZDELU4U7P5iBls1YuMsgdFJ2Eu5LHILhfGaqSi9xkL7loYYwH3iU8MZ52CbOJLEl9uG99E3njSPq3CJ4tWZj1OkBLYf3gBBgvW3tOyYrAJWq5d1LyAh05+PNQQAKTPKHaaV9iAtUgys6M1v5XCUi1rv0nCBwl0iNQuFIiXsegaG4UQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBratRK3aI/quHmQ5fEMOaySihHaQId/26Jq4RQH0yOOhzjsQ9DSGCwwYZOefgi5G7SzQw1m6PJ7WecqT9gRPPT+IPt+KO+dnWQUNgedOZzM5Z0HXSdIUX0h5pxxTbHqExqkj9CZzKHFbiQvZBld7VcJsZW9PB7bM8lg+NAeoGBNdJACx33M59jVa+vPd2pVT5STufgIHkLkDGCqedBEQMFmyAhidVHlJO2cgieqmTjCDiO38ZYdXbwarsYrs6uxmdqUMdRwT4IVkpgyqyeQh/tN+w3QolWu4PX1s76GSYLUKasyK6YZXZDBGlFZDbb0padi0Vasmmg+VvMhuKmRtIP</X509Certificate>
+        </X509Data>
+      </KeyInfo>
+    </KeyDescriptor>
+    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs.tad.hv.se/adfs/ls/"/>
+    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs.tad.hv.se/adfs/ls/"/>
+    <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+    <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
+    <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+    <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs.tad.hv.se/adfs/ls/" index="0" isDefault="true"/>
+    <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://adfs.tad.hv.se/adfs/ls/" index="1"/>
+    <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs.tad.hv.se/adfs/ls/" index="2"/>
+  </SPSSODescriptor>
+  <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <Extensions>
+      <shibmd:Scope regexp="false">contoso.com</shibmd:Scope>
+    </Extensions>
+    <KeyDescriptor use="encryption">
+      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+        <X509Data>
+          <X509Certificate>MIIC3jCCAcagAwIBAgIQJUPVHNhj+JtCSmkUzj+l+TANBgkqhkiG9w0BAQsFADArMSkwJwYDVQQDEyBBREZTIEVuY3J5cHRpb24gLSBhZGZzLnRhZC5odi5zZTAeFw0xNTEyMDIxMzUwMDNaFw0yMDEyMDIxMzUwMDNaMCsxKTAnBgNVBAMTIEFERlMgRW5jcnlwdGlvbiAtIGFkZnMudGFkLmh2LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseBegVuR4rWwDh+u/358+9uUCp3D4ByUTlu8pAXGkwjMmgid/VnWoWbezvTMD4j7v/lRFP+HbotD4WNNvHjtIJ1klI07GqINL+Sh+muuPVmARumB4yISRJyCrAg0Y9BUP4U10uTK4pUciqtOy3WWOGmcnNH3oeMz9mkyzbn+l30aKFgubeCZk5ni7VRCWTW7pHs+n4laMYBgBWIOUamgfn1jbpi8j4MUA3Vt/Z3IW5UPp8tXuCM3cw5peQydvw0NYynk+lAhNyWupPQ/ckGS33AZZor3eYMnqgrz/h5QpMstpkpb5LGGoXlbS5CezjVqlRdLw/fuiW8IL0uj15hU6QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAxz/0OiyG4GIHQjflw8fIXeZ6ciuKEC1gEwA4dyFnxNv/+F7hKD8l1aQwVVrYIjzUw1QjwlDsqXwEcxzFAE4xjcO7Luf0HpD3eR0edM4iDmR4yQPro0c7iguueaUWwpAL4Wxop+FsY8YLoz31qynXCQhZiEm45mwt73AzjW58rIyvLv52BgS5W1rw+3n4yjjxGXcNTcjXqTXNKKjGj/Q421hhTdqqlNQXNILZaeXi/qnI+8NE4Bfxo2NVMFUGN44CrcGqMXmgkpvmenwCCJ3uMiX1FLcfRiR49RcrtvnpcLh7z8u2ixbPDBzeXMv4qJddc4W6My6+nfSmtv3jYgijK</X509Certificate>
+        </X509Data>
+      </KeyInfo>
+    </KeyDescriptor>
+    <KeyDescriptor use="signing">
+      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+        <X509Data>
+          <X509Certificate>MIIC2DCCAcCgAwIBAgIQdJ+qhazgjLJDd3jeh9VkpzANBgkqhkiG9w0BAQsFADAoMSYwJAYDVQQDEx1BREZTIFNpZ25pbmcgLSBhZGZzLnRhZC5odi5zZTAeFw0xNTEyMDIxMzQ5NDhaFw0yMDEyMDIxMzQ5NDhaMCgxJjAkBgNVBAMTHUFERlMgU2lnbmluZyAtIGFkZnMudGFkLmh2LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvR12vhcEsB93mg6pgwyQxGhZqpS8aEcCzOQwXOApH28y6RlT0qE/mowxX0fOpdBYblbxOurih4vtwx1NTe5CrXsUrpzkHP/hsOAmMGrpC0N5ybOEUegJ/Hk6wTmt7wA7nSfcsMvTUsXQZvKA+xFhCA7AjSMpF8Vv7BeU2O1IZDELU4U7P5iBls1YuMsgdFJ2Eu5LHILhfGaqSi9xkL7loYYwH3iU8MZ52CbOJLEl9uG99E3njSPq3CJ4tWZj1OkBLYf3gBBgvW3tOyYrAJWq5d1LyAh05+PNQQAKTPKHaaV9iAtUgys6M1v5XCUi1rv0nCBwl0iNQuFIiXsegaG4UQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBratRK3aI/quHmQ5fEMOaySihHaQId/26Jq4RQH0yOOhzjsQ9DSGCwwYZOefgi5G7SzQw1m6PJ7WecqT9gRPPT+IPt+KO+dnWQUNgedOZzM5Z0HXSdIUX0h5pxxTbHqExqkj9CZzKHFbiQvZBld7VcJsZW9PB7bM8lg+NAeoGBNdJACx33M59jVa+vPd2pVT5STufgIHkLkDGCqedBEQMFmyAhidVHlJO2cgieqmTjCDiO38ZYdXbwarsYrs6uxmdqUMdRwT4IVkpgyqyeQh/tN+w3QolWu4PX1s76GSYLUKasyK6YZXZDBGlFZDbb0padi0Vasmmg+VvMhuKmRtIP</X509Certificate>
+        </X509Data>
+      </KeyInfo>
+    </KeyDescriptor>
+    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs.tad.hv.se/adfs/ls/"/>
+    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs.tad.hv.se/adfs/ls/"/>
+    <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+    <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
+    <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+    <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://adfs.tad.hv.se/adfs/ls/"/>
+    <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://adfs.tad.hv.se/adfs/ls/"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="E-Mail Address" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Given Name" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Name" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="UPN" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Common Name" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="AD FS 1.x E-Mail Address" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Group" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="AD FS 1.x UPN" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Role" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Surname" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="PPID" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Name ID" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Authentication time stamp" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Authentication method" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Deny only group SID" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Deny only primary SID" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Deny only primary group SID" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Group SID" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Primary group SID" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Primary SID" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Windows account name" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Is Registered User" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Device Identifier" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Device Registration Identifier" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Device Registration DisplayName" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Device OS type" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Device OS Version" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Is Managed Device" Name="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Forwarded Client IP" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Client Application" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Client User Agent" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Client IP" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Endpoint Path" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Proxy" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Application Identifier" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Application policies" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Authority Key Identifier" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Basic Constraint" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Enhanced Key Usage" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Issuer" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Issuer Name" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Key Usage" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Not After" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Not Before" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Certificate Policies" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Public Key" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Certificate Raw Data" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Subject Alternative Name" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Serial Number" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Signature Algorithm" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Subject" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Subject Key Identifier" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Subject Name" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="V2 Template Name" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="V1 Template Name" Name="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Thumbprint" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="X.509 Version" Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Inside Corporate Network" Name="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Password Expiration Time" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Password Expiration Days" Name="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Update Password URL" Name="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Authentication Methods References" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Client Request ID" Name="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="Alternate Login ID" Name="http://schemas.microsoft.com/ws/2013/11/alternateloginid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+  </IDPSSODescriptor>
+  <ContactPerson contactType="technical">
+    <GivenName>Pär</GivenName>
+    <SurName>Lauridsen</SurName>
+    <EmailAddress>mailto:par.lauridsen@hv.se</EmailAddress>
+  </ContactPerson>
+</EntityDescriptor>
diff --git a/swamid-testing-idp-1.0.mxml b/swamid-testing-idp-1.0.mxml
index 6b167bd0..6fa58738 100644
--- a/swamid-testing-idp-1.0.mxml
+++ b/swamid-testing-idp-1.0.mxml
@@ -58,4 +58,5 @@
   <xi:include href="swamid-2.0/idp.test.antagning.se-aws-idp.xml"/>
   <xi:include href="swamid-2.0/idp.hv.se-idp-shibboleth.xml"/>
   <xi:include href="swamid-2.0/fs.test.ad.liu.se-adfs-services-trust.xml"/>
+  <xi:include href="swamid-2.0/adfs.tad.hv.se-adfs-services-trust.xml"/>
 </EntitiesDescriptor>
-- 
cgit v1.2.3


From 388f54f074d34f0fa6684d4845b23c6198496dd7 Mon Sep 17 00:00:00 2001
From: Fredrik Domeij <fredrik.domeij@umu.se>
Date: Mon, 11 Sep 2017 18:07:45 +0200
Subject: RT198: updated metadata for Ladok2 utb2

---
 swamid-2.0/student.utb2.ladok.se-student-sp.xml | 48 +++++++++++++------------
 swamid-2.0/www.utb2.ladok.se-gui-sp.xml         | 43 +++++++++++-----------
 2 files changed, 48 insertions(+), 43 deletions(-)

diff --git a/swamid-2.0/student.utb2.ladok.se-student-sp.xml b/swamid-2.0/student.utb2.ladok.se-student-sp.xml
index 2cb3f99f..21164139 100644
--- a/swamid-2.0/student.utb2.ladok.se-student-sp.xml
+++ b/swamid-2.0/student.utb2.ladok.se-student-sp.xml
@@ -30,12 +30,14 @@
       <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://student.utb2.ladok.se/Shibboleth.sso/Login"/>
       <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://student.utb2.ladok.se/Shibboleth.sso/Login" index="1"/>
       <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
-        <mdui:DisplayName xml:lang="sv">Ladok student.utb2.ladok.se</mdui:DisplayName>
-        <mdui:DisplayName xml:lang="en">Ladok student.utb2.ladok.se</mdui:DisplayName>
-        <mdui:InformationURL xml:lang="sv">https://www.ladok.se/</mdui:InformationURL>
+        <mdui:DisplayName xml:lang="sv">Ladok studentgränssnitt student.utb2.ladok.se</mdui:DisplayName>
+        <mdui:DisplayName xml:lang="en">Ladok student web student.utb2.ladok.se</mdui:DisplayName>
         <mdui:Description xml:lang="sv">Studieadministrativt systemstöd för universitet och högskolor i Sverige (Ladok)</mdui:Description>
         <mdui:Description xml:lang="en">Administration system for higher education in Sweden (Ladok)</mdui:Description>
-        <mdui:Logo height="64" width="64">https://student.utb2.ladok.se/branded/HSK/logo.png</mdui:Logo>
+        <mdui:Logo xml:lang="sv" width="96" height="98">https://student.utb2.ladok.se/logo/ladok_sv.png</mdui:Logo>
+        <mdui:Logo xml:lang="en" width="96" height="98">https://student.utb2.ladok.se/logo/ladok_en.png</mdui:Logo>
+        <mdui:InformationURL xml:lang="sv">http://www.ladok.se/</mdui:InformationURL>
+        <mdui:InformationURL xml:lang="en">http://www.ladok.se/</mdui:InformationURL>
       </mdui:UIInfo>
     </md:Extensions>
     <md:KeyDescriptor>
@@ -44,25 +46,7 @@
         <ds:KeyName>student.utb2.ladok.se</ds:KeyName>
         <ds:X509Data>
           <ds:X509SubjectName>CN=student.utb2.ladok.se</ds:X509SubjectName>
-          <ds:X509Certificate>MIIDMDCCAhigAwIBAgIJAPStLfWtHv8eMA0GCSqGSIb3DQEBCwUAMCAxHjAcBgNV
-BAMTFXN0dWRlbnQudXRiMi5sYWRvay5zZTAeFw0xNzAzMTMxMTE2MjRaFw0yNzAz
-MTExMTE2MjRaMCAxHjAcBgNVBAMTFXN0dWRlbnQudXRiMi5sYWRvay5zZTCCASIw
-DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOHMrGo61ebP4mT48B02x/WdSwpm
-qG0RDGdcPx01jqNRph3bQj2PbWGpFBt2mRJALZCCbf9sIhGiaXWYROJxn54mWIkj
-eQv5rgzjhj/FcCxiVm3Er8Dq6tv3vjZwcuH5q9/SxGGRQO6bo5igNebqEgAeoXFl
-FFVO2apZP5qE4BZ8Fb+8mZbpsVnqEfe0AXCT4Lsd22zoN7P43HslWWYeli5dcg11
-/AK3Rde+SSD4nfhYJZw3XrWdOV1cquG0BdCd/JKH0oVb08yZPs06XELuLYFAjkYK
-hWDRBV0YSZHpO9HFozBymBZKi7BTMrsTSoi1dv6m72pB4eUaBDbv5/lWyHECAwEA
-AaNtMGswSgYDVR0RBEMwQYIVc3R1ZGVudC51dGIyLmxhZG9rLnNlhihodHRwczov
-L3N0dWRlbnQudXRiMi5sYWRvay5zZS9zdHVkZW50LXNwMB0GA1UdDgQWBBSKmgbx
-JDLd0/W1fs93U05dmzalRzANBgkqhkiG9w0BAQsFAAOCAQEAZlLv1eyFfQita2n/
-OlbHh5WR24EQos4lJd+g1pznm0M7KqfI2p+18HxDoC5P/S3mpV1EANdU2NGd2foS
-pbcQ8aoBTg6nFa/kHqObUkdneozEMMAGt+jecsFaR0oWmsBpp/yMViRrYEmFF+sv
-eoKnMsOtpdd/SmKBaexq2hNpGZXDylBzsd4i4N9EYaq1rbPTinFoLbQQL5D0/FTM
-bEpwFk9wqlwDyoODf67DB0n+oEyluHhfi7sKzEupjsGnmsZYGMTlCxOtUW+cwTY1
-4xqevJh6KPmpUjpRCWRMEIkCUEwfNB/D23IkXYoYpr3cy2VFPL9rAKHPANAyOH6j
-EkBQkA==
-</ds:X509Certificate>
+          <ds:X509Certificate>MIIDMDCCAhigAwIBAgIJAKAR9zTEEIJvMA0GCSqGSIb3DQEBCwUAMCAxHjAcBgNVBAMTFXN0dWRlbnQudXRiMi5sYWRvay5zZTAeFw0xNzA5MTEwODQ1MDdaFw0yNzA5MDkwODQ1MDdaMCAxHjAcBgNVBAMTFXN0dWRlbnQudXRiMi5sYWRvay5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALrVHWfo2d1CKpW1zEeWKC3MQnnHzlSfOW0NcsnAvGY44wU2sCuP2OxtJcVO8fXLt88DSTakvRPca4ipwW+8phNUa3KMDz5fcIWI557t+VvbuaHfc6BbaP4tLBGoOIGEQ9bdE6rhHKpP5UXOgwW1bRRPAyWSwn9vw7GI0PHpsYNibQa4mHvHIitCffHQTyz+jgD1Z7sxNIjkCVrojkfG2HYHMg+LFSnGh+K6C61PBmr7N0mJwQATJhNasXvAaj730UU26xFPJaRwtTiRtMnZ0Lf1rg99R0Nd82XnoopAVgTgL51dW1+cy4yHyfzeXei7gHWKRVJ+5EbUzWpfuoyyp2UCAwEAAaNtMGswSgYDVR0RBEMwQYIVc3R1ZGVudC51dGIyLmxhZG9rLnNlhihodHRwczovL3N0dWRlbnQudXRiMi5sYWRvay5zZS9zdHVkZW50LXNwMB0GA1UdDgQWBBS9YsQVdfuPYd2qyk05NsezqmfvHzANBgkqhkiG9w0BAQsFAAOCAQEACCnlmV7HyuaQ2k0vq0bgxd2vHiYF3MS660aJnAyQIY07Kh5FqQR2NdJkOOYQYrw1Adaa/2fFw2fUi86UcSswKWimleloMHx4Nwjit48cR4c6f3SSFJHNVI71IasSMv/ImRb4tN1cV1aNm+wYIfA1hikjYs/qnbz6KM17oxiAzNWwa8hy+WR/9/Yek3QXucRx4e0U/cM02xOlzko8OvdyW8Iko5PTNbGArY43y5V9pMwAH76HDNHVMCzLmMbIoYr0tFAbzicEFcjf/z0Kryklsd9alzCa6pWEtHDj2XozzaV0vZO1Ka5UGZn2OuKFPzglavkUk6/AkmFFYYkW1uxd7g==</ds:X509Certificate>
         </ds:X509Data>
       </ds:KeyInfo>
       <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
@@ -90,4 +74,22 @@ EkBQkA==
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://student.utb2.ladok.se/Shibboleth.sso/SAML/POST" index="5"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://student.utb2.ladok.se/Shibboleth.sso/SAML/Artifact" index="6"/>
   </md:SPSSODescriptor>
+  <md:ContactPerson contactType="administrative">
+    <md:Company>ITS, Umeå universitet</md:Company>
+    <md:SurName>Simon Johansson</md:SurName>
+    <md:EmailAddress>ladoksupport@its.umu.se</md:EmailAddress>
+    <md:TelephoneNumber>46907866600</md:TelephoneNumber>
+  </md:ContactPerson>
+  <md:ContactPerson contactType="technical">
+    <md:Company>ITS, Umeå universitet</md:Company>
+    <md:SurName>Simon Johansson</md:SurName>
+    <md:EmailAddress>ladoksupport@its.umu.se</md:EmailAddress>
+    <md:TelephoneNumber>46907866600</md:TelephoneNumber>
+  </md:ContactPerson>
+  <md:ContactPerson contactType="support">
+    <md:Company>ITS, Umeå universitet</md:Company>
+    <md:SurName>Ladok-supporten</md:SurName>
+    <md:EmailAddress>ladoksupport@its.umu.se</md:EmailAddress>
+    <md:TelephoneNumber>46907866600</md:TelephoneNumber>
+  </md:ContactPerson>
 </md:EntityDescriptor>
diff --git a/swamid-2.0/www.utb2.ladok.se-gui-sp.xml b/swamid-2.0/www.utb2.ladok.se-gui-sp.xml
index fdec7332..4ad85b88 100644
--- a/swamid-2.0/www.utb2.ladok.se-gui-sp.xml
+++ b/swamid-2.0/www.utb2.ladok.se-gui-sp.xml
@@ -31,10 +31,12 @@
       <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
         <mdui:DisplayName xml:lang="sv">Ladok www.utb2.ladok.se</mdui:DisplayName>
         <mdui:DisplayName xml:lang="en">Ladok www.utb2.ladok.se</mdui:DisplayName>
-        <mdui:InformationURL xml:lang="sv">https://www.ladok.se/</mdui:InformationURL>
         <mdui:Description xml:lang="sv">Studieadministrativt systemstöd för universitet och högskolor i Sverige (Ladok)</mdui:Description>
         <mdui:Description xml:lang="en">Administration system for higher education in Sweden (Ladok)</mdui:Description>
-        <mdui:Logo height="64" width="64">https://www.utb2.ladok.se/branded/HSK/logo.png</mdui:Logo>
+        <mdui:Logo xml:lang="sv" width="96" height="98">https://www.utb2.ladok.se/logo/ladok_sv.png</mdui:Logo>
+        <mdui:Logo xml:lang="en" width="96" height="98">https://www.utb2.ladok.se/logo/ladok_en.png</mdui:Logo>
+        <mdui:InformationURL xml:lang="sv">http://www.ladok.se/</mdui:InformationURL>
+        <mdui:InformationURL xml:lang="en">http://www.ladok.se/</mdui:InformationURL>
       </mdui:UIInfo>
     </md:Extensions>
     <md:KeyDescriptor>
@@ -43,24 +45,7 @@
         <ds:KeyName>www.utb2.ladok.se</ds:KeyName>
         <ds:X509Data>
           <ds:X509SubjectName>CN=www.utb2.ladok.se</ds:X509SubjectName>
-          <ds:X509Certificate>MIIDHDCCAgSgAwIBAgIJAIf7iqkGRjAYMA0GCSqGSIb3DQEBCwUAMBwxGjAYBgNV
-BAMTEXd3dy51dGIyLmxhZG9rLnNlMB4XDTE3MDMxMzA5NTk1OVoXDTI3MDMxMTA5
-NTk1OVowHDEaMBgGA1UEAxMRd3d3LnV0YjIubGFkb2suc2UwggEiMA0GCSqGSIb3
-DQEBAQUAA4IBDwAwggEKAoIBAQDMMRaelknlKLqzo0ieyuezfWszMG34yEsWGx/i
-ELokGpYrxuPM7amP+E5V2DbsmWgBTJFD+zkV3es2EQPt5CVD9Lt1JRD/Fnyax3aP
-83VURF+joV3J+fp1VSfEcvE5lZkUncan8Vdj/xs2pLJUP3MtN7VbLSwjDJvYpyp6
-+hJxtldh6xJ3NcA6+XyY/ZAHHbK0GG/u1mMjUk28E5aZv3U4Lwb3h77rGZrGP3r8
-5KyI3VYexjbwkklfepFS2iFx6rGHs64Kq9Z0/7SlnYRIEF0A8GPxrmYYMYKM0QOs
-7zG9X0nHMNdEOpo2QZberJs7xbs4XKgOgf4iKMpjn/4qKeLbAgMBAAGjYTBfMD4G
-A1UdEQQ3MDWCEXd3dy51dGIyLmxhZG9rLnNlhiBodHRwczovL3d3dy51dGIyLmxh
-ZG9rLnNlL2d1aS1zcDAdBgNVHQ4EFgQUv6vJR6glRnsS32nclhRryJOAN94wDQYJ
-KoZIhvcNAQELBQADggEBAAL5pkqnkYJeezBb8Agmp8uHSMd+8laNbhv0fvUhGznV
-y+PgROw7HZ15oMZ0vXZlHpeRWpDJ39D0mjgmZDVG2TqoQQh5NVTjsEfFMeRybDPw
-ejvY8pFEBFxejqpizIYFGELUG1K+K0QRIOWY0rBojWP0uceRJqMW7DQQMTRBkDKG
-f21oSOpTDq5Qsynm3dRESp+ur5gBnONn0ayIuVehypt80sXLpF3QOCf/8cgTlKTA
-J2SulBZ/GU8WpyiZFlc7c2Ngw+yFfpOR5+6ez5jApKvwQ2vVm23BIdJw0KFq6Aln
-soJZI3B7GaeKhEWM6sEi+O9NIG7neyjJMWpXT0xQxec=
-</ds:X509Certificate>
+          <ds:X509Certificate>MIIDHDCCAgSgAwIBAgIJAPbas4xUoylGMA0GCSqGSIb3DQEBCwUAMBwxGjAYBgNVBAMTEXd3dy51dGIyLmxhZG9rLnNlMB4XDTE3MDkxMTA4MzQyOVoXDTI3MDkwOTA4MzQyOVowHDEaMBgGA1UEAxMRd3d3LnV0YjIubGFkb2suc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFXKWe12Tgp7gaml8ig7fJ6fpclWYzBkbicnfzjWdRJjsjAz+Gsah1fAfHngB7fOyanxh/LqOw/nTZ2dOojIH9+aSkObDY0dnmZtMIL7FZBr119VXqKCAvdm+mv0OgMY0tDaqtcTzBCLUSpEndkq7qqfkZJrH9lL39bl2y56GBOsPp5cD2J7f2s3SdZKcqslODLfplKjU0mWy2gSGZEp3Ug8U8ARZLpA8NFGTqAk4LhhvRVJdWjVOuQ6d2KnvSiG64Hnm4hLoXCXMKRJPtuHbrw5oC1EHrUTpca/t03bK/BL8W9P6hGy2isV0dckmi5s2LBF1HkYKjEJwLq0WuvMXBAgMBAAGjYTBfMD4GA1UdEQQ3MDWCEXd3dy51dGIyLmxhZG9rLnNlhiBodHRwczovL3d3dy51dGIyLmxhZG9rLnNlL2d1aS1zcDAdBgNVHQ4EFgQUj0BdzK5wRDsho7wGPzs1fgYOZp4wDQYJKoZIhvcNAQELBQADggEBADD6kIPqxgY7pwcr8ODZjxmb98pFXxk/oDt/hz9N+gUsbI1/kMHpJj18wijMszh4Wrnt/0D17mJxIcvmHl2KMpVgqor+sSKKU9OlC9ArtlquEaBk0Oppqn0VK5HJRDQehV+YfszbUClKXwFGJ2EBFtBq5xPCr2CoggvS7jAcmOzgk2/XTygdoNW1vc7hxZ6Rj2rjBM8gR7vLGW83HxQ0epGC/n28OAUPURU7g8TiXqMgOyhKM4iJqF2wU/d8oQ9QVnH0vETud43Uk66EobTGrFnKhdi/xp3mx8wDr0aJf5u2RXtmeH7cjxJnonRzkZR+mp6Ydij9ELcpHgQWNgRK3T0=</ds:X509Certificate>
         </ds:X509Data>
       </ds:KeyInfo>
       <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
@@ -88,4 +73,22 @@ soJZI3B7GaeKhEWM6sEi+O9NIG7neyjJMWpXT0xQxec=
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.utb2.ladok.se/Shibboleth.sso/SAML/POST" index="5"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.utb2.ladok.se/Shibboleth.sso/SAML/Artifact" index="6"/>
   </md:SPSSODescriptor>
+  <md:ContactPerson contactType="administrative">
+    <md:Company>ITS, Umeå universitet</md:Company>
+    <md:SurName>Simon Johansson</md:SurName>
+    <md:EmailAddress>ladoksupport@its.umu.se</md:EmailAddress>
+    <md:TelephoneNumber>46907866600</md:TelephoneNumber>
+  </md:ContactPerson>
+  <md:ContactPerson contactType="technical">
+    <md:Company>ITS, Umeå universitet</md:Company>
+    <md:SurName>Simon Johansson</md:SurName>
+    <md:EmailAddress>ladoksupport@its.umu.se</md:EmailAddress>
+    <md:TelephoneNumber>46907866600</md:TelephoneNumber>
+  </md:ContactPerson>
+  <md:ContactPerson contactType="support">
+    <md:Company>ITS, Umeå universitet</md:Company>
+    <md:SurName>Ladok-supporten</md:SurName>
+    <md:EmailAddress>ladoksupport@its.umu.se</md:EmailAddress>
+    <md:TelephoneNumber>46907866600</md:TelephoneNumber>
+  </md:ContactPerson>
 </md:EntityDescriptor>
-- 
cgit v1.2.3


From 0c7ef29b28609ad55986e89e521b10b1952530ea Mon Sep 17 00:00:00 2001
From: Paul Scott <paul.scott@kau.se>
Date: Tue, 12 Sep 2017 15:42:11 +0200
Subject: Add test server KAU tentaadministration

---
 swamid-2.0/almagest.sai.kau.se.xml | 84 ++++++++++++++++++++++++++++++++++++++
 swamid-sp-2.0.mxml                 |  1 +
 2 files changed, 85 insertions(+)
 create mode 100644 swamid-2.0/almagest.sai.kau.se.xml

diff --git a/swamid-2.0/almagest.sai.kau.se.xml b/swamid-2.0/almagest.sai.kau.se.xml
new file mode 100644
index 00000000..5e9ca9da
--- /dev/null
+++ b/swamid-2.0/almagest.sai.kau.se.xml
@@ -0,0 +1,84 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://almagest.sai.kau.se">
+  <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+  </md:Extensions>
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <md:Extensions>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://almagest.sai.kau.se/Shibboleth.sso/logmein"/>
+      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+        <mdui:DisplayName xml:lang="sv">Ladok 3 Tentamensadministration (test)</mdui:DisplayName>
+        <mdui:DisplayName xml:lang="en">Ladok 3 Exam administration (test)</mdui:DisplayName>
+        <mdui:Description xml:lang="sv">Testserver för KAU tentaadministration</mdui:Description>
+        <mdui:Description xml:lang="en">Test server for KAU exam administration</mdui:Description>
+      </mdui:UIInfo>
+    </md:Extensions>
+    <md:KeyDescriptor>
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:KeyName>almagest.sai.kau.se</ds:KeyName>
+        <ds:X509Data>
+          <ds:X509SubjectName>CN=almagest.sai.kau.se</ds:X509SubjectName>
+          <ds:X509Certificate>MIIEADCCAmigAwIBAgIJAIJw80ekmnweMA0GCSqGSIb3DQEBCwUAMB4xHDAaBgNV
+BAMTE2FsbWFnZXN0LnNhaS5rYXUuc2UwHhcNMTcwOTEyMTI0ODI1WhcNMjcwOTEw
+MTI0ODI1WjAeMRwwGgYDVQQDExNhbG1hZ2VzdC5zYWkua2F1LnNlMIIBojANBgkq
+hkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA6pCbvO0v3y17dBIVDBXr80mJoeSyaEL5
+hD7RF5Awz1R7qveTWq47BPK5xEf/M5UgpvlA8LBif9+0LlXaU2H5+UPZ1R3PY0nj
+lOhDPBxJotvDaIk669OCVCbCE9q8KPunsqW17BojbXlGEsmiMvcAMToqsqwBnR5R
++UnCFnERTBkbhsAaoz9QfI7+ogKGLXfIyAaR5r+KmKtCJT3edA79mLfEjf4TE3N2
+Xv5ZChPpPYdMQtY6k+zXeyPhT6jJXrze9cUgP+jAbd1hsfOweIFdpLqwHuwrg++Q
+z0QuTVMyzzZHXiLMyW/dlv1QPVXYo/4TzZQYx0C+Uj1O6gTiDdu0PAKlKazLnk5D
+fS843VduBzmxmXKidE55i+VFszhtxb2wQGmCwN0RkJyY7kNlb4cqXNN9W7oIKf4E
+D1EcnPpBy/blZQbXFa/p5ZqQkPiusF/mVhaQ+whnrG/PJMjTEQFVjwPyWltnwsy/
+N6y4Ok2Xgfuc/p9/8kKv6PIobhkn2k+bAgMBAAGjQTA/MB4GA1UdEQQXMBWCE2Fs
+bWFnZXN0LnNhaS5rYXUuc2UwHQYDVR0OBBYEFImySCBztzWJ6xn4DgKyfQMS8GwX
+MA0GCSqGSIb3DQEBCwUAA4IBgQCBBUPYJ01vp4hg04C3gP/zI3WC2hf8wO04hfhY
+j42D6HZMfO2Ff5pCu1SHSML2h4DPyqURCHPXnIFxyFX4H5+kLrrwhz2iBSWBLQQo
+yYdJEsfmj7kpduA97bZixeNnNi+Q/gQlAzYWJLCD/lD/5cgfWuNYZ9I2NMS0sTLr
+dqYvYFWCtY6Xjl55pfLAgpu57bq+qBAT8q6Bi8jiR8FucCXH0znh14oaur5wpUed
+rwKMj83OC3FVYmtHk3CbXBAgK434JKJvFG6vtQL+nKJea0J32u8KpHiLr8bZuQzZ
+LygQy0HnwfhBnu4hIZThvVKDymOTV3cLIo4VMM6Z4H3JfuPvgIv8sP5IpPxmWmrJ
+x8Qnqt1XgUzpwhobgxu7v9B7jPzJ8ootI5+W+OCQiz6ZOijTflcCXh6k4uBueows
+69OPSLV5lYMw97bmq43/DuRWWYZQqgNH5aQ/CoXHW/ilyFV432sNaCbDheTaR6c3
+wGwCM8JWEBn/5y8d2MEoE88o20w=
+</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </md:KeyDescriptor>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://almagest.sai.kau.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://almagest.sai.kau.se/Shibboleth.sso/Artifact/SOAP" index="2"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://almagest.sai.kau.se/Shibboleth.sso/SLO/SOAP"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://almagest.sai.kau.se/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://almagest.sai.kau.se/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://almagest.sai.kau.se/Shibboleth.sso/SLO/Artifact"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://almagest.sai.kau.se/Shibboleth.sso/SAML2/POST" index="1"/>
+  </md:SPSSODescriptor>
+  <md:ContactPerson contactType="technical">
+    <md:GivenName>Andreas</md:GivenName>
+    <md:SurName>Persenius</md:SurName>
+    <md:EmailAddress>mailto:andreas.persenius@kau.se</md:EmailAddress>
+  </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml
index 40f4dd12..6e3bb266 100644
--- a/swamid-sp-2.0.mxml
+++ b/swamid-sp-2.0.mxml
@@ -667,4 +667,5 @@
   <xi:include href="swamid-2.0/kantarainitiative.org-confluence-plugins-servlet-samlsso.xml"/>
   <xi:include href="swamid-2.0/zoom-saas-idp-proxy.sunet.se-sp.xml"/>
   <xi:include href="swamid-2.0/local.cloudmore.com-shibboleth.xml"/>
+  <xi:include href="swamid-2.0/almagest.sai.kau.se.xml"/>
 </md:EntitiesDescriptor>
-- 
cgit v1.2.3


From 51bc7c4d3a0b8827dc48c02d3f47e7d703661610 Mon Sep 17 00:00:00 2001
From: Paul Scott <paul.scott@kau.se>
Date: Tue, 12 Sep 2017 16:35:46 +0200
Subject: Resolves SWAMIDOPS-200

---
 swamid-2.0/adfs.rkh.se-adfs-services-trust.xml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/swamid-2.0/adfs.rkh.se-adfs-services-trust.xml b/swamid-2.0/adfs.rkh.se-adfs-services-trust.xml
index ff9e0603..8c8992cf 100644
--- a/swamid-2.0/adfs.rkh.se-adfs-services-trust.xml
+++ b/swamid-2.0/adfs.rkh.se-adfs-services-trust.xml
@@ -611,6 +611,8 @@
         <mdui:DisplayName xml:lang="en">Röda Korsets Högskola</mdui:DisplayName>
         <mdui:Description xml:lang="sv">ADFS Röda Korsets Högskola</mdui:Description>
         <mdui:Description xml:lang="en">ADFS Röda Korsets Högskola</mdui:Description>
+        <mdui:Logo xml:lang="sv" height="80" width="80">https://dw.rkh.se/Logo.png</mdui:Logo>
+        <mdui:Logo xml:lang="en" height="80" width="80">https://dw.rkh.se/Logo.png</mdui:Logo>
       </mdui:UIInfo>
     </Extensions>
     <KeyDescriptor use="encryption">
-- 
cgit v1.2.3


From ba0fd10c51a76701aa4f00017f9bb64f104541cb Mon Sep 17 00:00:00 2001
From: Björn Mattsson <Bjorn.Mattsson@bth.se>
Date: Wed, 13 Sep 2017 14:13:05 +0200
Subject: Resolved SWAMID-201

---
 .../pingpong.hj.se-Shibboleth.sso-Metadata.xml     | 61 ++++++++++++++++++++++
 swamid-sp-2.0.mxml                                 |  1 +
 2 files changed, 62 insertions(+)
 create mode 100644 swamid-2.0/pingpong.hj.se-Shibboleth.sso-Metadata.xml

diff --git a/swamid-2.0/pingpong.hj.se-Shibboleth.sso-Metadata.xml b/swamid-2.0/pingpong.hj.se-Shibboleth.sso-Metadata.xml
new file mode 100644
index 00000000..e11fdf65
--- /dev/null
+++ b/swamid-2.0/pingpong.hj.se-Shibboleth.sso-Metadata.xml
@@ -0,0 +1,61 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://pingpong.hj.se/Shibboleth.sso/Metadata">
+  <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+  </md:Extensions>
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <md:Extensions>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://pingpong.hj.se/Shibboleth.sso/Login"/>
+    </md:Extensions>
+    <md:KeyDescriptor>
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:KeyName>pingpong.hj.se</ds:KeyName>
+        <ds:X509Data>
+          <ds:X509SubjectName>CN=pingpong.hj.se</ds:X509SubjectName>
+          <ds:X509Certificate>MIIC8TCCAdmgAwIBAgIJAK3zQYIO0jRMMA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNV
+BAMTDnBpbmdwb25nLmhqLnNlMB4XDTE2MDQxMjIxMDAxMFoXDTI2MDQxMDIxMDAx
+MFowGTEXMBUGA1UEAxMOcGluZ3BvbmcuaGouc2UwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQCdfDnktBk/j3kXQERkPKhxU74wL6Gj7jfi7Q7tOiXkK9gt
+WYOX1xwzGBipaJD+JDFdyoQwhywUWoNC1nCwq+meqWIE5BiqKfz58uLo7yVZbq0D
+CyfD1CxS2bXU199gS9nRcvVaEPGcj5olWz4onD4Rnj62Wgp2gGBmDdrAOQUVUp35
+pz80/f4d9KcoS3EE+85JKU8nzA4Juw1rmof5xzZsmiy879mTbFcZlIe2ecLKcjlx
++53Bii5K3yg9kKqaUxVr1q/BBR3DZvVbVjLa/BFYDLDRaHcvkkWAEP0IPEyKxERs
+2bLnJG23Pu191tT95MKakKf/8CzRrvfD/sZDhjKTAgMBAAGjPDA6MBkGA1UdEQQS
+MBCCDnBpbmdwb25nLmhqLnNlMB0GA1UdDgQWBBQgr6cXLkmpK0aO9RWn09Mc0Hqi
+ADANBgkqhkiG9w0BAQUFAAOCAQEAJoIRG6ifIdpnQ5f8s9C1KAY/Vp4zzErZFVQh
+Y9p5vyKTBnEGcusx3DSWPqWSaohwWXgQVutNckAkzrt1Q8uyUKEq6Bbj/P6DHbBW
+sHEFZ3Be2aDb5KbVV8Ta/XbCBLYi/GwIUrPFqBqcb58iv8FfDbpAV2xIE5nvlFFZ
+GtDtNLwffFEUat79nolyrP+nXJRXdysvquW6nz8dFNDNIfrBS+bEhybOph+8w07E
+CLSz0W8sV0xK8CBbmHuoY7gZxMT32Fr1zANIjpWh7HyO5sZmHtSYCM329oQbQuhe
+/NAOaJdHrKUZuut5eeRGapGK1milxeKhTnB/Ou3BNtjlDPUJBg==
+</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </md:KeyDescriptor>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pingpong.hj.se/Shibboleth.sso/SAML2/POST" index="1"/>
+  </md:SPSSODescriptor>
+</md:EntityDescriptor>
diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml
index 6e3bb266..83725ee5 100644
--- a/swamid-sp-2.0.mxml
+++ b/swamid-sp-2.0.mxml
@@ -668,4 +668,5 @@
   <xi:include href="swamid-2.0/zoom-saas-idp-proxy.sunet.se-sp.xml"/>
   <xi:include href="swamid-2.0/local.cloudmore.com-shibboleth.xml"/>
   <xi:include href="swamid-2.0/almagest.sai.kau.se.xml"/>
+  <xi:include href="swamid-2.0/pingpong.hj.se-Shibboleth.sso-Metadata.xml"/>
 </md:EntitiesDescriptor>
-- 
cgit v1.2.3


From c7ec662a964f33a1aca2b16640c713d8b468ed01 Mon Sep 17 00:00:00 2001
From: Paul Scott <paul.scott@kau.se>
Date: Thu, 14 Sep 2017 09:45:38 +0200
Subject: Resolves SWAMIDOPS-195

---
 swamid-2.0/cloudmore.com-shibboleth.xml            | 94 ++++++++++++++++++++++
 swamid-2.0/dev.cloudmore.com-shibboleth.xml        | 91 +++++++++++++++++++++
 swamid-2.0/local.cloudmore.com-shibboleth.xml      | 15 +++-
 swamid-2.0/prestaging.cloudmore.com-shibboleth.xml | 92 +++++++++++++++++++++
 swamid-2.0/staging.cloudmore.com-shibboleth.xml    | 92 +++++++++++++++++++++
 swamid-edugain-sp-1.0.mxml                         |  5 ++
 swamid-sp-2.0.mxml                                 |  6 +-
 7 files changed, 393 insertions(+), 2 deletions(-)
 create mode 100644 swamid-2.0/cloudmore.com-shibboleth.xml
 create mode 100644 swamid-2.0/dev.cloudmore.com-shibboleth.xml
 create mode 100644 swamid-2.0/prestaging.cloudmore.com-shibboleth.xml
 create mode 100644 swamid-2.0/staging.cloudmore.com-shibboleth.xml

diff --git a/swamid-2.0/cloudmore.com-shibboleth.xml b/swamid-2.0/cloudmore.com-shibboleth.xml
new file mode 100644
index 00000000..2010b8f1
--- /dev/null
+++ b/swamid-2.0/cloudmore.com-shibboleth.xml
@@ -0,0 +1,94 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://cloudmore.com/shibboleth">
+  <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+  </md:Extensions>
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+    <md:Extensions>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://cloudmore.com/Shibboleth.sso/Login"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://cloudmore.com/Shibboleth.sso/Login" index="1"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://cloudmore.com/Shibboleth.sso/Login" index="2"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://cloudmore.com/Shibboleth.sso/Login" index="3"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://cloudmore.com/Shibboleth.sso/Login" index="4"/>
+      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+        <mdui:DisplayName xml:lang="en">Cloudmore</mdui:DisplayName>
+        <mdui:Description xml:lang="en">Cloud Brokerage Platform for IT, Business and Public Sector</mdui:Description>
+        <mdui:InformationURL xml:lang="en">http://web.cloudmore.com/</mdui:InformationURL>
+        <mdui:Logo height="300" width="300">http://web.cloudmore.com/hubfs/images/icons/Cloudmore-green-icon.png</mdui:Logo>
+      </mdui:UIInfo>
+    </md:Extensions>
+    <md:KeyDescriptor>
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:KeyName>stoprvfe01.domain01.net</ds:KeyName>
+        <ds:X509Data>
+          <ds:X509SubjectName>CN=stoprvfe01.domain01.net</ds:X509SubjectName>
+          <ds:X509Certificate>MIIEDDCCAnSgAwIBAgIJAJOLmVdtpocoMA0GCSqGSIb3DQEBCwUAMCIxIDAeBgNV
+BAMTF3N0b3BydmZlMDEuZG9tYWluMDEubmV0MB4XDTE3MDkwNTE5MDYyN1oXDTI3
+MDkwMzE5MDYyN1owIjEgMB4GA1UEAxMXc3RvcHJ2ZmUwMS5kb21haW4wMS5uZXQw
+ggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQC4YLswQuTzT9JcYWFe8PFZ
+oR/liIkoELde+7fJquGIUps2PflaSFcb8qf8LFik8OqB/WI3d1+ORN6S7TDrXbUN
+S+TNz4ngmc+qw3FQrHooleAgciPUpvA68g7qHGEjqqC4MggOWf31da7ICgpl+j8L
+rCdGWk0ea4rgH9KT9iercYdJfk41dS6VkwT2ARQVignuDMkqOV9BlR3fEyKFz7VL
+Kc+zYz0vtcSMIx85BffZ24oMbETeJkRCFUMqGkagsf/KKeTVRCbEnOosWYsac/Lj
+xQxFD+aKaKP5z6Wvd9EDKAa5egS5m556z58LUiUXT4QcRqc43OTcoI1OefeQT+B7
+0chHWZRXGzZWxNsDgbjUhBLcELh1H9ehc99TaNIXeIyYJgfZp2zXAsE8UGUqpL5p
+JI+OG/7au2kVipcQqbiMxYm+FhyLqzgRhNQrP4wXPee9Psyvy0ylIwveUY83uwBV
+EsAiyg6LD3KnYC4sZlr80GJ4l1Cp+4Q0101q6WeZRjMCAwEAAaNFMEMwIgYDVR0R
+BBswGYIXc3RvcHJ2ZmUwMS5kb21haW4wMS5uZXQwHQYDVR0OBBYEFHzZ8nn/1Zj8
+kxrK0kLw3RlA/t9hMA0GCSqGSIb3DQEBCwUAA4IBgQCAOrmhhFLsfqYx6K+wKt7I
+HCqbsB0bhM8pccqWmUaUWP1WlRJOupIpOmP5FvIgvVtXsuEzUKd1voPF4DMfzaV6
+ACU6DxLf0lZ/3NrwM9ipVEE/zpXMHvBTn5802wcOIIm7hF+If83QM79ogex6b7gW
+oLhWfu1yz+2La4twB+6zkcz9THgkgSn0UtUNwd0HzyyHZ3SZuOMCGUIuyz+19c1n
++KX6CjsXpMcJ4Oc1HsbtCKNkvEwNudxeiXWSWzj5MQHMcALE/ybOiQ/NMmj5SUzt
+oySXpA6JvX5PwGbuyuy1j4u6gwunYWXWzA0/bEyYADM47ZfNhzD+52b3sVaM1ROB
+TFv0Jq/k9XzQGKyrxphatYKLFZZ92DBDrtnwE3YsIXYc8qzWV7fDbSdvJe6eRBJV
+nnp6KW+OGs5W4irV/BM+AE0LMh7hb4xWfN1xO8Z2nrgAWHNJUkFw74FkEa94t9Y4
+KG+MY9n4aaqecV40ScxWptqZOJPVWBH4Yh1BocVylDM=
+</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </md:KeyDescriptor>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://cloudmore.com/Shibboleth.sso/Artifact/SOAP" index="1"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://cloudmore.com/Shibboleth.sso/SLO/SOAP"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://cloudmore.com/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://cloudmore.com/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://cloudmore.com/Shibboleth.sso/SLO/Artifact"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://cloudmore.com/Shibboleth.sso/SAML2/POST" index="1"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://cloudmore.com/Shibboleth.sso/SAML2/Artifact" index="3"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://cloudmore.com/Shibboleth.sso/SAML2/ECP" index="4"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cloudmore.com/Shibboleth.sso/SAML/POST" index="5"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://cloudmore.com/Shibboleth.sso/SAML/Artifact" index="6"/>
+  </md:SPSSODescriptor>
+  <md:Organization>
+    <md:OrganizationName xml:lang="en">Cloudmore AB</md:OrganizationName>
+    <md:OrganizationDisplayName xml:lang="en">Cloudmore</md:OrganizationDisplayName>
+    <md:OrganizationURL xml:lang="en">http://www.cloudmore.com/</md:OrganizationURL>
+  </md:Organization>
+  <md:ContactPerson contactType="technical">
+    <md:EmailAddress>mailto:support@cloudmore.com</md:EmailAddress>
+  </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/dev.cloudmore.com-shibboleth.xml b/swamid-2.0/dev.cloudmore.com-shibboleth.xml
new file mode 100644
index 00000000..98f7e3f0
--- /dev/null
+++ b/swamid-2.0/dev.cloudmore.com-shibboleth.xml
@@ -0,0 +1,91 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://dev.cloudmore.com/shibboleth">
+  <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+  </md:Extensions>
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+    <md:Extensions>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://dev.cloudmore.com/Shibboleth.sso/Login"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://dev.cloudmore.com/Shibboleth.sso/Login" index="1"/>
+      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+        <mdui:DisplayName xml:lang="en">Cloudmore</mdui:DisplayName>
+        <mdui:Description xml:lang="en">Cloud Brokerage Platform for IT, Business and Public Sector</mdui:Description>
+        <mdui:InformationURL xml:lang="en">http://web.cloudmore.com/</mdui:InformationURL>
+        <mdui:Logo height="300" width="300">http://web.cloudmore.com/hubfs/images/icons/Cloudmore-green-icon.png</mdui:Logo>
+      </mdui:UIInfo>
+    </md:Extensions>
+    <md:KeyDescriptor>
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:KeyName>stoprvfe01.domain01.net</ds:KeyName>
+        <ds:X509Data>
+          <ds:X509SubjectName>CN=stoprvfe01.domain01.net</ds:X509SubjectName>
+          <ds:X509Certificate>MIIEDDCCAnSgAwIBAgIJAJOLmVdtpocoMA0GCSqGSIb3DQEBCwUAMCIxIDAeBgNV
+BAMTF3N0b3BydmZlMDEuZG9tYWluMDEubmV0MB4XDTE3MDkwNTE5MDYyN1oXDTI3
+MDkwMzE5MDYyN1owIjEgMB4GA1UEAxMXc3RvcHJ2ZmUwMS5kb21haW4wMS5uZXQw
+ggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQC4YLswQuTzT9JcYWFe8PFZ
+oR/liIkoELde+7fJquGIUps2PflaSFcb8qf8LFik8OqB/WI3d1+ORN6S7TDrXbUN
+S+TNz4ngmc+qw3FQrHooleAgciPUpvA68g7qHGEjqqC4MggOWf31da7ICgpl+j8L
+rCdGWk0ea4rgH9KT9iercYdJfk41dS6VkwT2ARQVignuDMkqOV9BlR3fEyKFz7VL
+Kc+zYz0vtcSMIx85BffZ24oMbETeJkRCFUMqGkagsf/KKeTVRCbEnOosWYsac/Lj
+xQxFD+aKaKP5z6Wvd9EDKAa5egS5m556z58LUiUXT4QcRqc43OTcoI1OefeQT+B7
+0chHWZRXGzZWxNsDgbjUhBLcELh1H9ehc99TaNIXeIyYJgfZp2zXAsE8UGUqpL5p
+JI+OG/7au2kVipcQqbiMxYm+FhyLqzgRhNQrP4wXPee9Psyvy0ylIwveUY83uwBV
+EsAiyg6LD3KnYC4sZlr80GJ4l1Cp+4Q0101q6WeZRjMCAwEAAaNFMEMwIgYDVR0R
+BBswGYIXc3RvcHJ2ZmUwMS5kb21haW4wMS5uZXQwHQYDVR0OBBYEFHzZ8nn/1Zj8
+kxrK0kLw3RlA/t9hMA0GCSqGSIb3DQEBCwUAA4IBgQCAOrmhhFLsfqYx6K+wKt7I
+HCqbsB0bhM8pccqWmUaUWP1WlRJOupIpOmP5FvIgvVtXsuEzUKd1voPF4DMfzaV6
+ACU6DxLf0lZ/3NrwM9ipVEE/zpXMHvBTn5802wcOIIm7hF+If83QM79ogex6b7gW
+oLhWfu1yz+2La4twB+6zkcz9THgkgSn0UtUNwd0HzyyHZ3SZuOMCGUIuyz+19c1n
++KX6CjsXpMcJ4Oc1HsbtCKNkvEwNudxeiXWSWzj5MQHMcALE/ybOiQ/NMmj5SUzt
+oySXpA6JvX5PwGbuyuy1j4u6gwunYWXWzA0/bEyYADM47ZfNhzD+52b3sVaM1ROB
+TFv0Jq/k9XzQGKyrxphatYKLFZZ92DBDrtnwE3YsIXYc8qzWV7fDbSdvJe6eRBJV
+nnp6KW+OGs5W4irV/BM+AE0LMh7hb4xWfN1xO8Z2nrgAWHNJUkFw74FkEa94t9Y4
+KG+MY9n4aaqecV40ScxWptqZOJPVWBH4Yh1BocVylDM=
+</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </md:KeyDescriptor>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dev.cloudmore.com/Shibboleth.sso/Artifact/SOAP" index="1"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dev.cloudmore.com/Shibboleth.sso/SLO/SOAP"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://dev.cloudmore.com/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dev.cloudmore.com/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dev.cloudmore.com/Shibboleth.sso/SLO/Artifact"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dev.cloudmore.com/Shibboleth.sso/SAML2/POST" index="1"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dev.cloudmore.com/Shibboleth.sso/SAML2/Artifact" index="3"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://dev.cloudmore.com/Shibboleth.sso/SAML2/ECP" index="4"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://dev.cloudmore.com/Shibboleth.sso/SAML/POST" index="5"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://dev.cloudmore.com/Shibboleth.sso/SAML/Artifact" index="6"/>
+  </md:SPSSODescriptor>
+  <md:Organization>
+    <md:OrganizationName xml:lang="en">Cloudmore AB</md:OrganizationName>
+    <md:OrganizationDisplayName xml:lang="en">Cloudmore</md:OrganizationDisplayName>
+    <md:OrganizationURL xml:lang="en">http://www.cloudmore.com/</md:OrganizationURL>
+  </md:Organization>
+  <md:ContactPerson contactType="technical">
+    <md:EmailAddress>mailto:support@cloudmore.com</md:EmailAddress>
+  </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/local.cloudmore.com-shibboleth.xml b/swamid-2.0/local.cloudmore.com-shibboleth.xml
index e36d8f99..7709c982 100644
--- a/swamid-2.0/local.cloudmore.com-shibboleth.xml
+++ b/swamid-2.0/local.cloudmore.com-shibboleth.xml
@@ -22,6 +22,12 @@
     <md:Extensions>
       <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="http://local.cloudmore.com/Shibboleth.sso/Login"/>
       <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="http://local.cloudmore.com/Shibboleth.sso/Login" index="1"/>
+      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+        <mdui:DisplayName xml:lang="en">Cloudmore</mdui:DisplayName>
+        <mdui:Description xml:lang="en">Cloud Brokerage Platform for IT, Business and Public Sector</mdui:Description>
+        <mdui:InformationURL xml:lang="en">http://web.cloudmore.com/</mdui:InformationURL>
+        <mdui:Logo height="300" width="300">http://web.cloudmore.com/hubfs/images/icons/Cloudmore-green-icon.png</mdui:Logo>
+      </mdui:UIInfo>
     </md:Extensions>
     <md:KeyDescriptor>
       <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
@@ -69,10 +75,17 @@ f49DvQ516YA=
     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://local.cloudmore.com/Shibboleth.sso/SLO/POST"/>
     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://local.cloudmore.com/Shibboleth.sso/SLO/Artifact"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://local.cloudmore.com/Shibboleth.sso/SAML2/POST" index="1"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="http://local.cloudmore.com/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://local.cloudmore.com/Shibboleth.sso/SAML2/Artifact" index="3"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="http://local.cloudmore.com/Shibboleth.sso/SAML2/ECP" index="4"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://local.cloudmore.com/Shibboleth.sso/SAML/POST" index="5"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://local.cloudmore.com/Shibboleth.sso/SAML/Artifact" index="6"/>
   </md:SPSSODescriptor>
+  <md:Organization>
+    <md:OrganizationName xml:lang="en">Cloudmore AB</md:OrganizationName>
+    <md:OrganizationDisplayName xml:lang="en">Cloudmore</md:OrganizationDisplayName>
+    <md:OrganizationURL xml:lang="en">http://www.cloudmore.com/</md:OrganizationURL>
+  </md:Organization>
+  <md:ContactPerson contactType="technical">
+    <md:EmailAddress>mailto:support@cloudmore.com</md:EmailAddress>
+  </md:ContactPerson>
 </md:EntityDescriptor>
diff --git a/swamid-2.0/prestaging.cloudmore.com-shibboleth.xml b/swamid-2.0/prestaging.cloudmore.com-shibboleth.xml
new file mode 100644
index 00000000..865eafc3
--- /dev/null
+++ b/swamid-2.0/prestaging.cloudmore.com-shibboleth.xml
@@ -0,0 +1,92 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://prestaging.cloudmore.com/shibboleth">
+  <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+  </md:Extensions>
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+    <md:Extensions>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://prestaging.cloudmore.com/Shibboleth.sso/Login"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://prestaging.cloudmore.com/Shibboleth.sso/Login" index="1"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://prestaging.cloudmore.com/Shibboleth.sso/Login" index="2"/>
+      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+        <mdui:DisplayName xml:lang="en">Cloudmore</mdui:DisplayName>
+        <mdui:Description xml:lang="en">Cloud Brokerage Platform for IT, Business and Public Sector</mdui:Description>
+        <mdui:InformationURL xml:lang="en">http://web.cloudmore.com/</mdui:InformationURL>
+        <mdui:Logo height="300" width="300">http://web.cloudmore.com/hubfs/images/icons/Cloudmore-green-icon.png</mdui:Logo>
+      </mdui:UIInfo>
+    </md:Extensions>
+    <md:KeyDescriptor>
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:KeyName>stoprvfe01.domain01.net</ds:KeyName>
+        <ds:X509Data>
+          <ds:X509SubjectName>CN=stoprvfe01.domain01.net</ds:X509SubjectName>
+          <ds:X509Certificate>MIIEDDCCAnSgAwIBAgIJAJOLmVdtpocoMA0GCSqGSIb3DQEBCwUAMCIxIDAeBgNV
+BAMTF3N0b3BydmZlMDEuZG9tYWluMDEubmV0MB4XDTE3MDkwNTE5MDYyN1oXDTI3
+MDkwMzE5MDYyN1owIjEgMB4GA1UEAxMXc3RvcHJ2ZmUwMS5kb21haW4wMS5uZXQw
+ggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQC4YLswQuTzT9JcYWFe8PFZ
+oR/liIkoELde+7fJquGIUps2PflaSFcb8qf8LFik8OqB/WI3d1+ORN6S7TDrXbUN
+S+TNz4ngmc+qw3FQrHooleAgciPUpvA68g7qHGEjqqC4MggOWf31da7ICgpl+j8L
+rCdGWk0ea4rgH9KT9iercYdJfk41dS6VkwT2ARQVignuDMkqOV9BlR3fEyKFz7VL
+Kc+zYz0vtcSMIx85BffZ24oMbETeJkRCFUMqGkagsf/KKeTVRCbEnOosWYsac/Lj
+xQxFD+aKaKP5z6Wvd9EDKAa5egS5m556z58LUiUXT4QcRqc43OTcoI1OefeQT+B7
+0chHWZRXGzZWxNsDgbjUhBLcELh1H9ehc99TaNIXeIyYJgfZp2zXAsE8UGUqpL5p
+JI+OG/7au2kVipcQqbiMxYm+FhyLqzgRhNQrP4wXPee9Psyvy0ylIwveUY83uwBV
+EsAiyg6LD3KnYC4sZlr80GJ4l1Cp+4Q0101q6WeZRjMCAwEAAaNFMEMwIgYDVR0R
+BBswGYIXc3RvcHJ2ZmUwMS5kb21haW4wMS5uZXQwHQYDVR0OBBYEFHzZ8nn/1Zj8
+kxrK0kLw3RlA/t9hMA0GCSqGSIb3DQEBCwUAA4IBgQCAOrmhhFLsfqYx6K+wKt7I
+HCqbsB0bhM8pccqWmUaUWP1WlRJOupIpOmP5FvIgvVtXsuEzUKd1voPF4DMfzaV6
+ACU6DxLf0lZ/3NrwM9ipVEE/zpXMHvBTn5802wcOIIm7hF+If83QM79ogex6b7gW
+oLhWfu1yz+2La4twB+6zkcz9THgkgSn0UtUNwd0HzyyHZ3SZuOMCGUIuyz+19c1n
++KX6CjsXpMcJ4Oc1HsbtCKNkvEwNudxeiXWSWzj5MQHMcALE/ybOiQ/NMmj5SUzt
+oySXpA6JvX5PwGbuyuy1j4u6gwunYWXWzA0/bEyYADM47ZfNhzD+52b3sVaM1ROB
+TFv0Jq/k9XzQGKyrxphatYKLFZZ92DBDrtnwE3YsIXYc8qzWV7fDbSdvJe6eRBJV
+nnp6KW+OGs5W4irV/BM+AE0LMh7hb4xWfN1xO8Z2nrgAWHNJUkFw74FkEa94t9Y4
+KG+MY9n4aaqecV40ScxWptqZOJPVWBH4Yh1BocVylDM=
+</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </md:KeyDescriptor>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://prestaging.cloudmore.com/Shibboleth.sso/Artifact/SOAP" index="1"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://prestaging.cloudmore.com/Shibboleth.sso/SLO/SOAP"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://prestaging.cloudmore.com/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://prestaging.cloudmore.com/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://prestaging.cloudmore.com/Shibboleth.sso/SLO/Artifact"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://prestaging.cloudmore.com/Shibboleth.sso/SAML2/POST" index="1"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://prestaging.cloudmore.com/Shibboleth.sso/SAML2/Artifact" index="3"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://prestaging.cloudmore.com/Shibboleth.sso/SAML2/ECP" index="4"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://prestaging.cloudmore.com/Shibboleth.sso/SAML/POST" index="5"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://prestaging.cloudmore.com/Shibboleth.sso/SAML/Artifact" index="6"/>
+  </md:SPSSODescriptor>
+  <md:Organization>
+    <md:OrganizationName xml:lang="en">Cloudmore AB</md:OrganizationName>
+    <md:OrganizationDisplayName xml:lang="en">Cloudmore</md:OrganizationDisplayName>
+    <md:OrganizationURL xml:lang="en">http://www.cloudmore.com/</md:OrganizationURL>
+  </md:Organization>
+  <md:ContactPerson contactType="technical">
+    <md:EmailAddress>mailto:support@cloudmore.com</md:EmailAddress>
+  </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/staging.cloudmore.com-shibboleth.xml b/swamid-2.0/staging.cloudmore.com-shibboleth.xml
new file mode 100644
index 00000000..57237d65
--- /dev/null
+++ b/swamid-2.0/staging.cloudmore.com-shibboleth.xml
@@ -0,0 +1,92 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://staging.cloudmore.com/shibboleth">
+  <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+  </md:Extensions>
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+    <md:Extensions>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://staging.cloudmore.com/Shibboleth.sso/Login"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://staging.cloudmore.com/Shibboleth.sso/Login" index="1"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://staging.cloudmore.com/Shibboleth.sso/Login" index="2"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://staging.cloudmore.com/Shibboleth.sso/Login" index="3"/>
+      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+        <mdui:DisplayName xml:lang="en">Cloudmore</mdui:DisplayName>
+        <mdui:Description xml:lang="en">Cloud Brokerage Platform for IT, Business and Public Sector</mdui:Description>
+        <mdui:InformationURL xml:lang="en">http://web.cloudmore.com/</mdui:InformationURL>
+        <mdui:Logo height="300" width="300">http://web.cloudmore.com/hubfs/images/icons/Cloudmore-green-icon.png</mdui:Logo>
+      </mdui:UIInfo>
+    </md:Extensions>
+    <md:KeyDescriptor>
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:KeyName>stoprvfe01.domain01.net</ds:KeyName>
+        <ds:X509Data>
+          <ds:X509SubjectName>CN=stoprvfe01.domain01.net</ds:X509SubjectName>
+          <ds:X509Certificate>MIIEDDCCAnSgAwIBAgIJAJOLmVdtpocoMA0GCSqGSIb3DQEBCwUAMCIxIDAeBgNV
+BAMTF3N0b3BydmZlMDEuZG9tYWluMDEubmV0MB4XDTE3MDkwNTE5MDYyN1oXDTI3
+MDkwMzE5MDYyN1owIjEgMB4GA1UEAxMXc3RvcHJ2ZmUwMS5kb21haW4wMS5uZXQw
+ggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQC4YLswQuTzT9JcYWFe8PFZ
+oR/liIkoELde+7fJquGIUps2PflaSFcb8qf8LFik8OqB/WI3d1+ORN6S7TDrXbUN
+S+TNz4ngmc+qw3FQrHooleAgciPUpvA68g7qHGEjqqC4MggOWf31da7ICgpl+j8L
+rCdGWk0ea4rgH9KT9iercYdJfk41dS6VkwT2ARQVignuDMkqOV9BlR3fEyKFz7VL
+Kc+zYz0vtcSMIx85BffZ24oMbETeJkRCFUMqGkagsf/KKeTVRCbEnOosWYsac/Lj
+xQxFD+aKaKP5z6Wvd9EDKAa5egS5m556z58LUiUXT4QcRqc43OTcoI1OefeQT+B7
+0chHWZRXGzZWxNsDgbjUhBLcELh1H9ehc99TaNIXeIyYJgfZp2zXAsE8UGUqpL5p
+JI+OG/7au2kVipcQqbiMxYm+FhyLqzgRhNQrP4wXPee9Psyvy0ylIwveUY83uwBV
+EsAiyg6LD3KnYC4sZlr80GJ4l1Cp+4Q0101q6WeZRjMCAwEAAaNFMEMwIgYDVR0R
+BBswGYIXc3RvcHJ2ZmUwMS5kb21haW4wMS5uZXQwHQYDVR0OBBYEFHzZ8nn/1Zj8
+kxrK0kLw3RlA/t9hMA0GCSqGSIb3DQEBCwUAA4IBgQCAOrmhhFLsfqYx6K+wKt7I
+HCqbsB0bhM8pccqWmUaUWP1WlRJOupIpOmP5FvIgvVtXsuEzUKd1voPF4DMfzaV6
+ACU6DxLf0lZ/3NrwM9ipVEE/zpXMHvBTn5802wcOIIm7hF+If83QM79ogex6b7gW
+oLhWfu1yz+2La4twB+6zkcz9THgkgSn0UtUNwd0HzyyHZ3SZuOMCGUIuyz+19c1n
++KX6CjsXpMcJ4Oc1HsbtCKNkvEwNudxeiXWSWzj5MQHMcALE/ybOiQ/NMmj5SUzt
+oySXpA6JvX5PwGbuyuy1j4u6gwunYWXWzA0/bEyYADM47ZfNhzD+52b3sVaM1ROB
+TFv0Jq/k9XzQGKyrxphatYKLFZZ92DBDrtnwE3YsIXYc8qzWV7fDbSdvJe6eRBJV
+nnp6KW+OGs5W4irV/BM+AE0LMh7hb4xWfN1xO8Z2nrgAWHNJUkFw74FkEa94t9Y4
+KG+MY9n4aaqecV40ScxWptqZOJPVWBH4Yh1BocVylDM=
+</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </md:KeyDescriptor>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://staging.cloudmore.com/Shibboleth.sso/Artifact/SOAP" index="1"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://staging.cloudmore.com/Shibboleth.sso/SLO/SOAP"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://staging.cloudmore.com/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://staging.cloudmore.com/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://staging.cloudmore.com/Shibboleth.sso/SLO/Artifact"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://staging.cloudmore.com/Shibboleth.sso/SAML2/POST" index="1"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://staging.cloudmore.com/Shibboleth.sso/SAML2/ECP" index="4"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://staging.cloudmore.com/Shibboleth.sso/SAML/POST" index="5"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://staging.cloudmore.com/Shibboleth.sso/SAML/Artifact" index="6"/>
+  </md:SPSSODescriptor>
+  <md:Organization>
+    <md:OrganizationName xml:lang="en">Cloudmore AB</md:OrganizationName>
+    <md:OrganizationDisplayName xml:lang="en">Cloudmore</md:OrganizationDisplayName>
+    <md:OrganizationURL xml:lang="en">http://www.cloudmore.com/</md:OrganizationURL>
+  </md:Organization>
+  <md:ContactPerson contactType="technical">
+    <md:EmailAddress>mailto:support@cloudmore.com</md:EmailAddress>
+  </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-edugain-sp-1.0.mxml b/swamid-edugain-sp-1.0.mxml
index f2a07d87..30cf3747 100644
--- a/swamid-edugain-sp-1.0.mxml
+++ b/swamid-edugain-sp-1.0.mxml
@@ -28,4 +28,9 @@
   <xi:include href="swamid-2.0/graylog.nordu.net-shibboleth.xml"/>
   <xi:include href="swamid-2.0/indico.uu.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/kantarainitiative.org-confluence-plugins-servlet-samlsso.xml"/>
+  <xi:include href="swamid-2.0/prestaging.cloudmore.com-shibboleth.xml"/>
+  <xi:include href="swamid-2.0/staging.cloudmore.com-shibboleth.xml"/>
+  <xi:include href="swamid-2.0/cloudmore.com-shibboleth.xml"/>
+  <xi:include href="swamid-2.0/dev.cloudmore.com-shibboleth.xml"/>
+  <xi:include href="swamid-2.0/local.cloudmore.com-shibboleth.xml"/>
 </md:EntitiesDescriptor>
diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml
index 83725ee5..1fb6a5ad 100644
--- a/swamid-sp-2.0.mxml
+++ b/swamid-sp-2.0.mxml
@@ -666,7 +666,11 @@
   <xi:include href="swamid-2.0/portaluu.onricoh.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/kantarainitiative.org-confluence-plugins-servlet-samlsso.xml"/>
   <xi:include href="swamid-2.0/zoom-saas-idp-proxy.sunet.se-sp.xml"/>
-  <xi:include href="swamid-2.0/local.cloudmore.com-shibboleth.xml"/>
   <xi:include href="swamid-2.0/almagest.sai.kau.se.xml"/>
   <xi:include href="swamid-2.0/pingpong.hj.se-Shibboleth.sso-Metadata.xml"/>
+  <xi:include href="swamid-2.0/prestaging.cloudmore.com-shibboleth.xml"/>
+  <xi:include href="swamid-2.0/staging.cloudmore.com-shibboleth.xml"/>
+  <xi:include href="swamid-2.0/cloudmore.com-shibboleth.xml"/>
+  <xi:include href="swamid-2.0/dev.cloudmore.com-shibboleth.xml"/>
+  <xi:include href="swamid-2.0/local.cloudmore.com-shibboleth.xml"/>
 </md:EntitiesDescriptor>
-- 
cgit v1.2.3


From f960e27207239ea6465320693b02d1fea3563ddc Mon Sep 17 00:00:00 2001
From: Paul Scott <paul.scott@kau.se>
Date: Fri, 15 Sep 2017 08:34:10 +0200
Subject: Resolves SWAMIDOPS-209

---
 .../connect2.sunet.se-shibboleth.sso-metadata.xml  | 104 +++++++++++++++++++++
 swamid-edugain-sp-1.0.mxml                         |   1 +
 swamid-sp-2.0.mxml                                 |   1 +
 3 files changed, 106 insertions(+)
 create mode 100644 swamid-2.0/connect2.sunet.se-shibboleth.sso-metadata.xml

diff --git a/swamid-2.0/connect2.sunet.se-shibboleth.sso-metadata.xml b/swamid-2.0/connect2.sunet.se-shibboleth.sso-metadata.xml
new file mode 100644
index 00000000..b3a8c0c7
--- /dev/null
+++ b/swamid-2.0/connect2.sunet.se-shibboleth.sso-metadata.xml
@@ -0,0 +1,104 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://connect2.sunet.se/shibboleth">
+  <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+    <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+      <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+        <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+        <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
+      </samla:Attribute>
+    </mdattr:EntityAttributes>
+  </md:Extensions>
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <md:Extensions>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect2.sunet.se/Shibboleth.sso/DS/nordu.net"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect2.sunet.se/Shibboleth.sso/DS/nordu.net" index="1"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect2.sunet.se/Shibboleth.sso/DS/nordu.net"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect2.sunet.se/Shibboleth.sso/DS/nordu.net" index="2"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect2.sunet.se/Shibboleth.sso/DS/ds.sunet.se"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect2.sunet.se/Shibboleth.sso/DS/ds.sunet.se" index="3"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect2.sunet.se/Shibboleth.sso/DS/kalmar2"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect2.sunet.se/Shibboleth.sso/DS/kalmar2" index="4"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect2.sunet.se/Shibboleth.sso/Login/feide"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect2.sunet.se/Shibboleth.sso/DS/haka.funet.fi"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect2.sunet.se/Shibboleth.sso/DS/haka.funet.fi" index="5"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://connect2.sunet.se/Shibboleth.sso/Login/idp.funet.fi"/>
+      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+        <mdui:DisplayName xml:lang="en">SUNET E-Meeting Service Backup</mdui:DisplayName>
+        <mdui:DisplayName xml:lang="sv">SUNET E-mötestjänsten backup miljö</mdui:DisplayName>
+        <mdui:Description xml:lang="sv">SUNET Connect gör det lätt och enkelt att anordna möten, utbildningar och seminarier som alla kan delta på – oavsett var de befinner sig.</mdui:Description>
+        <mdui:Description xml:lang="en">SUNET Connect makes it easy and simple to organize meetings, seminars and seminars that everyone can attend - no matter where they are.</mdui:Description>
+        <mdui:InformationURL xml:lang="sv">https://www.sunet.se/tjanster/connect/</mdui:InformationURL>
+      </mdui:UIInfo>
+    </md:Extensions>
+    <md:KeyDescriptor>
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:KeyName>connect2.sunet.se</ds:KeyName>
+        <ds:X509Data>
+          <ds:X509SubjectName>emailAddress=noc@sunet.se,CN=connect2.sunet.se,O=SUNET,C=SE</ds:X509SubjectName>
+          <ds:X509Certificate>MIID6TCCAtGgAwIBAgIJAK50Oh3eerEmMA0GCSqGSIb3DQEBCwUAMFYxCzAJBgNV
+BAYTAlNFMQ4wDAYDVQQKEwVTVU5FVDEaMBgGA1UEAxMRY29ubmVjdDIuc3VuZXQu
+c2UxGzAZBgkqhkiG9w0BCQEWDG5vY0BzdW5ldC5zZTAeFw0xNzA5MTQwNzM0MTJa
+Fw0yNzA5MTIwNzM0MTJaMFYxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKEwVTVU5FVDEa
+MBgGA1UEAxMRY29ubmVjdDIuc3VuZXQuc2UxGzAZBgkqhkiG9w0BCQEWDG5vY0Bz
+dW5ldC5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALGOBdrkCk6M
+/8F0rfyluEdbiq9J5Sqviai0k5ePZWbm0L04am1A/nUOTa4tMZXZx9450wrNtpwP
+IVaFF3kjh0bOwUpfSvcdKhmFWc9jAJHKnTh2PxLVe2qrNeZn79TZHV1BfKjU+SZ8
+lHjjoOlgzj9NjAnhccXSAlOTKgYRhcHh/0iDG5p6LHnqnYMgmGNrkwlg0lgF6TxE
+lraukHvqlWWuGZfLLfc8bOiapr7h4HlQtuYhCemhsvpFTelP7NbCklVBNwN3DpKc
+2IZCESDQ6NIZU9nQxKG255BeKonT+z9IuxURaDJ1j1nolwrqbFUbAiRJcnmqWowA
+oLSCp2FWm7kCAwEAAaOBuTCBtjAdBgNVHQ4EFgQUM5kSqLgiJ88bSHRs6RcT8Oev
+8A8wgYYGA1UdIwR/MH2AFDOZEqi4IifPG0h0bOkXE/Dnr/APoVqkWDBWMQswCQYD
+VQQGEwJTRTEOMAwGA1UEChMFU1VORVQxGjAYBgNVBAMTEWNvbm5lY3QyLnN1bmV0
+LnNlMRswGQYJKoZIhvcNAQkBFgxub2NAc3VuZXQuc2WCCQCudDod3nqxJjAMBgNV
+HRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCny18oBRCXcfkcHfgxWM5mbJtP
+6wCjpj4FTQPivBgZcW3WxuuKjmJSoqKqzKWzddQMZthpkdS6On0xGIn5wZLXTKtq
+M9StIFEwE4qkuYRKwgsjn9SRMuXkpbOav0rYgyxx1L3FsvKR8rqzBPUp3cDoTQec
+haSm8KdbCE0y705k7q6gf6NPltNOoXUcx3z65ITzdGu1iMFeUnc6gUM0xLLUjRxe
+WjepeAfFouWXq1BM0IoQcZFNRJ4Dr82fJHt6PsVEKidDo7L8vfSRc+8gOp+K41m5
+6U9JHVDpNeVG7He/lbg1qYnbULEcCpZlKEzjYsOvW49ocXobMr/UcL4hpCD9
+</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </md:KeyDescriptor>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://connect2.sunet.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://connect2.sunet.se/Shibboleth.sso/SLO/SOAP"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://connect2.sunet.se/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://connect2.sunet.se/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://connect2.sunet.se/Shibboleth.sso/SLO/Artifact"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://connect2.sunet.se/Shibboleth.sso/SAML2/POST" index="1"/>
+  </md:SPSSODescriptor>
+  <md:Organization>
+    <md:OrganizationName xml:lang="en">NORDUnet</md:OrganizationName>
+    <md:OrganizationDisplayName xml:lang="en">NORDUnet A/S</md:OrganizationDisplayName>
+    <md:OrganizationURL xml:lang="en">http://www.nordu.net</md:OrganizationURL>
+  </md:Organization>
+  <md:ContactPerson contactType="technical">
+    <md:Company>NORDUnet NOC</md:Company>
+    <md:EmailAddress>mailto:noc@nordu.net</md:EmailAddress>
+  </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-edugain-sp-1.0.mxml b/swamid-edugain-sp-1.0.mxml
index 30cf3747..361e6296 100644
--- a/swamid-edugain-sp-1.0.mxml
+++ b/swamid-edugain-sp-1.0.mxml
@@ -33,4 +33,5 @@
   <xi:include href="swamid-2.0/cloudmore.com-shibboleth.xml"/>
   <xi:include href="swamid-2.0/dev.cloudmore.com-shibboleth.xml"/>
   <xi:include href="swamid-2.0/local.cloudmore.com-shibboleth.xml"/>
+  <xi:include href="swamid-2.0/connect2.sunet.se-shibboleth.sso-metadata.xml"/>
 </md:EntitiesDescriptor>
diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml
index 1fb6a5ad..e96402e6 100644
--- a/swamid-sp-2.0.mxml
+++ b/swamid-sp-2.0.mxml
@@ -673,4 +673,5 @@
   <xi:include href="swamid-2.0/cloudmore.com-shibboleth.xml"/>
   <xi:include href="swamid-2.0/dev.cloudmore.com-shibboleth.xml"/>
   <xi:include href="swamid-2.0/local.cloudmore.com-shibboleth.xml"/>
+  <xi:include href="swamid-2.0/connect2.sunet.se-shibboleth.sso-metadata.xml"/>
 </md:EntitiesDescriptor>
-- 
cgit v1.2.3


From f6c62f02667fb3ea9b5d54ea3ce499e7589a0ca4 Mon Sep 17 00:00:00 2001
From: Paul Scott <paul.scott@kau.se>
Date: Fri, 15 Sep 2017 12:24:32 +0200
Subject: Resolves SWAMIDOPS-207

---
 swamid-2.0/redcap.ki.se-shibboleth.xml     | 95 ++++++++++++++++++++++++++++++
 swamid-2.0/redcap.tst.ki.se-shibboleth.xml | 91 ++++++++++++++++++++++++++++
 swamid-sp-2.0.mxml                         |  2 +
 3 files changed, 188 insertions(+)
 create mode 100644 swamid-2.0/redcap.ki.se-shibboleth.xml
 create mode 100644 swamid-2.0/redcap.tst.ki.se-shibboleth.xml

diff --git a/swamid-2.0/redcap.ki.se-shibboleth.xml b/swamid-2.0/redcap.ki.se-shibboleth.xml
new file mode 100644
index 00000000..8a4278f1
--- /dev/null
+++ b/swamid-2.0/redcap.ki.se-shibboleth.xml
@@ -0,0 +1,95 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://redcap.ki.se/shibboleth">
+  <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+    <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+      <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+        <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+        <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
+      </samla:Attribute>
+    </mdattr:EntityAttributes>
+  </md:Extensions>
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+    <md:Extensions>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://redcap.ki.se/Shibboleth.sso/Login"/>
+      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+        <mdui:DisplayName xml:lang="sv">REDCap - Karolinska Institutet</mdui:DisplayName>
+        <mdui:DisplayName xml:lang="en">REDCap - Karolinska Institutet</mdui:DisplayName>
+        <mdui:Description xml:lang="sv">REDCap datainsamlingsverktyg för forskare på Karolinska Institutet</mdui:Description>
+        <mdui:Description xml:lang="en">REDCap data collection tool for researchers at Karolinska Institutet</mdui:Description>
+      </mdui:UIInfo>
+    </md:Extensions>
+    <md:KeyDescriptor>
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:KeyName>kircweb02.ki.se</ds:KeyName>
+        <ds:X509Data>
+          <ds:X509SubjectName>CN=kircweb02.ki.se</ds:X509SubjectName>
+          <ds:X509Certificate>MIID9DCCAlygAwIBAgIJANTts0REhI9OMA0GCSqGSIb3DQEBCwUAMBoxGDAWBgNV
+BAMTD2tpcmN3ZWIwMi5raS5zZTAeFw0xNzA2MTMxNDU2MTBaFw0yNzA2MTExNDU2
+MTBaMBoxGDAWBgNVBAMTD2tpcmN3ZWIwMi5raS5zZTCCAaIwDQYJKoZIhvcNAQEB
+BQADggGPADCCAYoCggGBANilbH5Eghlskz++f1MKSiFmRs4Ufril17ERj/wHRjyW
+LF0P/7ZwZTOFS7YefYxrdLXfLjynnjAnXwNxk6Z9JuqTNpsiDrLqpGj+UJ1O4Vxj
+FveZqEemK3z7WPWoLg3IVDK2BMa5RgCBEJ+xvDAgaZblELHv4m5zdcRwXUgyBkKi
+dMeJ3k7yVW6+7NBQSRwgaGZQYJ8uKR6M3CHJdEDhZeq5JiEbGT0ZbEQO6KIJ5PP1
+gJno8CeheMwifRvb4CKUIzEjvrpv0WASwpde/j0pbwWJ3uMDOKp8tswMayZHYnGr
+a2BCXbfzIkpj3cgZQ2BOeNg92MWVRBPEF+mFaWqrfIQAmMHO2rB65aPhb+XaEktR
+Zkj0aNVBMwF7exAG9UC5+06czkJ1RhQeb8FN2+TX1QWwMKfd6sFtVQSWltfgXIbD
+DMBeVuC3SW6Fo6M1bPlX7lpVR6ZkyBrfB8AUSaMbrL51fF9ZuWfdZAqLHg0s6fIE
+i4k/J1C1c/eCF7/DEtPu6wIDAQABoz0wOzAaBgNVHREEEzARgg9raXJjd2ViMDIu
+a2kuc2UwHQYDVR0OBBYEFOgLHOprx64wQ+8aB1c/e2zErq+PMA0GCSqGSIb3DQEB
+CwUAA4IBgQCFv+Qvf4jh7+NDllAaOcriC+Q//o0CbXYZ7i+7wPI2XMXhkMchkhWD
+melhaum7lZuj27h1K6Q/1EPJ+h/zjRnoTSld3lu/Iud5Hvop/rbWsVrOiGwUx21F
+Ifv+B/Jhx85zWWyxKz6Q3Q20fABMNB0F3+JoXJ7AbGKHtQGwEGEYJrbZuUKdFRjP
+vEUsYjQJjoqI8IYGj/jSbO729E9B+LV19Du5m9+8ZoxwYg1MKPY50r5fPgrOmjKp
+UHyb4mX6dssg9GxtK7F1MPFGOt8BACx3HB6ELdlYtq69+9TvkFEzWAY/QodBlHAc
+nf2UYuiwaOTric4Xmwsc9H7mdCmvacNuop+XjUu7XIBOIomgtukJ502CtJpBTSTV
+hWjzcjusX4Q04zS8/IfOv1uMCogu29UnnuS2EB3hfw2sdT/0uLnLhTynO3sFplSb
+nL71cJpvF0I3mQ3CrfoTkEW21VuwKoEs62tS8wFCNXcImaOUQMhm7LBe9kp05jC5
+DOBgIJcDatI=
+</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </md:KeyDescriptor>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://redcap.ki.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://redcap.ki.se/Shibboleth.sso/Artifact/SOAP" index="2"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://redcap.ki.se/Shibboleth.sso/SLO/SOAP"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://redcap.ki.se/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://redcap.ki.se/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://redcap.ki.se/Shibboleth.sso/SLO/Artifact"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://redcap.ki.se/Shibboleth.sso/SAML2/POST" index="1"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://redcap.ki.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://redcap.ki.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://redcap.ki.se/Shibboleth.sso/SAML/POST" index="5"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://redcap.ki.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://redcap.ki.se/Shibboleth.sso/SAML2/POST" index="7"/>
+  </md:SPSSODescriptor>
+  <md:ContactPerson contactType="administrative">
+    <md:GivenName>Michal</md:GivenName>
+    <md:SurName>Kment</md:SurName>
+    <md:EmailAddress>mailto:michal.kment@ki.se</md:EmailAddress>
+  </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-2.0/redcap.tst.ki.se-shibboleth.xml b/swamid-2.0/redcap.tst.ki.se-shibboleth.xml
new file mode 100644
index 00000000..05cfa1f7
--- /dev/null
+++ b/swamid-2.0/redcap.tst.ki.se-shibboleth.xml
@@ -0,0 +1,91 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://redcap.tst.ki.se/shibboleth">
+  <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+    <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
+      <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+        <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+        <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
+      </samla:Attribute>
+    </mdattr:EntityAttributes>
+  </md:Extensions>
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <md:Extensions>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://redcap.tst.ki.se/Shibboleth.sso/DS/Login"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://redcap.tst.ki.se/Shibboleth.sso/DS/Login" index="1"/>
+      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+        <mdui:DisplayName xml:lang="sv">REDCap - Karolinska Institutet (test)</mdui:DisplayName>
+        <mdui:DisplayName xml:lang="en">REDCap - Karolinska Institutet (test)</mdui:DisplayName>
+        <mdui:Description xml:lang="sv">REDCap datainsamlingsverktyg för forskare på Karolinska Institutet</mdui:Description>
+        <mdui:Description xml:lang="en">REDCap data collection tool for researchers at Karolinska Institutet</mdui:Description>
+      </mdui:UIInfo>
+    </md:Extensions>
+    <md:KeyDescriptor>
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:KeyName>kitstrcweb01.tst.ki.se</ds:KeyName>
+        <ds:X509Data>
+          <ds:X509SubjectName>CN=kitstrcweb01.tst.ki.se</ds:X509SubjectName>
+          <ds:X509Certificate>MIIECTCCAnGgAwIBAgIJAP3vO5Tgfa3oMA0GCSqGSIb3DQEBCwUAMCExHzAdBgNV
+BAMTFmtpdHN0cmN3ZWIwMS50c3Qua2kuc2UwHhcNMTcwNjEzMDc1NzExWhcNMjcw
+NjExMDc1NzExWjAhMR8wHQYDVQQDExZraXRzdHJjd2ViMDEudHN0LmtpLnNlMIIB
+ojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAuLIFz5Hq1AguBFIu+sdGx9tv
+0kZulE1yzftYlEv+faAWMQIp1fOL8WwF8XM2LamU+OdQ4pxq3WcCQxd04kZ5h7Nl
+kRgtGVaOhrXTBS5hiBXD0Y5FUk7KM3gJabzfdBFERTkK3iFyyxFbyOMoXdvh0QvX
+yWA5XwdRoDoAJvv49oSlYkcyhhhUWPJVxJsOg5DScIwfNCXcR62QXUr1OBgv95mL
+W1qGybhxhGkTSTYS//BfOF+6u4wUERIhWCqTJ8GXw5W6GuOvIaZXx3UDr53k4KLB
+VPowZhVF23MgqCTdN8khOdJA0Fy08xuKyoOZVEePrTGjDvwKZS6fpoiI0Ycoq5d4
+1dc5dPFB84OdEXCACZnkCCt+S5MIzlb17Pl+h0DP0j7jEtLtS+tVX0kgJxBexhgW
+h91g+UU11AUDJ1xZgpJg5I4OEzjdF9W6K/+EV156oc6iGsOqIM7eZWPtxZg08zJm
+VWrkJ1cdhFhnscrCCYBOIgP/Obvx8+5Pll6te9ADAgMBAAGjRDBCMCEGA1UdEQQa
+MBiCFmtpdHN0cmN3ZWIwMS50c3Qua2kuc2UwHQYDVR0OBBYEFA1Iz6/3hgIQFbRY
+o8xpWXyxBdJ+MA0GCSqGSIb3DQEBCwUAA4IBgQAbjB/IwQR+XVVweB0RNNSJ+S8k
+0khGp+Bpab8NBGSsEY4W1hGn4lS1G/EHgmy+woSuVTYELF3hLEk8nEiiqjHHDFO5
+g69h++EVSHtio9TsrbnD8Oj8mJktNWMRyPbqr6iRcZ0QumJuPH/8y9xYaTg5Ysi5
+xT1+lUL9yZFwq2mIT3XpBQ2wvIpn4tN4eAAuVbAGk8hJ9MkTrQaP3RdWVu9eJWwu
+LyjudMQkmcaN/1yhjkHG4zSqFp1F96RGAB2JaRlp53xZWhhUZY6JDINffYQxnc0t
+uDu+x0M0CGz38WNOE/SxBKUCPOcu1UGYoGue9hgHuiAjUbhTneuBCcsvYKzSSgL0
+4HZqaoFpD/IZzS2I8oil9KTiWH4FL3uW1yDDlcK88Ela4FQXam7oR50HecHEaTvZ
+7P+5W09xwWZfY6XhCziV4uUDu2Dya5qspePpSBj++xlZP65bs9td2TNK0y2gDdOo
+Gve8ozn6yxplJyB0jvZae8kfE4LtXr4adWlYG2E=
+</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </md:KeyDescriptor>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://redcap.tst.ki.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://redcap.tst.ki.se/Shibboleth.sso/Artifact/SOAP" index="2"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://redcap.tst.ki.se/Shibboleth.sso/SLO/SOAP"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://redcap.tst.ki.se/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://redcap.tst.ki.se/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://redcap.tst.ki.se/Shibboleth.sso/SLO/Artifact"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://redcap.tst.ki.se/Shibboleth.sso/SAML2/POST" index="1"/>
+  </md:SPSSODescriptor>
+  <md:ContactPerson contactType="administrative">
+    <md:GivenName>Michal</md:GivenName>
+    <md:SurName>Kment</md:SurName>
+    <md:EmailAddress>mailto:michal.kment@ki.se</md:EmailAddress>
+  </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml
index e96402e6..9185ea6f 100644
--- a/swamid-sp-2.0.mxml
+++ b/swamid-sp-2.0.mxml
@@ -674,4 +674,6 @@
   <xi:include href="swamid-2.0/dev.cloudmore.com-shibboleth.xml"/>
   <xi:include href="swamid-2.0/local.cloudmore.com-shibboleth.xml"/>
   <xi:include href="swamid-2.0/connect2.sunet.se-shibboleth.sso-metadata.xml"/>
+  <xi:include href="swamid-2.0/redcap.ki.se-shibboleth.xml"/>
+  <xi:include href="swamid-2.0/redcap.tst.ki.se-shibboleth.xml"/>
 </md:EntitiesDescriptor>
-- 
cgit v1.2.3


From 9951e4a6b129fed56276a9c2db4df20b13e8e941 Mon Sep 17 00:00:00 2001
From: Paul Scott <paul.scott@kau.se>
Date: Mon, 18 Sep 2017 12:54:06 +0200
Subject: Remove cloudmore SPs from eduGAIN, temporarily

---
 swamid-edugain-sp-1.0.mxml | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/swamid-edugain-sp-1.0.mxml b/swamid-edugain-sp-1.0.mxml
index 361e6296..c55e65f2 100644
--- a/swamid-edugain-sp-1.0.mxml
+++ b/swamid-edugain-sp-1.0.mxml
@@ -28,10 +28,5 @@
   <xi:include href="swamid-2.0/graylog.nordu.net-shibboleth.xml"/>
   <xi:include href="swamid-2.0/indico.uu.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/kantarainitiative.org-confluence-plugins-servlet-samlsso.xml"/>
-  <xi:include href="swamid-2.0/prestaging.cloudmore.com-shibboleth.xml"/>
-  <xi:include href="swamid-2.0/staging.cloudmore.com-shibboleth.xml"/>
-  <xi:include href="swamid-2.0/cloudmore.com-shibboleth.xml"/>
-  <xi:include href="swamid-2.0/dev.cloudmore.com-shibboleth.xml"/>
-  <xi:include href="swamid-2.0/local.cloudmore.com-shibboleth.xml"/>
   <xi:include href="swamid-2.0/connect2.sunet.se-shibboleth.sso-metadata.xml"/>
 </md:EntitiesDescriptor>
-- 
cgit v1.2.3


From 217a3e3b144600212e6718942c6627d2c7da3fb4 Mon Sep 17 00:00:00 2001
From: Björn Mattsson <Bjorn.Mattsson@bth.se>
Date: Tue, 19 Sep 2017 11:49:45 +0200
Subject: removed dupes in swamid-testing-sp-1.0.mxml and swamid-sp-2.0.mxml

---
 swamid-testing-sp-1.0.mxml | 23 -----------------------
 1 file changed, 23 deletions(-)

diff --git a/swamid-testing-sp-1.0.mxml b/swamid-testing-sp-1.0.mxml
index 6a10fe86..3683b445 100644
--- a/swamid-testing-sp-1.0.mxml
+++ b/swamid-testing-sp-1.0.mxml
@@ -1,47 +1,25 @@
 <?xml version="1.0"?>
 <EntitiesDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xi="http://www.w3.org/2001/XInclude" Name="http://md.swamid.se/md/swamid-testing-sp-1.0.xml">
-  <xi:include href="swamid-2.0/umdac-utv1.ad.umu.se-shibboleth.xml"/>
-  <xi:include href="swamid-2.0/umdac-utv2.ad.umu.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/dwidp.nyautb.its.umu.se-dw-idp.xml"/>
   <xi:include href="swamid-2.0/www.studera.nyautb.its.umu.se-aws-sp.xml"/>
   <xi:include href="swamid-2.0/shibboleth.nyautb.its.umu.se-shibboleth-idp.xml"/>
   <xi:include href="swamid-2.0/www.antagning.nyautb.its.umu.se-ecs-sp.xml"/>
   <xi:include href="swamid-2.0/vhs-dev01.dyndns.org-shibboleth-sp.xml"/>
   <xi:include href="swamid-2.0/smultron.catalogix.se-8090-sp.xml"/>
-  <xi:include href="swamid-2.0/e5.onthehub.com.xml"/>
   <xi:include href="swamid-2.0/vmfront.lan.kth.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/www-en.nyautb.its.umu.se-aws-sp-en.xml"/>
   <xi:include href="swamid-2.0/expert.nyautb.its.umu.se-ecs-sp.xml"/>
   <xi:include href="swamid-2.0/www.nyautb.its.umu.se-aws-sp.xml"/>
   <xi:include href="swamid-2.0/test-chalmers.pingpong.net-shibboleth.xml"/>
   <xi:include href="swamid-2.0/minasidor.ladok.umu.se-shib-sp.xml"/>
-  <xi:include href="swamid-2.0/ladok3-00.ladok.umu.se-gui-sp.xml"/>
-  <xi:include href="swamid-2.0/ladok3-01.ladok.umu.se-gui-sp.xml"/>
-  <xi:include href="swamid-2.0/ladok3-02.ladok.umu.se-gui-sp.xml"/>
-  <xi:include href="swamid-2.0/ladok3-03.ladok.umu.se-gui-sp.xml"/>
-  <xi:include href="swamid-2.0/ladok3-04.ladok.umu.se-gui-sp.xml"/>
-  <xi:include href="swamid-2.0/ladok3-05.ladok.umu.se-gui-sp.xml"/>
-  <xi:include href="swamid-2.0/ladok3-06.ladok.umu.se-gui-sp.xml"/>
-  <xi:include href="swamid-2.0/ladok3-07.ladok.umu.se-gui-sp.xml"/>
-  <xi:include href="swamid-2.0/ladok3-08.ladok.umu.se-gui-sp.xml"/>
-  <xi:include href="swamid-2.0/ladok3-09.ladok.umu.se-gui-sp.xml"/>
-  <xi:include href="swamid-2.0/ladok3-10.ladok.umu.se-gui-sp.xml"/>
-  <xi:include href="swamid-2.0/nidev-consumer.nordu.net-saml2-metadata.xml"/>
-  <xi:include href="swamid-2.0/ladok3test.its.umu.se-gui-sp.xml"/>
-  <xi:include href="swamid-2.0/ladok3-p00.ladok.umu.se-gui-sp.xml"/>
   <xi:include href="swamid-2.0/bhb-00.its.umu.se-gui-sp.xml"/>
-  <xi:include href="swamid-2.0/portalservicesutv.miun.se-shibboleth.xml"/>
-  <xi:include href="swamid-2.0/sp.swamid.se-shibboleth.xml"/>
-  <xi:include href="swamid-2.0/box-idp.nordu.net-simplesaml-module.php-saml-sp-metadata.php-default-sp.xml"/>
   <xi:include href="swamid-2.0/imogen.surfnet.nl-proxy-module.php-saml-sp-metadata.php-default-sp.xml"/>
   <xi:include href="swamid-2.0/sigma-test-localhost-sp-130705.xml"/>
   <xi:include href="swamid-2.0/kisetest2.user.ki.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/admin-tug-1.eduid.se-6544-saml2-metadata.xml"/>
   <xi:include href="swamid-2.0/kitstidp02.tst.ki.se.xml"/>
   <xi:include href="swamid-2.0/nya-00.ladok.umu.se-aws-sp-en.xml"/>
-  <xi:include href="swamid-2.0/lartorget.sll.se-shibbolet.xml"/>
   <xi:include href="swamid-2.0/wl07089.sigma.local-shibboleth.xml"/>
-  <xi:include href="swamid-2.0/sd0312.sigma.dev-shibboleth.xml"/>
   <xi:include href="swamid-2.0/aqtest.port.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/test-his.hr.evry.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/test-hkr.hr.evry.se-shibboleth.xml"/>
@@ -51,7 +29,6 @@
   <xi:include href="swamid-2.0/t0253.srv.lu.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/emmautv.ldc.lu.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/akka-adm.demo.its.uu.se-shibboleth.xml"/>
-  <xi:include href="swamid-2.0/test.bils.se-auth-metadata.xml"/>
   <xi:include href="swamid-2.0/uuc-web003-t.its.uu.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/lingon.ladok.umu.se-8087-basic-sp.xml"/>
   <xi:include href="swamid-2.0/lingon.ladok.umu.se-8087-coco-sp.xml"/>
-- 
cgit v1.2.3


From f8ae2497855294b3ba7fa583312a23f781aee7de Mon Sep 17 00:00:00 2001
From: Paul Scott <paul.scott@kau.se>
Date: Tue, 19 Sep 2017 11:53:09 +0200
Subject: Resolves SWAMIDOPS-195 again

---
 swamid-2.0/cloudmore.com-shibboleth.xml            |  2 +-
 swamid-2.0/dev.cloudmore.com-shibboleth.xml        |  2 +-
 swamid-2.0/local.cloudmore.com-shibboleth.xml      | 26 +++++++++++-----------
 swamid-2.0/prestaging.cloudmore.com-shibboleth.xml |  2 +-
 swamid-2.0/staging.cloudmore.com-shibboleth.xml    |  2 +-
 swamid-edugain-sp-1.0.mxml                         |  5 +++++
 swamid-sp-2.0.mxml                                 |  6 -----
 7 files changed, 22 insertions(+), 23 deletions(-)

diff --git a/swamid-2.0/cloudmore.com-shibboleth.xml b/swamid-2.0/cloudmore.com-shibboleth.xml
index 2010b8f1..8d032f49 100644
--- a/swamid-2.0/cloudmore.com-shibboleth.xml
+++ b/swamid-2.0/cloudmore.com-shibboleth.xml
@@ -29,7 +29,7 @@
         <mdui:DisplayName xml:lang="en">Cloudmore</mdui:DisplayName>
         <mdui:Description xml:lang="en">Cloud Brokerage Platform for IT, Business and Public Sector</mdui:Description>
         <mdui:InformationURL xml:lang="en">http://web.cloudmore.com/</mdui:InformationURL>
-        <mdui:Logo height="300" width="300">http://web.cloudmore.com/hubfs/images/icons/Cloudmore-green-icon.png</mdui:Logo>
+        <mdui:Logo height="300" width="300">https://cloudmore.com/Files/Uploads/Shibboleth/Cloudmore-green-icon.png</mdui:Logo>
       </mdui:UIInfo>
     </md:Extensions>
     <md:KeyDescriptor>
diff --git a/swamid-2.0/dev.cloudmore.com-shibboleth.xml b/swamid-2.0/dev.cloudmore.com-shibboleth.xml
index 98f7e3f0..46f05471 100644
--- a/swamid-2.0/dev.cloudmore.com-shibboleth.xml
+++ b/swamid-2.0/dev.cloudmore.com-shibboleth.xml
@@ -26,7 +26,7 @@
         <mdui:DisplayName xml:lang="en">Cloudmore</mdui:DisplayName>
         <mdui:Description xml:lang="en">Cloud Brokerage Platform for IT, Business and Public Sector</mdui:Description>
         <mdui:InformationURL xml:lang="en">http://web.cloudmore.com/</mdui:InformationURL>
-        <mdui:Logo height="300" width="300">http://web.cloudmore.com/hubfs/images/icons/Cloudmore-green-icon.png</mdui:Logo>
+        <mdui:Logo height="300" width="300">https://cloudmore.com/Files/Uploads/Shibboleth/Cloudmore-green-icon.png</mdui:Logo>
       </mdui:UIInfo>
     </md:Extensions>
     <md:KeyDescriptor>
diff --git a/swamid-2.0/local.cloudmore.com-shibboleth.xml b/swamid-2.0/local.cloudmore.com-shibboleth.xml
index 7709c982..23fd055c 100644
--- a/swamid-2.0/local.cloudmore.com-shibboleth.xml
+++ b/swamid-2.0/local.cloudmore.com-shibboleth.xml
@@ -20,13 +20,13 @@
   </md:Extensions>
   <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
     <md:Extensions>
-      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="http://local.cloudmore.com/Shibboleth.sso/Login"/>
-      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="http://local.cloudmore.com/Shibboleth.sso/Login" index="1"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://local.cloudmore.com/Shibboleth.sso/Login"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://local.cloudmore.com/Shibboleth.sso/Login" index="1"/>
       <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
         <mdui:DisplayName xml:lang="en">Cloudmore</mdui:DisplayName>
         <mdui:Description xml:lang="en">Cloud Brokerage Platform for IT, Business and Public Sector</mdui:Description>
         <mdui:InformationURL xml:lang="en">http://web.cloudmore.com/</mdui:InformationURL>
-        <mdui:Logo height="300" width="300">http://web.cloudmore.com/hubfs/images/icons/Cloudmore-green-icon.png</mdui:Logo>
+        <mdui:Logo height="300" width="300">https://cloudmore.com/Files/Uploads/Shibboleth/Cloudmore-green-icon.png</mdui:Logo>
       </mdui:UIInfo>
     </md:Extensions>
     <md:KeyDescriptor>
@@ -69,16 +69,16 @@ f49DvQ516YA=
       <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
       <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
     </md:KeyDescriptor>
-    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://local.cloudmore.com/Shibboleth.sso/Artifact/SOAP" index="1"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://local.cloudmore.com/Shibboleth.sso/SLO/SOAP"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://local.cloudmore.com/Shibboleth.sso/SLO/Redirect"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://local.cloudmore.com/Shibboleth.sso/SLO/POST"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://local.cloudmore.com/Shibboleth.sso/SLO/Artifact"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://local.cloudmore.com/Shibboleth.sso/SAML2/POST" index="1"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://local.cloudmore.com/Shibboleth.sso/SAML2/Artifact" index="3"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="http://local.cloudmore.com/Shibboleth.sso/SAML2/ECP" index="4"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://local.cloudmore.com/Shibboleth.sso/SAML/POST" index="5"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://local.cloudmore.com/Shibboleth.sso/SAML/Artifact" index="6"/>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://local.cloudmore.com/Shibboleth.sso/Artifact/SOAP" index="1"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://local.cloudmore.com/Shibboleth.sso/SLO/SOAP"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://local.cloudmore.com/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://local.cloudmore.com/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://local.cloudmore.com/Shibboleth.sso/SLO/Artifact"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://local.cloudmore.com/Shibboleth.sso/SAML2/POST" index="1"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://local.cloudmore.com/Shibboleth.sso/SAML2/Artifact" index="3"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://local.cloudmore.com/Shibboleth.sso/SAML2/ECP" index="4"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://local.cloudmore.com/Shibboleth.sso/SAML/POST" index="5"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://local.cloudmore.com/Shibboleth.sso/SAML/Artifact" index="6"/>
   </md:SPSSODescriptor>
   <md:Organization>
     <md:OrganizationName xml:lang="en">Cloudmore AB</md:OrganizationName>
diff --git a/swamid-2.0/prestaging.cloudmore.com-shibboleth.xml b/swamid-2.0/prestaging.cloudmore.com-shibboleth.xml
index 865eafc3..e4574ce6 100644
--- a/swamid-2.0/prestaging.cloudmore.com-shibboleth.xml
+++ b/swamid-2.0/prestaging.cloudmore.com-shibboleth.xml
@@ -27,7 +27,7 @@
         <mdui:DisplayName xml:lang="en">Cloudmore</mdui:DisplayName>
         <mdui:Description xml:lang="en">Cloud Brokerage Platform for IT, Business and Public Sector</mdui:Description>
         <mdui:InformationURL xml:lang="en">http://web.cloudmore.com/</mdui:InformationURL>
-        <mdui:Logo height="300" width="300">http://web.cloudmore.com/hubfs/images/icons/Cloudmore-green-icon.png</mdui:Logo>
+        <mdui:Logo height="300" width="300">https://cloudmore.com/Files/Uploads/Shibboleth/Cloudmore-green-icon.png</mdui:Logo>
       </mdui:UIInfo>
     </md:Extensions>
     <md:KeyDescriptor>
diff --git a/swamid-2.0/staging.cloudmore.com-shibboleth.xml b/swamid-2.0/staging.cloudmore.com-shibboleth.xml
index 57237d65..e489216f 100644
--- a/swamid-2.0/staging.cloudmore.com-shibboleth.xml
+++ b/swamid-2.0/staging.cloudmore.com-shibboleth.xml
@@ -28,7 +28,7 @@
         <mdui:DisplayName xml:lang="en">Cloudmore</mdui:DisplayName>
         <mdui:Description xml:lang="en">Cloud Brokerage Platform for IT, Business and Public Sector</mdui:Description>
         <mdui:InformationURL xml:lang="en">http://web.cloudmore.com/</mdui:InformationURL>
-        <mdui:Logo height="300" width="300">http://web.cloudmore.com/hubfs/images/icons/Cloudmore-green-icon.png</mdui:Logo>
+        <mdui:Logo height="300" width="300">https://cloudmore.com/Files/Uploads/Shibboleth/Cloudmore-green-icon.png</mdui:Logo>
       </mdui:UIInfo>
     </md:Extensions>
     <md:KeyDescriptor>
diff --git a/swamid-edugain-sp-1.0.mxml b/swamid-edugain-sp-1.0.mxml
index c55e65f2..479ef025 100644
--- a/swamid-edugain-sp-1.0.mxml
+++ b/swamid-edugain-sp-1.0.mxml
@@ -29,4 +29,9 @@
   <xi:include href="swamid-2.0/indico.uu.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/kantarainitiative.org-confluence-plugins-servlet-samlsso.xml"/>
   <xi:include href="swamid-2.0/connect2.sunet.se-shibboleth.sso-metadata.xml"/>
+  <xi:include href="swamid-2.0/prestaging.cloudmore.com-shibboleth.xml"/>
+  <xi:include href="swamid-2.0/staging.cloudmore.com-shibboleth.xml"/>
+  <xi:include href="swamid-2.0/cloudmore.com-shibboleth.xml"/>
+  <xi:include href="swamid-2.0/dev.cloudmore.com-shibboleth.xml"/>
+  <xi:include href="swamid-2.0/local.cloudmore.com-shibboleth.xml"/>
 </md:EntitiesDescriptor>
diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml
index 9185ea6f..2f63ee3e 100644
--- a/swamid-sp-2.0.mxml
+++ b/swamid-sp-2.0.mxml
@@ -668,12 +668,6 @@
   <xi:include href="swamid-2.0/zoom-saas-idp-proxy.sunet.se-sp.xml"/>
   <xi:include href="swamid-2.0/almagest.sai.kau.se.xml"/>
   <xi:include href="swamid-2.0/pingpong.hj.se-Shibboleth.sso-Metadata.xml"/>
-  <xi:include href="swamid-2.0/prestaging.cloudmore.com-shibboleth.xml"/>
-  <xi:include href="swamid-2.0/staging.cloudmore.com-shibboleth.xml"/>
-  <xi:include href="swamid-2.0/cloudmore.com-shibboleth.xml"/>
-  <xi:include href="swamid-2.0/dev.cloudmore.com-shibboleth.xml"/>
-  <xi:include href="swamid-2.0/local.cloudmore.com-shibboleth.xml"/>
-  <xi:include href="swamid-2.0/connect2.sunet.se-shibboleth.sso-metadata.xml"/>
   <xi:include href="swamid-2.0/redcap.ki.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/redcap.tst.ki.se-shibboleth.xml"/>
 </md:EntitiesDescriptor>
-- 
cgit v1.2.3


From 4a99a280711aa19909e16d919a1d2c13b0542dbe Mon Sep 17 00:00:00 2001
From: Björn Mattsson <Bjorn.Mattsson@bth.se>
Date: Wed, 20 Sep 2017 16:01:41 +0200
Subject: Resolved SWAMID-215

---
 swamid-2.0/wiki.edugain.org-shibboleth.xml | 84 ------------------------------
 swamid-edugain-sp-1.0.mxml                 |  1 -
 swamid-sp-2.0.mxml                         |  1 -
 3 files changed, 86 deletions(-)
 delete mode 100644 swamid-2.0/wiki.edugain.org-shibboleth.xml

diff --git a/swamid-2.0/wiki.edugain.org-shibboleth.xml b/swamid-2.0/wiki.edugain.org-shibboleth.xml
deleted file mode 100644
index bd0bee1b..00000000
--- a/swamid-2.0/wiki.edugain.org-shibboleth.xml
+++ /dev/null
@@ -1,84 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:metadata saml-schema-metadata-2.0.xsd urn:mace:shibboleth:metadata:1.0 shibboleth-metadata-1.0.xsd http://www.w3.org/2000/09/xmldsig# xmldsig-core-schema.xsd" entityID="https://wiki.edugain.org/shibboleth">
-  <Extensions>
-    <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
-      <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
-        <saml:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</saml:AttributeValue>
-        <saml:AttributeValue>http://refeds.org/category/research-and-scholarship</saml:AttributeValue>
-      </saml:Attribute>
-    </mdattr:EntityAttributes>
-  </Extensions>
-  <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
-    <Extensions>
-      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://wiki.edugain.org/Shibboleth.sso/Login"/>
-      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://wiki.edugain.org/Shibboleth.sso/Login" index="1"/>
-      <mdui:UIInfo>
-        <mdui:PrivacyStatementURL xml:lang="en">https://wiki.edugain.org/eduGAIN:Privacy_policy</mdui:PrivacyStatementURL>
-        <mdui:DisplayName xml:lang="en">eduGAIN Wiki</mdui:DisplayName>
-        <mdui:Description xml:lang="en">This wiki provides recommendations and instructions on how to enable web services for eduGAIN.</mdui:Description>
-        <mdui:InformationURL xml:lang="en">http://wiki.edugain.org/</mdui:InformationURL>
-        <mdui:DisplayName xml:lang="de">eduGAIN Wiki</mdui:DisplayName>
-        <mdui:Description xml:lang="de">Dieses Wiki enthält Empfehlungen und Anleitungen um Webdienste für eduGAIN anzupassen.</mdui:Description>
-        <mdui:DisplayName xml:lang="fr">eduGAIN Wiki</mdui:DisplayName>
-        <mdui:Description xml:lang="fr">Ce wiki met à disposition des recommandations et instructions expliquant comment intégrer des services web dans eduGAIN.</mdui:Description>
-      </mdui:UIInfo>
-    </Extensions>
-    <KeyDescriptor>
-      <ds:KeyInfo>
-        <ds:X509Data>
-          <ds:X509Certificate>
-MIIC9zCCAd+gAwIBAgIJAMU9QRxFmNAuMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV
-BAMTEHdpa2kuZWR1Z2Fpbi5vcmcwHhcNMTMwNzA0MTAzMTE0WhcNMjMwNzAyMTAz
-MTE0WjAbMRkwFwYDVQQDExB3aWtpLmVkdWdhaW4ub3JnMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEAnspkp3AJPuXFtIhJc3XTBKG8xF3Qk5CMvmDercSB
-iBBJrQXsAKY+wEzZkH3gc3kFDP5J0uLHQ0wjZhwL5F7XBcqiIvbavIRtcxqVLGwQ
-bySVZOfWimpm9LSguiJciJv5dPqhIyMHHkExhi6WLlqY9Am3vkvep5th7nZJ/Idt
-XMMb+PkhSfmQRoZyZGh5n7nkbY88w3DHH9+i1HbyaCNS/+m2/BxQarEKWEWMngcm
-yZX+eAY70QX8O9p3RTS3PT8fhgXp+gbCQWec33c1dbC37RZZQg3Iku4qlZIQc4ER
-SCIkFF4x0qSCPjwDVHX2d2UypHJnbve2tKahUeOyXhtGEwIDAQABoz4wPDAbBgNV
-HREEFDASghB3aWtpLmVkdWdhaW4ub3JnMB0GA1UdDgQWBBQmj8sgTfdCBiqStP+T
-QyNcyrFNRTANBgkqhkiG9w0BAQUFAAOCAQEAXSa71FEzhRl0gbcHK3cKI/8SRsuM
-BSJJNS/3fHQgr3q3Kozffd5r8i1sVQWd76FqjmN2ueqkYBT0XAAFTnvWUnhzSX6o
-ZR7cNBsibRZHqbMQPOnxWk2IKafGT8HG+BTX/TD6ghX8OXbixuB9I+n9jNTphFGi
-XklReN3a7H5LfzJZNw/IsEt/iII3vM0C3CG4udft7vPHUxoz/sg7vLB1QI5oCIKQ
-czsnN6gKOhE3R9xBXmXEAe+7t0j+xUllfMpzN1visnwJfrBqmPxWZtoAofjZBUxy
-nzhoxAesljRTtndfuhYcEnXorpwi2N+4SCaYnF1inyMnJz7xau5lKyxPhA==
-          </ds:X509Certificate>
-        </ds:X509Data>
-      </ds:KeyInfo>
-    </KeyDescriptor>
-    <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
-    <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
-    <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
-    <AssertionConsumerService index="1" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://wiki.edugain.org/Shibboleth.sso/SAML2/POST"/>
-    <AssertionConsumerService index="2" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://wiki.edugain.org/Shibboleth.sso/SAML2/Artifact"/>
-    <AssertionConsumerService index="3" Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://wiki.edugain.org/Shibboleth.sso/SAML2/ECP"/>
-    <AssertionConsumerService index="4" isDefault="true" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://wiki.edugain.org/Shibboleth.sso/SAML/POST"/>
-    <AssertionConsumerService index="5" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://wiki.edugain.org/Shibboleth.sso/SAML/Artifact"/>
-    <AttributeConsumingService index="1">
-      <ServiceName xml:lang="en">eduGAIN Wiki</ServiceName>
-      <ServiceDescription xml:lang="en">This wiki provides recommendations and instructions on how to enable web services for eduGAIN.</ServiceDescription>
-      <RequestedAttribute FriendlyName="eduPersonTargetedID" isRequired="true" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
-      <RequestedAttribute FriendlyName="eduPersonPrincipalName" isRequired="true" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
-      <RequestedAttribute FriendlyName="email" isRequired="false" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
-      <RequestedAttribute FriendlyName="displayName" isRequired="false" Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
-      <RequestedAttribute FriendlyName="surname" isRequired="false" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
-      <RequestedAttribute FriendlyName="givenName" isRequired="false" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
-    </AttributeConsumingService>
-  </SPSSODescriptor>
-  <Organization>
-    <OrganizationName xml:lang="en">geant.net</OrganizationName>
-    <OrganizationDisplayName xml:lang="en">GÉANT</OrganizationDisplayName>
-    <OrganizationURL xml:lang="en">http://www.geant.net/</OrganizationURL>
-  </Organization>
-  <ContactPerson contactType="support">
-    <GivenName>eduGAIN</GivenName>
-    <SurName>Integration</SurName>
-    <EmailAddress>mailto:edugain-integration@geant.net</EmailAddress>
-  </ContactPerson>
-  <ContactPerson contactType="technical">
-    <GivenName>eduGAIN</GivenName>
-    <SurName>Operation</SurName>
-    <EmailAddress>mailto:edugain-ot@geant.net</EmailAddress>
-  </ContactPerson>
-</EntityDescriptor>
diff --git a/swamid-edugain-sp-1.0.mxml b/swamid-edugain-sp-1.0.mxml
index 479ef025..32581231 100644
--- a/swamid-edugain-sp-1.0.mxml
+++ b/swamid-edugain-sp-1.0.mxml
@@ -9,7 +9,6 @@
   <xi:include href="swamid-2.0/keybucket.app.nordu.net-saml2-sp-metadata.xml"/>
   <xi:include href="swamid-2.0/egiswamid.egi.kth.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/box-idp.nordu.net-simplesaml-module.php-saml-sp-metadata.php-default-sp.xml"/>
-  <xi:include href="swamid-2.0/wiki.edugain.org-shibboleth.xml"/>
   <xi:include href="swamid-2.0/test-adfs.geant.net-adfs-services-trust.xml"/>
   <xi:include href="swamid-2.0/www.mediafora.net-simplesaml-module.php-saml-sp-metadata.php-media-network-sp.xml"/>
   <xi:include href="swamid-2.0/crowd.nordu.net-shibboleth.xml"/>
diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml
index 2f63ee3e..0bec31e8 100644
--- a/swamid-sp-2.0.mxml
+++ b/swamid-sp-2.0.mxml
@@ -52,7 +52,6 @@
   <xi:include href="swamid-2.0/lpwtest.it.ki.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/medlem.chs.chalmers.se-saml-simplesamlphp-www-module.php-saml-sp-metadata.php-ageramedlem.xml"/>
   <xi:include href="swamid-2.0/medlem.studentkareniboras.se-saml-simplesamlwww-module.php-saml-sp-metadata.php-ageramedlem.xml"/>
-  <xi:include href="swamid-2.0/wiki.edugain.org-shibboleth.xml"/>
   <xi:include href="swamid-2.0/shibboleth.msacademicverify.com-shibboleth-sp.xml"/>
   <xi:include href="swamid-2.0/confluence.its.umu.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/jira.its.umu.se-shibboleth.xml"/>
-- 
cgit v1.2.3


From 0b831924bfcd3a0fcda0ab0eea5ec21c7723a56c Mon Sep 17 00:00:00 2001
From: Björn Mattsson <Bjorn.Mattsson@bth.se>
Date: Mon, 25 Sep 2017 08:04:28 +0200
Subject: Resolved SWAMID-218

---
 swamid-2.0/idp2.rkh.se-idp-shibboleth.xml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/swamid-2.0/idp2.rkh.se-idp-shibboleth.xml b/swamid-2.0/idp2.rkh.se-idp-shibboleth.xml
index 299c552b..a1be203e 100644
--- a/swamid-2.0/idp2.rkh.se-idp-shibboleth.xml
+++ b/swamid-2.0/idp2.rkh.se-idp-shibboleth.xml
@@ -1,10 +1,13 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://idp2.rkh.se/idp/shibboleth">
   <Extensions>
-    <attr:EntityAttributes xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute">
-      <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+    <attr:EntityAttributes xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
+      <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
         <saml:AttributeValue>http://www.swamid.se/policy/assurance/al1</saml:AttributeValue>
       </saml:Attribute>
+      <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+        <saml:AttributeValue>http://refeds.org/category/hide-from-discovery</saml:AttributeValue>
+      </saml:Attribute>
     </attr:EntityAttributes>
   </Extensions>
   <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
-- 
cgit v1.2.3


From 439cdd7781c7c71c31d6945b7167f3c7081b55da Mon Sep 17 00:00:00 2001
From: Björn Mattsson <Bjorn.Mattsson@bth.se>
Date: Mon, 25 Sep 2017 13:44:02 +0200
Subject: Resolved SWAMID-220

---
 swamid-2.0/itslearning.com.xml      | 122 ++++++++++++++++++++++++++++++++++++
 swamid-2.0/test.itslearning.com.xml |  88 ++++++++++++++++++++++++++
 swamid-sp-2.0.mxml                  |   2 +
 3 files changed, 212 insertions(+)
 create mode 100644 swamid-2.0/itslearning.com.xml
 create mode 100644 swamid-2.0/test.itslearning.com.xml

diff --git a/swamid-2.0/itslearning.com.xml b/swamid-2.0/itslearning.com.xml
new file mode 100644
index 00000000..774682d5
--- /dev/null
+++ b/swamid-2.0/itslearning.com.xml
@@ -0,0 +1,122 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="urn:mace:saml2v2.no:services:com.itslearning">
+  <Extensions>
+    <attr:EntityAttributes xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute">
+      <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+        <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+        <samla:AttributeValue>http://www.swamid.se/category/eu-adequate-protection</samla:AttributeValue>
+      </samla:Attribute>
+    </attr:EntityAttributes>
+  </Extensions>
+  <SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <Extensions>
+      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+        <mdui:DisplayName xml:lang="en">itslearning</mdui:DisplayName>
+        <mdui:DisplayName xml:lang="sv">itslearning</mdui:DisplayName>
+        <mdui:Description xml:lang="en">itslearning is a cloud-based LMS that connects people with passions, ideas, and each other.</mdui:Description>
+        <mdui:Description xml:lang="sv">itslearning is a cloud-based LMS that connects people with passions, ideas, and each other.</mdui:Description>
+        <mdui:InformationURL xml:lang="sv">https://itslearning.com/global/higher-education/lms-overview/</mdui:InformationURL>
+        <mdui:InformationURL xml:lang="en">https://itslearning.com/global/higher-education/lms-overview/</mdui:InformationURL>
+        <mdui:PrivacyStatementURL xml:lang="sv">https://itslearning.com/global/privacy-policy/</mdui:PrivacyStatementURL>
+        <mdui:PrivacyStatementURL xml:lang="en">https://itslearning.com/global/privacy-policy/</mdui:PrivacyStatementURL>
+      </mdui:UIInfo>
+    </Extensions>
+    <KeyDescriptor use="signing">
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:X509Data>
+          <ds:X509Certificate>
+            MIIGIzCCBQugAwIBAgIRALUG/lMf4ilOPuZcvQG5yDowDQYJKoZIhvcNAQELBQAw
+            gZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
+            BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYD
+            VQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBT
+            ZXJ2ZXIgQ0EwHhcNMTUwNzE0MDAwMDAwWhcNMTgwNzEzMjM1OTU5WjCCAQUxCzAJ
+            BgNVBAYTAk5PMQ0wCwYDVQQREwQ1MDU5MRIwEAYDVQQIEwlIT1JEQUxBTkQxDzAN
+            BgNVBAcTBkJlcmdlbjEcMBoGA1UECRMTRWR2YXJkIEdyaWVncyBWZWkgMzEYMBYG
+            A1UEChMPSXRzIExlYXJuaW5nIEFTMRswGQYDVQQLExJpdHNsZWFybmluZyBGcmFu
+            Y2UxNTAzBgNVBAsTLElzc3VlZCB0aHJvdWdoIEl0cyBMZWFybmluZyBBUyBFLVBL
+            SSBNYW5hZ2VyMRcwFQYDVQQLEw5JbnN0YW50U1NMIFBybzEdMBsGA1UEAxMUYXV0
+            aC5pdHNsZWFybmluZy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+            AQCnMiSYW33IAVgQLVF/43Ke524DM0pehzOVUrZJjwM+VNB5Iz1t0Zd5ZLJ71rPR
+            HyYTrtlrwiW4bdCOXpj8q8r3x368YawR3vW9pTxvBzADDUE60HLqNnaLzXbEtgOJ
+            x/fN/y1vEe/ysL7sFgfZYsK6Esa+ZckzRmhjhIA8Y7AzFxnUwo99S5/MfwAjRpkV
+            lChPFgWFW4zecI+qj092VaDJHpfoGR15cv6onHrqUE8gqKsSZ2LrHrzNCoVGO00R
+            RS0i0T+yEccvLB0GlIwgK1NJO3BPar25hIV2NHXTck5tn9iLlyXNChKZK0lJMACb
+            kyiA4etM//NW0xCZG9DHVLCvAgMBAAGjggH4MIIB9DAfBgNVHSMEGDAWgBSa8yva
+            z61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQUziNakwabutZPrjgskjLsLwud1aMw
+            DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH
+            AwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCswKQYIKwYB
+            BQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeBDAECAjBa
+            BgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9S
+            U0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGLBggr
+            BgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6Ly9jcnQuY29tb2RvY2EuY29t
+            L0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5j
+            cnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTA5BgNVHREE
+            MjAwghRhdXRoLml0c2xlYXJuaW5nLmNvbYIYd3d3LmF1dGguaXRzbGVhcm5pbmcu
+            Y29tMA0GCSqGSIb3DQEBCwUAA4IBAQBWP/nHSKbTILdOwcCKxyTcG6IYDkUUnwFG
+            QPRO8dRu0p55j5m2scN+svm3PqrejqNobeh80VcNahdHY/runY+JpzdXohBsS+oL
+            E7t8lBPW4IlNpRi3OBOywnJ0cGIn5PyaMgDyQoWorgBey2m+wfVtWOlyqSIzHdDC
+            +2lyPs5rvfbdSzfPeRv+D6/5k/GwCDOz+u/h0ynqDkZojEWShYP0ROckhhUQRxPl
+            JNq2fHe+JwzyEqLJ/k5UcBzrwmzqy5K2Gaj2i6ySiAmoCVhF9/Dl5Tae6bv55IGI
+            RZNHXVWClNE2/q9xZotJor1siWGA0F3sZjTHTYK7176mUNDWJyjX
+          </ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+    </KeyDescriptor>
+    <KeyDescriptor use="encryption">
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:X509Data>
+          <ds:X509Certificate>
+            MIIGIzCCBQugAwIBAgIRALUG/lMf4ilOPuZcvQG5yDowDQYJKoZIhvcNAQELBQAw
+            gZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
+            BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYD
+            VQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBT
+            ZXJ2ZXIgQ0EwHhcNMTUwNzE0MDAwMDAwWhcNMTgwNzEzMjM1OTU5WjCCAQUxCzAJ
+            BgNVBAYTAk5PMQ0wCwYDVQQREwQ1MDU5MRIwEAYDVQQIEwlIT1JEQUxBTkQxDzAN
+            BgNVBAcTBkJlcmdlbjEcMBoGA1UECRMTRWR2YXJkIEdyaWVncyBWZWkgMzEYMBYG
+            A1UEChMPSXRzIExlYXJuaW5nIEFTMRswGQYDVQQLExJpdHNsZWFybmluZyBGcmFu
+            Y2UxNTAzBgNVBAsTLElzc3VlZCB0aHJvdWdoIEl0cyBMZWFybmluZyBBUyBFLVBL
+            SSBNYW5hZ2VyMRcwFQYDVQQLEw5JbnN0YW50U1NMIFBybzEdMBsGA1UEAxMUYXV0
+            aC5pdHNsZWFybmluZy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+            AQCnMiSYW33IAVgQLVF/43Ke524DM0pehzOVUrZJjwM+VNB5Iz1t0Zd5ZLJ71rPR
+            HyYTrtlrwiW4bdCOXpj8q8r3x368YawR3vW9pTxvBzADDUE60HLqNnaLzXbEtgOJ
+            x/fN/y1vEe/ysL7sFgfZYsK6Esa+ZckzRmhjhIA8Y7AzFxnUwo99S5/MfwAjRpkV
+            lChPFgWFW4zecI+qj092VaDJHpfoGR15cv6onHrqUE8gqKsSZ2LrHrzNCoVGO00R
+            RS0i0T+yEccvLB0GlIwgK1NJO3BPar25hIV2NHXTck5tn9iLlyXNChKZK0lJMACb
+            kyiA4etM//NW0xCZG9DHVLCvAgMBAAGjggH4MIIB9DAfBgNVHSMEGDAWgBSa8yva
+            z61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQUziNakwabutZPrjgskjLsLwud1aMw
+            DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH
+            AwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCswKQYIKwYB
+            BQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeBDAECAjBa
+            BgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9S
+            U0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGLBggr
+            BgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6Ly9jcnQuY29tb2RvY2EuY29t
+            L0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5j
+            cnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTA5BgNVHREE
+            MjAwghRhdXRoLml0c2xlYXJuaW5nLmNvbYIYd3d3LmF1dGguaXRzbGVhcm5pbmcu
+            Y29tMA0GCSqGSIb3DQEBCwUAA4IBAQBWP/nHSKbTILdOwcCKxyTcG6IYDkUUnwFG
+            QPRO8dRu0p55j5m2scN+svm3PqrejqNobeh80VcNahdHY/runY+JpzdXohBsS+oL
+            E7t8lBPW4IlNpRi3OBOywnJ0cGIn5PyaMgDyQoWorgBey2m+wfVtWOlyqSIzHdDC
+            +2lyPs5rvfbdSzfPeRv+D6/5k/GwCDOz+u/h0ynqDkZojEWShYP0ROckhhUQRxPl
+            JNq2fHe+JwzyEqLJ/k5UcBzrwmzqy5K2Gaj2i6ySiAmoCVhF9/Dl5Tae6bv55IGI
+            RZNHXVWClNE2/q9xZotJor1siWGA0F3sZjTHTYK7176mUNDWJyjX
+          </ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+    </KeyDescriptor>
+    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.itslearning.com/elogin/SingleLogoutHandler.aspx"/>
+    <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+    <AssertionConsumerService index="0" isDefault="true" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.itslearning.com/eLogin/AssertionConsumerService.aspx"/>
+  </SPSSODescriptor>
+  <Organization>
+    <OrganizationName xml:lang="en">itslearning</OrganizationName>
+    <OrganizationDisplayName xml:lang="en">itslearning</OrganizationDisplayName>
+    <OrganizationURL xml:lang="en">http://www.itslearning.eu</OrganizationURL>
+  </Organization>
+  <ContactPerson xml:lang="en" contactType="technical">
+    <EmailAddress>support@itslearning.com</EmailAddress>
+  </ContactPerson>
+  <ContactPerson xml:lang="en" contactType="support">
+    <EmailAddress>support@itslearning.com</EmailAddress>
+  </ContactPerson>
+</EntityDescriptor>
diff --git a/swamid-2.0/test.itslearning.com.xml b/swamid-2.0/test.itslearning.com.xml
new file mode 100644
index 00000000..06cd9ef8
--- /dev/null
+++ b/swamid-2.0/test.itslearning.com.xml
@@ -0,0 +1,88 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="urn:mace:saml2v2.no:services:com.itslearning.test">
+  <Extensions>
+    <attr:EntityAttributes xmlns:attr="urn:oasis:names:tc:SAML:metadata:attribute">
+      <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
+        <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
+        <samla:AttributeValue>http://www.swamid.se/category/eu-adequate-protection</samla:AttributeValue>
+      </samla:Attribute>
+    </attr:EntityAttributes>
+  </Extensions>
+  <SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <Extensions>
+      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+        <mdui:DisplayName xml:lang="en">itslearning</mdui:DisplayName>
+        <mdui:DisplayName xml:lang="sv">itslearning</mdui:DisplayName>
+        <mdui:Description xml:lang="en">itslearning is a cloud-based LMS that connects people with passions, ideas, and each other.</mdui:Description>
+        <mdui:Description xml:lang="sv">itslearning is a cloud-based LMS that connects people with passions, ideas, and each other.</mdui:Description>
+        <mdui:InformationURL xml:lang="sv">https://itslearning.com/global/higher-education/lms-overview/</mdui:InformationURL>
+        <mdui:InformationURL xml:lang="en">https://itslearning.com/global/higher-education/lms-overview/</mdui:InformationURL>
+        <mdui:PrivacyStatementURL xml:lang="sv">https://itslearning.com/global/privacy-policy/</mdui:PrivacyStatementURL>
+        <mdui:PrivacyStatementURL xml:lang="en">https://itslearning.com/global/privacy-policy/</mdui:PrivacyStatementURL>
+      </mdui:UIInfo>
+    </Extensions>
+    <KeyDescriptor use="signing">
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:X509Data>
+          <ds:X509Certificate>MIIDSjCCAjKgAwIBAgIJANHlAs0Pmk6oMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
+BAMTG3Rlc3QuZWxvZ2luLml0c2xlYXJuaW5nLmNvbTAeFw0xMTA5MzAxMjExMzda
+Fw0yMTA5MjcxMjExMzdaMCYxJDAiBgNVBAMTG3Rlc3QuZWxvZ2luLml0c2xlYXJu
+aW5nLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOt9qnZRgl4E
+zl58ZnyfD9+LHqkEwFeG1Y74/MnUftwMOsMqsZL7tvCgIflx5K9YQ4oFZR8FSVu7
+ZSqp/93uP0iMymHCxqYl7raJnAzOCHdAorucV1Epyqf+Is0NfNYcFDlr/r4jPx7d
+GLjeKqkXwuvdctlLy56m5avaGgryzqwx5dB68WHOixY7ds63cx6412PXkiV2r5Ly
+JiwRU+FWfajgsXRG86LXqyFj2iwPbjcNHx6iKLQ+Q31gmZuwhIFpSwTB2+Gxkx9O
+l/b/c5C4eAuxHKjtS3IXgTxtYAKevLvd2OGGFoKAduodnaBJw2aQF5j/BUBhS/id
+K/pAnP3QNuECAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3Bl
+blNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFJ9dNm6hCTPor+EU
+TkkicbHDgscTMB8GA1UdIwQYMBaAFJ9dNm6hCTPor+EUTkkicbHDgscTMA0GCSqG
+SIb3DQEBBQUAA4IBAQCV8x7Ee10nAPNTHcT1NldwxzMiawBm3+nFLbbakNGlELno
+cPK6317hlwNcrXxsvitrm8atJj1SCnRhybN8+qNynytoz/9g+g0kCYcXkn17yoJV
+cBhcgn2gebMgy8m5o5/mtBSYSLJpkILZFUnsOvGU+dqBlnkmwgEWQNqvd8HMciPV
+pC6bXuEDApnz2Ma20sPgm5J1aWQMshJLh4aUj54qQjWlGgoUEaKJWRHkUqhPMFZ+
+pPxFefcnvS2BADNY6p7jdfy+/wYcNVq9BJlg2jcp12rv27D++qmyRxsRH+47L/xC
+L0Gxkp4Wyq0nkpjQ4E2v9nFsPiXf4kL8Cc7Oa87n</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+    </KeyDescriptor>
+    <KeyDescriptor use="encryption">
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:X509Data>
+          <ds:X509Certificate>MIIDSjCCAjKgAwIBAgIJANHlAs0Pmk6oMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
+BAMTG3Rlc3QuZWxvZ2luLml0c2xlYXJuaW5nLmNvbTAeFw0xMTA5MzAxMjExMzda
+Fw0yMTA5MjcxMjExMzdaMCYxJDAiBgNVBAMTG3Rlc3QuZWxvZ2luLml0c2xlYXJu
+aW5nLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOt9qnZRgl4E
+zl58ZnyfD9+LHqkEwFeG1Y74/MnUftwMOsMqsZL7tvCgIflx5K9YQ4oFZR8FSVu7
+ZSqp/93uP0iMymHCxqYl7raJnAzOCHdAorucV1Epyqf+Is0NfNYcFDlr/r4jPx7d
+GLjeKqkXwuvdctlLy56m5avaGgryzqwx5dB68WHOixY7ds63cx6412PXkiV2r5Ly
+JiwRU+FWfajgsXRG86LXqyFj2iwPbjcNHx6iKLQ+Q31gmZuwhIFpSwTB2+Gxkx9O
+l/b/c5C4eAuxHKjtS3IXgTxtYAKevLvd2OGGFoKAduodnaBJw2aQF5j/BUBhS/id
+K/pAnP3QNuECAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3Bl
+blNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFJ9dNm6hCTPor+EU
+TkkicbHDgscTMB8GA1UdIwQYMBaAFJ9dNm6hCTPor+EUTkkicbHDgscTMA0GCSqG
+SIb3DQEBBQUAA4IBAQCV8x7Ee10nAPNTHcT1NldwxzMiawBm3+nFLbbakNGlELno
+cPK6317hlwNcrXxsvitrm8atJj1SCnRhybN8+qNynytoz/9g+g0kCYcXkn17yoJV
+cBhcgn2gebMgy8m5o5/mtBSYSLJpkILZFUnsOvGU+dqBlnkmwgEWQNqvd8HMciPV
+pC6bXuEDApnz2Ma20sPgm5J1aWQMshJLh4aUj54qQjWlGgoUEaKJWRHkUqhPMFZ+
+pPxFefcnvS2BADNY6p7jdfy+/wYcNVq9BJlg2jcp12rv27D++qmyRxsRH+47L/xC
+L0Gxkp4Wyq0nkpjQ4E2v9nFsPiXf4kL8Cc7Oa87n</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+    </KeyDescriptor>
+    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.itsltest.com/elogin/SingleLogoutHandler.aspx"/>
+    <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+    <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.itsltest.com/elogin/AssertionConsumerService.aspx" index="0" isDefault="true"/>
+  </SPSSODescriptor>
+  <Organization>
+    <OrganizationName xml:lang="en">itslearning (test)</OrganizationName>
+    <OrganizationDisplayName xml:lang="en">itslearning (test)</OrganizationDisplayName>
+    <OrganizationURL xml:lang="en">http://www.itslearning.eu</OrganizationURL>
+  </Organization>
+  <ContactPerson xml:lang="en" contactType="technical">
+    <EmailAddress>support@itslearning.com</EmailAddress>
+  </ContactPerson>
+  <ContactPerson xml:lang="en" contactType="support">
+    <EmailAddress>support@itslearning.com</EmailAddress>
+  </ContactPerson>
+</EntityDescriptor>
diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml
index 0bec31e8..2ce584a9 100644
--- a/swamid-sp-2.0.mxml
+++ b/swamid-sp-2.0.mxml
@@ -669,4 +669,6 @@
   <xi:include href="swamid-2.0/pingpong.hj.se-Shibboleth.sso-Metadata.xml"/>
   <xi:include href="swamid-2.0/redcap.ki.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/redcap.tst.ki.se-shibboleth.xml"/>
+  <xi:include href="swamid-2.0/itslearning.com.xml"/>
+  <xi:include href="swamid-2.0/test.itslearning.com.xml"/>
 </md:EntitiesDescriptor>
-- 
cgit v1.2.3


From f67842e100231fec62d0114a7067e1f98eb5bb3a Mon Sep 17 00:00:00 2001
From: Björn Mattsson <Bjorn.Mattsson@bth.se>
Date: Wed, 27 Sep 2017 09:28:37 +0200
Subject: Added 1:st part of SWAMID-222

---
 ...st-rkh.pingpong.net-Shibboleth.sso-Metadata.xml | 42 ++++++++++++++++++++++
 swamid-sp-2.0.mxml                                 |  1 +
 2 files changed, 43 insertions(+)
 create mode 100644 swamid-2.0/test-rkh.pingpong.net-Shibboleth.sso-Metadata.xml

diff --git a/swamid-2.0/test-rkh.pingpong.net-Shibboleth.sso-Metadata.xml b/swamid-2.0/test-rkh.pingpong.net-Shibboleth.sso-Metadata.xml
new file mode 100644
index 00000000..73d88ff9
--- /dev/null
+++ b/swamid-2.0/test-rkh.pingpong.net-Shibboleth.sso-Metadata.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://test-rkh.pingpong.net/Shibboleth.sso/Metadata">
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <md:Extensions>
+      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+        <mdui:DisplayName xml:lang="sv">TEST-PING PONG vid RKH </mdui:DisplayName>
+        <mdui:DisplayName xml:lang="en">TEST-PING PONG at RKH </mdui:DisplayName>
+        <mdui:Description xml:lang="sv">TEST-versionen av Lärplattformen PING PONG vid Röda korsets högskola. </mdui:Description>
+        <mdui:Description xml:lang="en">TEST-versionen av The learning platform PING PONG at The Swedish Red Cross University College. </mdui:Description>
+        <mdui:Logo height="168" width="50">https://test-rkh.pingpong.net/login/pingpong-logo-168x50.png </mdui:Logo>
+        <mdui:Logo height="16" width="16">https://test-rkh.pingpong.net/login/pingpong-logo-16x16.png
+            </mdui:Logo>
+      </mdui:UIInfo>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://test-rkh.pingpong.net/Shibboleth.sso/Login"/>
+    </md:Extensions>
+    <md:KeyDescriptor>
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:X509Data>
+          <ds:X509Certificate>MIIDAzCCAeugAwIBAgIJAMVvfL7J0nz+MA0GCSqGSIb3DQEBBQUAMB8xHTAbBgNV
+BAMTFGtydXNiYXIucGluZ3BvbmcubmV0MB4XDTEyMDYyODE1MDYzMFoXDTIyMDYy
+NjE1MDYzMFowHzEdMBsGA1UEAxMUa3J1c2Jhci5waW5ncG9uZy5uZXQwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvh+Jg4oen/vUUGtx9eAaYY5rXtTFl
+1nMfq5x3XghdSV8uPg4bQ6VXw/9fZVTnAO3iFrF1LrfjuZWhZN2iL40nXfM1isSR
+mDZDF7CgqwsnoaVodgS/OyL9Q9iGOaXrM2lrN4ucuFAZcd3MUIrZjyBp3jtWkuTp
+T1VHnicxVWbT8VsjrWAdj1MUFv2IeWPP1it+4dwUDZrLqKhRWnFAo8zGHXiyO+aw
+U1Qb/52EShNykDHWBbtzgadLhPQzWQy5E457wvNVFbad0cc29vASufbIhzBGE/U3
+DdVI6jphpn5QMZfHhl9BLoqr9MJh1F1BRlL+HOcLXbQqg0JD/d1d7XAjAgMBAAGj
+QjBAMB8GA1UdEQQYMBaCFGtydXNiYXIucGluZ3BvbmcubmV0MB0GA1UdDgQWBBQd
+qBIVHafXKIz/Jr3tdLtcKbzR8zANBgkqhkiG9w0BAQUFAAOCAQEAKYOuyj800ABK
+R99elNxsDEddcjmIJQbO5tAosETGVlyqqdWL2D1rtSw0CTQiaba5Ae/TcgR/fnOv
+1g3uBZA26iQPbzsKGKYsB21aUEPJO0ZVhTdcid1tS672fOIZf1Y8+hmNh1psAurp
+DNOpoBNLoM8S8P95Q7hM6xLM76D1R61q4kO3np/YLYwNQSsHnHddu8/9oJu5j7oV
+KGPGrSczPfxG4plIUxm5tzNkHqNyYQttKrXGqdtCdkwjtYxS48G/ba1XkR/+baMf
+D8OuFV1n1oNCM9fqRzlCOyA7ISZyMlfiMCP3HXs53AcrRAnUKYwkP6Q4dIPS3C4Y
+LaCAPwuThQ==
+</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+    </md:KeyDescriptor>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test-rkh.pingpong.net/Shibboleth.sso/SAML2/POST" index="1"/>
+  </md:SPSSODescriptor>
+</md:EntityDescriptor>
diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml
index 2ce584a9..b53c6bc5 100644
--- a/swamid-sp-2.0.mxml
+++ b/swamid-sp-2.0.mxml
@@ -671,4 +671,5 @@
   <xi:include href="swamid-2.0/redcap.tst.ki.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/itslearning.com.xml"/>
   <xi:include href="swamid-2.0/test.itslearning.com.xml"/>
+  <xi:include href="swamid-2.0/test-rkh.pingpong.net-Shibboleth.sso-Metadata.xml"/>
 </md:EntitiesDescriptor>
-- 
cgit v1.2.3


From ccd3573c9142670cd8dd0e2d64177b46120162ae Mon Sep 17 00:00:00 2001
From: Björn Mattsson <Bjorn.Mattsson@bth.se>
Date: Thu, 28 Sep 2017 11:06:51 +0200
Subject: Resolved SWAMID-223

---
 swamid-2.0/idp.hb.se-idp-shibboleth.xml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/swamid-2.0/idp.hb.se-idp-shibboleth.xml b/swamid-2.0/idp.hb.se-idp-shibboleth.xml
index 5454bc56..55143038 100644
--- a/swamid-2.0/idp.hb.se-idp-shibboleth.xml
+++ b/swamid-2.0/idp.hb.se-idp-shibboleth.xml
@@ -214,8 +214,8 @@ hdayeb3tw8qRMHjEVgFSXDHRlA==
   </Organization>
   <ContactPerson contactType="administrative">
     <Company>University of Borås</Company>
-    <SurName>IT-avdelningen</SurName>
-    <EmailAddress>mailto:it-avdelningen@hb.se</EmailAddress>
+    <SurName>Campus and IT services</SurName>
+    <EmailAddress>mailto:campusservice@hb.se</EmailAddress>
     <TelephoneNumber>+46 33 435 4690</TelephoneNumber>
   </ContactPerson>
   <ContactPerson contactType="technical">
@@ -226,8 +226,8 @@ hdayeb3tw8qRMHjEVgFSXDHRlA==
   </ContactPerson>
   <ContactPerson contactType="support">
     <Company>University of Borås</Company>
-    <SurName>IT-avdelningen</SurName>
-    <EmailAddress>mailto:it-avdelningen@hb.se</EmailAddress>
+    <SurName>Campus and IT services</SurName>
+    <EmailAddress>mailto:campusservice@hb.se</EmailAddress>
     <TelephoneNumber>+46 33 435 4690</TelephoneNumber>
   </ContactPerson>
 </EntityDescriptor>
-- 
cgit v1.2.3


From 43284a0dd42fbd3743a1cd2c10ee68630710252e Mon Sep 17 00:00:00 2001
From: Paul Scott <paul.scott@kau.se>
Date: Mon, 2 Oct 2017 12:36:27 +0200
Subject: Resolves SWAMIDOPS-225

---
 swamid-2.0/registrera.hb.se-shibboleth.xml  | 101 ----------------------------
 swamid-2.0/selfservice.hb.se-shibboleth.xml |  64 +++++++++---------
 swamid-sp-2.0.mxml                          |   1 -
 3 files changed, 32 insertions(+), 134 deletions(-)
 delete mode 100644 swamid-2.0/registrera.hb.se-shibboleth.xml

diff --git a/swamid-2.0/registrera.hb.se-shibboleth.xml b/swamid-2.0/registrera.hb.se-shibboleth.xml
deleted file mode 100644
index 9fdc2816..00000000
--- a/swamid-2.0/registrera.hb.se-shibboleth.xml
+++ /dev/null
@@ -1,101 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://registrera.hb.se/shibboleth">
-  <md:Extensions>
-    <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
-      <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
-        <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
-        <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
-        <samla:AttributeValue>http://www.swamid.se/category/sfs-1993-1153</samla:AttributeValue>
-      </samla:Attribute>
-    </mdattr:EntityAttributes>
-  </md:Extensions>
-  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
-    <md:Extensions>
-      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
-        <mdui:DisplayName xml:lang="sv">HB Registrering</mdui:DisplayName>
-        <mdui:DisplayName xml:lang="en">HB Registration</mdui:DisplayName>
-        <mdui:Description xml:lang="sv">Studentportal för registrering och kontoskapande på Högskolan i Borås.</mdui:Description>
-        <mdui:Description xml:lang="en">Studentportal for registration and account creation at Högskolan i Borås.</mdui:Description>
-      </mdui:UIInfo>
-    </md:Extensions>
-    <md:KeyDescriptor use="signing">
-      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
-        <ds:KeyName>registrera.hb.se</ds:KeyName>
-        <ds:KeyName>vm-registrera.hb.se</ds:KeyName>
-        <ds:X509Data>
-          <ds:X509SubjectName>CN=registrera.hb.se,OU=GF,O=H\C3\B6gskolan i Bor\C3\A5s,C=SE</ds:X509SubjectName>
-          <ds:X509Certificate>MIIECjCCAvKgAwIBAgIRAMRSDmNt6njEH0n9VYTNaVgwDQYJKoZIhvcNAQEFBQAw
-NjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5B
-IFNTTCBDQTAeFw0wOTEyMTQwMDAwMDBaFw0xMjEyMTMyMzU5NTlaMFMxCzAJBgNV
-BAYTAlNFMRwwGgYDVQQKDBNIw7Znc2tvbGFuIGkgQm9yw6VzMQswCQYDVQQLEwJH
-RjEZMBcGA1UEAxMQcmVnaXN0cmVyYS5oYi5zZTCBnzANBgkqhkiG9w0BAQEFAAOB
-jQAwgYkCgYEAyN72d/ptyFijjHr3r/6TzZUHYbBAxMBfLCLhBcTYUoSs1NmVfq4v
-j9Gg9o9p4YHNkciQ3IlG/gX6YpbhdVNVAwoer+NAAwv7kyh6pCPYs1/UbT2cNdt4
-+2pmVGYYvephTGdiPD/l6+eJ2MSLIjg1OPyLLIc55/QwckVZ+aNxG5UCAwEAAaOC
-AXgwggF0MB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdXR+qQ47ntMB0GA1UdDgQW
-BBThMU05NRahK0xF+83OWb60YYywkDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
-BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGAYDVR0gBBEwDzAN
-BgsrBgEEAbIxAQICHTA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLnRjcy50
-ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNybDBtBggrBgEFBQcBAQRhMF8wNQYIKwYB
-BQUHMAKGKWh0dHA6Ly9jcnQudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0EuY3J0
-MCYGCCsGAQUFBzABhhpodHRwOi8vb2NzcC50Y3MudGVyZW5hLm9yZzAwBgNVHREE
-KTAnghByZWdpc3RyZXJhLmhiLnNlghN2bS1yZWdpc3RyZXJhLmhiLnNlMA0GCSqG
-SIb3DQEBBQUAA4IBAQCb7n3q9y9pWZoFLkQTfjkf+/CmXKP2KqLYRDutieeAN7HG
-m4odw7GslpKCcl7wkrRRGRAMj0SIbKP8sQoBfTebL1tIM6Yj+Tba2Ew+u0aGnXpv
-YuBPTLErr2fkkk/ZcY4JeqB3FTqes195SZF8WVtxJeI88dFMjK9kOLA5CK2EE/bd
-y+LBcpEC8uLx4GF6FJl5eQbnrR25A+VDqkxY+UtAVX/3m+XIeIg6n70LvnFTJmy+
-MbcotK0FqbwSIN7oyLWe5SjUSkrf/LAD/R3CXyGZvcGuUx3cX1ur7exlKMun6/lP
-Ni1kp0+3QaewFNePHmM8yl2mPmQulTWmlzOZN9ue
-</ds:X509Certificate>
-        </ds:X509Data>
-      </ds:KeyInfo>
-    </md:KeyDescriptor>
-    <md:KeyDescriptor use="encryption">
-      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
-        <ds:KeyName>registrera.hb.se</ds:KeyName>
-        <ds:KeyName>vm-registrera.hb.se</ds:KeyName>
-        <ds:X509Data>
-          <ds:X509SubjectName>CN=registrera.hb.se,OU=GF,O=H\C3\B6gskolan i Bor\C3\A5s,C=SE</ds:X509SubjectName>
-          <ds:X509Certificate>MIIECjCCAvKgAwIBAgIRAMRSDmNt6njEH0n9VYTNaVgwDQYJKoZIhvcNAQEFBQAw
-NjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5B
-IFNTTCBDQTAeFw0wOTEyMTQwMDAwMDBaFw0xMjEyMTMyMzU5NTlaMFMxCzAJBgNV
-BAYTAlNFMRwwGgYDVQQKDBNIw7Znc2tvbGFuIGkgQm9yw6VzMQswCQYDVQQLEwJH
-RjEZMBcGA1UEAxMQcmVnaXN0cmVyYS5oYi5zZTCBnzANBgkqhkiG9w0BAQEFAAOB
-jQAwgYkCgYEAyN72d/ptyFijjHr3r/6TzZUHYbBAxMBfLCLhBcTYUoSs1NmVfq4v
-j9Gg9o9p4YHNkciQ3IlG/gX6YpbhdVNVAwoer+NAAwv7kyh6pCPYs1/UbT2cNdt4
-+2pmVGYYvephTGdiPD/l6+eJ2MSLIjg1OPyLLIc55/QwckVZ+aNxG5UCAwEAAaOC
-AXgwggF0MB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdXR+qQ47ntMB0GA1UdDgQW
-BBThMU05NRahK0xF+83OWb60YYywkDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
-BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGAYDVR0gBBEwDzAN
-BgsrBgEEAbIxAQICHTA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLnRjcy50
-ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNybDBtBggrBgEFBQcBAQRhMF8wNQYIKwYB
-BQUHMAKGKWh0dHA6Ly9jcnQudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0EuY3J0
-MCYGCCsGAQUFBzABhhpodHRwOi8vb2NzcC50Y3MudGVyZW5hLm9yZzAwBgNVHREE
-KTAnghByZWdpc3RyZXJhLmhiLnNlghN2bS1yZWdpc3RyZXJhLmhiLnNlMA0GCSqG
-SIb3DQEBBQUAA4IBAQCb7n3q9y9pWZoFLkQTfjkf+/CmXKP2KqLYRDutieeAN7HG
-m4odw7GslpKCcl7wkrRRGRAMj0SIbKP8sQoBfTebL1tIM6Yj+Tba2Ew+u0aGnXpv
-YuBPTLErr2fkkk/ZcY4JeqB3FTqes195SZF8WVtxJeI88dFMjK9kOLA5CK2EE/bd
-y+LBcpEC8uLx4GF6FJl5eQbnrR25A+VDqkxY+UtAVX/3m+XIeIg6n70LvnFTJmy+
-MbcotK0FqbwSIN7oyLWe5SjUSkrf/LAD/R3CXyGZvcGuUx3cX1ur7exlKMun6/lP
-Ni1kp0+3QaewFNePHmM8yl2mPmQulTWmlzOZN9ue
-</ds:X509Certificate>
-        </ds:X509Data>
-      </ds:KeyInfo>
-    </md:KeyDescriptor>
-    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://registrera.hb.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://registrera.hb.se/Shibboleth.sso/SLO/SOAP"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://registrera.hb.se/Shibboleth.sso/SLO/Redirect"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://registrera.hb.se/Shibboleth.sso/SLO/POST"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://registrera.hb.se/Shibboleth.sso/SLO/Artifact"/>
-    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://registrera.hb.se/Shibboleth.sso/NIM/SOAP"/>
-    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://registrera.hb.se/Shibboleth.sso/NIM/Redirect"/>
-    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://registrera.hb.se/Shibboleth.sso/NIM/POST"/>
-    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://registrera.hb.se/Shibboleth.sso/NIM/Artifact"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://registrera.hb.se/Shibboleth.sso/SAML2/POST" index="1"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://registrera.hb.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://registrera.hb.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://registrera.hb.se/Shibboleth.sso/SAML2/ECP" index="4"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://registrera.hb.se/Shibboleth.sso/SAML/POST" index="5"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://registrera.hb.se/Shibboleth.sso/SAML/Artifact" index="6"/>
-  </md:SPSSODescriptor>
-</md:EntityDescriptor>
diff --git a/swamid-2.0/selfservice.hb.se-shibboleth.xml b/swamid-2.0/selfservice.hb.se-shibboleth.xml
index 597d31e9..ebf94887 100644
--- a/swamid-2.0/selfservice.hb.se-shibboleth.xml
+++ b/swamid-2.0/selfservice.hb.se-shibboleth.xml
@@ -1,22 +1,22 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://selfservice.hb.se/Shibboleth">
-  <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
-    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
-    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
-    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
-    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
-    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
-    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
-    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
-    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
-    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
-    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
-    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
-    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
-    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
-    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
-    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+  <md:Extensions>
+    <alg:DigestMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
     <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
       <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
         <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
@@ -32,18 +32,18 @@
       <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://selfservice.hb.se/Shibboleth.sso/DS/ds.swamid.se"/>
       <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://selfservice.hb.se/Shibboleth.sso/DS/ds.swamid.se" index="2"/>
       <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://selfservice.hb.se/Shibboleth.sso/WAYF/shibboleth.antagning.se"/>
-      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://registrera.hb.se/Shibboleth.sso/Login"/>
-      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://registrera.hb.se/Shibboleth.sso/Login" index="1"/>
-      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://registrera.hb.se/Shibboleth.sso/DS/ds.swamid.se"/>
-      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://registrera.hb.se/Shibboleth.sso/DS/ds.swamid.se" index="2"/>
-      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://registrera.hb.se/Shibboleth.sso/WAYF/shibboleth.antagning.se"/>
       <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://konto.hb.se/Shibboleth.sso/Login"/>
       <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://konto.hb.se/Shibboleth.sso/Login" index="1"/>
       <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://konto.hb.se/Shibboleth.sso/DS/ds.swamid.se"/>
       <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://konto.hb.se/Shibboleth.sso/DS/ds.swamid.se" index="2"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://admin.konto.hb.se/Shibboleth.sso/Login"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://admin.konto.hb.se/Shibboleth.sso/Login" index="1"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://admin.konto.hb.se/Shibboleth.sso/DS/ds.swamid.se"/>
+      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://admin.konto.hb.se/Shibboleth.sso/DS/ds.swamid.se" index="2"/>
       <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://konto.hb.se/Shibboleth.sso/WAYF/shibboleth.antagning.se"/>
       <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://konto.hb.se/Shibboleth.sso/WAYF/login.idp.eduid.se"/>
       <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://konto.hb.se/Shibboleth.sso/https://idp.hb.se/idp/profile/Shibboleth/SSO"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://admin.konto.hb.se/Shibboleth.sso/https://idp.hb.se/idp/profile/Shibboleth/SSO"/>
       <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
         <mdui:DisplayName xml:lang="sv">HB SelfService</mdui:DisplayName>
         <mdui:DisplayName xml:lang="en">HB SelfService</mdui:DisplayName>
@@ -86,34 +86,34 @@ JiEYVlHMJBAwzl9O8U5S35FL0p5iFCCIEvwgoNzeaktYyd0JXC847Y75LM1RcA==
       <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
     </md:KeyDescriptor>
     <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://selfservice.hb.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
-    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://registrera.hb.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
     <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://konto.hb.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://admin.konto.hb.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://selfservice.hb.se/Shibboleth.sso/SLO/SOAP"/>
     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://selfservice.hb.se/Shibboleth.sso/SLO/Redirect"/>
     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://selfservice.hb.se/Shibboleth.sso/SLO/POST"/>
     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://selfservice.hb.se/Shibboleth.sso/SLO/Artifact"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://registrera.hb.se/Shibboleth.sso/SLO/SOAP"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://registrera.hb.se/Shibboleth.sso/SLO/Redirect"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://registrera.hb.se/Shibboleth.sso/SLO/POST"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://registrera.hb.se/Shibboleth.sso/SLO/Artifact"/>
     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://konto.hb.se/Shibboleth.sso/SLO/SOAP"/>
     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://konto.hb.se/Shibboleth.sso/SLO/Redirect"/>
     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://konto.hb.se/Shibboleth.sso/SLO/POST"/>
     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://konto.hb.se/Shibboleth.sso/SLO/Artifact"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://admin.konto.hb.se/Shibboleth.sso/SLO/SOAP"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://admin.konto.hb.se/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://admin.konto.hb.se/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://admin.konto.hb.se/Shibboleth.sso/SLO/Artifact"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://selfservice.hb.se/Shibboleth.sso/SAML2/POST" index="1"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://selfservice.hb.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://selfservice.hb.se/Shibboleth.sso/SAML2/ECP" index="4"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://selfservice.hb.se/Shibboleth.sso/SAML/POST" index="5"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://selfservice.hb.se/Shibboleth.sso/SAML/Artifact" index="6"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://registrera.hb.se/Shibboleth.sso/SAML2/POST" index="1"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://registrera.hb.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://registrera.hb.se/Shibboleth.sso/SAML2/ECP" index="4"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://registrera.hb.se/Shibboleth.sso/SAML/POST" index="5"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://registrera.hb.se/Shibboleth.sso/SAML/Artifact" index="6"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://konto.hb.se/Shibboleth.sso/SAML2/POST" index="1"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://konto.hb.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://konto.hb.se/Shibboleth.sso/SAML2/ECP" index="4"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://konto.hb.se/Shibboleth.sso/SAML/POST" index="5"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://konto.hb.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://admin.konto.hb.se/Shibboleth.sso/SAML2/POST" index="1"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://admin.konto.hb.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://admin.konto.hb.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://admin.konto.hb.se/Shibboleth.sso/SAML/POST" index="5"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://admin.konto.hb.se/Shibboleth.sso/SAML/Artifact" index="6"/>
   </md:SPSSODescriptor>
 </md:EntityDescriptor>
diff --git a/swamid-sp-2.0.mxml b/swamid-sp-2.0.mxml
index b53c6bc5..108b6f6a 100644
--- a/swamid-sp-2.0.mxml
+++ b/swamid-sp-2.0.mxml
@@ -67,7 +67,6 @@
   <xi:include href="swamid-2.0/accountcheckout.lnu.se.xml"/>
   <xi:include href="swamid-2.0/umdac-stdout.umdc.umu.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/account-test.unit.liu.se-shibboleth-sp.xml"/>
-  <xi:include href="swamid-2.0/registrera.hb.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/aktivering.db.umu.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/nyainloggning.slu.se-shibboleth-sp.xml"/>
   <xi:include href="swamid-2.0/webapp-utv.ita.mdh.se-shibboleth.xml"/>
-- 
cgit v1.2.3