From aabc620b767e62550d244c2fa182ab0ab22e2fdc Mon Sep 17 00:00:00 2001 From: Paul Scott Date: Tue, 15 Mar 2016 08:27:44 +0100 Subject: Back out SH IdP while Tomas Legat troubleshoots --- swamid-2.0/idp.suni.se-adfs-services-trust.xml | 678 +------------------------ 1 file changed, 14 insertions(+), 664 deletions(-) diff --git a/swamid-2.0/idp.suni.se-adfs-services-trust.xml b/swamid-2.0/idp.suni.se-adfs-services-trust.xml index 103f92de..bbb025b1 100644 --- a/swamid-2.0/idp.suni.se-adfs-services-trust.xml +++ b/swamid-2.0/idp.suni.se-adfs-services-trust.xml @@ -1,625 +1,11 @@ - - - - - MIIEYzCCA0ugAwIBAgIQZHPOuyVURJge5wdOa1kfEzANBgkqhkiG9w0BAQUFADA2MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEgU1NMIENBMB4XDTE0MDMxMTAwMDAwMFoXDTE3MDQzMDIzNTk1OVowOTEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRQwEgYDVQQDEwtpZHAuc3VuaS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMB0RS/jwsLGyG8DB8mIqgzTcEwb5P/7y9beizxgvlJc3dbauQogUIwZtsUn2q7qbV5h66c68bl8fi+JhtJYWXXu/rA9d6i4cQSdKXJPTMAss2ZobcRmnVSDrj0ZTJ5+JBe+fuYI3cDaLy5rGz9PcgxqINcjM4wW01pKjnZzrVqbJ1dsSfWzU5AkMwVS+10UjQYLSeHg/2PAgfDRovqTqTfMpF16DXwx+OcqnJY2yN0JcpVggQNOE9a4y9L6qe0SYbbTlqbrlrz/X+0e4gQ8sjif4PdB4AXVb0dP9D3pjfLXim8leVarNN2knOPZmmFYWKEBNS5KHlkSnHFIyNFof3UCAwEAAaOCAWgwggFkMB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdXR+qQ47ntMB0GA1UdDgQWBBT3yAYidugFyhjhPMuNGIu6pA6hfzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICHTAIBgZngQwBAgEwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcmwwbQYIKwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAChilodHRwOi8vY3J0LnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNydDAmBggrBgEFBQcwAYYaaHR0cDovL29jc3AudGNzLnRlcmVuYS5vcmcwFgYDVR0RBA8wDYILaWRwLnN1bmkuc2UwDQYJKoZIhvcNAQEFBQADggEBAAdzCLw9BLbfTeYy0fLEWT4nrH5oBJ7G1Si/vdf8dvQlUF8gbtizKI/c7871smaPHge5DdwUwY9vqRkRrzeiM/mGUSgUCkN56Y17eTzmbvRQ6EPjpiZ/dlTBycedq2TmnxLM1VbO9Xx3rK07YdSdDn+y+n4GNJlL4NCED/rVDdsEBoy+nmztLLolGztRZPv8xLbCdE2vompEA7sbDsBv4hNCjsuVSCt8FlX3rz3uqaaNcG3r5tQ8VHtrQ7xCCRScSfoYoI0sgwE5BtThwDAi1arLp/tHN5Ow500zq4m8LZEdmGBZ56M3kIHEn1n8UOUlCMWYtYw1rIhX9FYyT8Dn2bY= - - - - - - E-Mail Address - The e-mail address of the user - - - Given Name - The given name of the user - - - Name - The unique name of the user - - - UPN - The user principal name (UPN) of the user - - - Common Name - The common name of the user - - - AD FS 1.x E-Mail Address - The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0 - - - Group - A group that the user is a member of - - - AD FS 1.x UPN - The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0 - - - Role - A role that the user has - - - Surname - The surname of the user - - - PPID - The private identifier of the user - - - Name ID - The SAML name identifier of the user - - - Authentication time stamp - Used to display the time and date that the user was authenticated - - - Authentication method - The method used to authenticate the user - - - Deny only group SID - The deny-only group SID of the user - - - Deny only primary SID - The deny-only primary SID of the user - - - Deny only primary group SID - The deny-only primary group SID of the user - - - Group SID - The group SID of the user - - - Primary group SID - The primary group SID of the user - - - Primary SID - The primary SID of the user - - - Windows account name - The domain account name of the user in the form of domain\user - - - Is Registered User - User is registered to use this device - - - Device Identifier - Identifier of the device - - - Device Registration Identifier - Identifier for Device Registration - - - Device Registration DisplayName - Display name of Device Registration - - - Device OS type - OS type of the device - - - Device OS Version - OS version of the device - - - Is Managed Device - Device is managed by a management service - - - Forwarded Client IP - IP address of the user - - - Client Application - Type of the Client Application - - - Client User Agent - Device type the client is using to access the application - - - Client IP - IP address of the client - - - Endpoint Path - Absolute Endpoint path which can be used to determine active versus passive clients - - - Proxy - DNS name of the federation server proxy that passed the request - - - Application Identifier - Identifier for the Relying Party - - - Application policies - Application policies of the certificate - - - Authority Key Identifier - The Authority Key Identifier extension of the certificate that signed an issued certificate - - - Basic Constraint - One of the basic constraints of the certificate - - - Enhanced Key Usage - Describes one of the enhanced key usages of the certificate - - - Issuer - The name of the certificate authority that issued the X.509 certificate - - - Issuer Name - The distinguished name of the certificate issuer - - - Key Usage - One of the key usages of the certificate - - - Not After - Date in local time after which a certificate is no longer valid - - - Not Before - The date in local time on which a certificate becomes valid - - - Certificate Policies - The policies under which the certificate has been issued - - - Public Key - Public Key of the certificate - - - Certificate Raw Data - The raw data of the certificate - - - Subject Alternative Name - One of the alternative names of the certificate - - - Serial Number - The serial number of a certificate - - - Signature Algorithm - The algorithm used to create the signature of a certificate - - - Subject - The subject from the certificate - - - Subject Key Identifier - Describes the subject key identifier of the certificate - - - Subject Name - The subject distinguished name from a certificate - - - V2 Template Name - The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific. - - - V1 Template Name - The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific. - - - Thumbprint - Thumbprint of the certificate - - - X.509 Version - The X.509 format version of a certificate - - - Inside Corporate Network - Used to indicate if a request originated inside corporate network - - - Password Expiration Time - Used to display the time when the password expires - - - Password Expiration Days - Used to display the number of days to password expiry - - - Update Password URL - Used to display the web address of update password service - - - Authentication Methods References - Used to indicate all authentication methods used to authenticate the user - - - Client Request ID - Identifier for a user session - - - Alternate Login ID - Alternate login ID of the user - - - norEduPersonNIN - - - - -
https://idp.suni.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256
- - -
https://idp.suni.se/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256
- - -
https://idp.suni.se/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256
- - -
https://idp.suni.se/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256
- - -
https://idp.suni.se/adfs/ls/
- - -
https://idp.suni.se/adfs/services/trust
- - - - -
https://idp.suni.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256
- - - - -
https://idp.suni.se/adfs/ls/
- - - - - - - - MIIEYzCCA0ugAwIBAgIQZHPOuyVURJge5wdOa1kfEzANBgkqhkiG9w0BAQUFADA2MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEgU1NMIENBMB4XDTE0MDMxMTAwMDAwMFoXDTE3MDQzMDIzNTk1OVowOTEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRQwEgYDVQQDEwtpZHAuc3VuaS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMB0RS/jwsLGyG8DB8mIqgzTcEwb5P/7y9beizxgvlJc3dbauQogUIwZtsUn2q7qbV5h66c68bl8fi+JhtJYWXXu/rA9d6i4cQSdKXJPTMAss2ZobcRmnVSDrj0ZTJ5+JBe+fuYI3cDaLy5rGz9PcgxqINcjM4wW01pKjnZzrVqbJ1dsSfWzU5AkMwVS+10UjQYLSeHg/2PAgfDRovqTqTfMpF16DXwx+OcqnJY2yN0JcpVggQNOE9a4y9L6qe0SYbbTlqbrlrz/X+0e4gQ8sjif4PdB4AXVb0dP9D3pjfLXim8leVarNN2knOPZmmFYWKEBNS5KHlkSnHFIyNFof3UCAwEAAaOCAWgwggFkMB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdXR+qQ47ntMB0GA1UdDgQWBBT3yAYidugFyhjhPMuNGIu6pA6hfzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICHTAIBgZngQwBAgEwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcmwwbQYIKwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAChilodHRwOi8vY3J0LnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNydDAmBggrBgEFBQcwAYYaaHR0cDovL29jc3AudGNzLnRlcmVuYS5vcmcwFgYDVR0RBA8wDYILaWRwLnN1bmkuc2UwDQYJKoZIhvcNAQEFBQADggEBAAdzCLw9BLbfTeYy0fLEWT4nrH5oBJ7G1Si/vdf8dvQlUF8gbtizKI/c7871smaPHge5DdwUwY9vqRkRrzeiM/mGUSgUCkN56Y17eTzmbvRQ6EPjpiZ/dlTBycedq2TmnxLM1VbO9Xx3rK07YdSdDn+y+n4GNJlL4NCED/rVDdsEBoy+nmztLLolGztRZPv8xLbCdE2vompEA7sbDsBv4hNCjsuVSCt8FlX3rz3uqaaNcG3r5tQ8VHtrQ7xCCRScSfoYoI0sgwE5BtThwDAi1arLp/tHN5Ow500zq4m8LZEdmGBZ56M3kIHEn1n8UOUlCMWYtYw1rIhX9FYyT8Dn2bY= - - - - - - - - - - E-Mail Address - The e-mail address of the user - - - Given Name - The given name of the user - - - Name - The unique name of the user - - - UPN - The user principal name (UPN) of the user - - - Common Name - The common name of the user - - - AD FS 1.x E-Mail Address - The e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0 - - - Group - A group that the user is a member of - - - AD FS 1.x UPN - The UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0 - - - Role - A role that the user has - - - Surname - The surname of the user - - - PPID - The private identifier of the user - - - Name ID - The SAML name identifier of the user - - - Authentication time stamp - Used to display the time and date that the user was authenticated - - - Authentication method - The method used to authenticate the user - - - Deny only group SID - The deny-only group SID of the user - - - Deny only primary SID - The deny-only primary SID of the user - - - Deny only primary group SID - The deny-only primary group SID of the user - - - Group SID - The group SID of the user - - - Primary group SID - The primary group SID of the user - - - Primary SID - The primary SID of the user - - - Windows account name - The domain account name of the user in the form of domain\user - - - Is Registered User - User is registered to use this device - - - Device Identifier - Identifier of the device - - - Device Registration Identifier - Identifier for Device Registration - - - Device Registration DisplayName - Display name of Device Registration - - - Device OS type - OS type of the device - - - Device OS Version - OS version of the device - - - Is Managed Device - Device is managed by a management service - - - Forwarded Client IP - IP address of the user - - - Client Application - Type of the Client Application - - - Client User Agent - Device type the client is using to access the application - - - Client IP - IP address of the client - - - Endpoint Path - Absolute Endpoint path which can be used to determine active versus passive clients - - - Proxy - DNS name of the federation server proxy that passed the request - - - Application Identifier - Identifier for the Relying Party - - - Application policies - Application policies of the certificate - - - Authority Key Identifier - The Authority Key Identifier extension of the certificate that signed an issued certificate - - - Basic Constraint - One of the basic constraints of the certificate - - - Enhanced Key Usage - Describes one of the enhanced key usages of the certificate - - - Issuer - The name of the certificate authority that issued the X.509 certificate - - - Issuer Name - The distinguished name of the certificate issuer - - - Key Usage - One of the key usages of the certificate - - - Not After - Date in local time after which a certificate is no longer valid - - - Not Before - The date in local time on which a certificate becomes valid - - - Certificate Policies - The policies under which the certificate has been issued - - - Public Key - Public Key of the certificate - - - Certificate Raw Data - The raw data of the certificate - - - Subject Alternative Name - One of the alternative names of the certificate - - - Serial Number - The serial number of a certificate - - - Signature Algorithm - The algorithm used to create the signature of a certificate - - - Subject - The subject from the certificate - - - Subject Key Identifier - Describes the subject key identifier of the certificate - - - Subject Name - The subject distinguished name from a certificate - - - V2 Template Name - The name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific. - - - V1 Template Name - The name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific. - - - Thumbprint - Thumbprint of the certificate - - - X.509 Version - The X.509 format version of a certificate - - - Inside Corporate Network - Used to indicate if a request originated inside corporate network - - - Password Expiration Time - Used to display the time when the password expires - - - Password Expiration Days - Used to display the number of days to password expiry - - - Update Password URL - Used to display the web address of update password service - - - Authentication Methods References - Used to indicate all authentication methods used to authenticate the user - - - Client Request ID - Identifier for a user session - - - Alternate Login ID - Alternate login ID of the user - - - norEduPersonNIN - - - - -
https://idp.suni.se/adfs/services/trust/2005/certificatemixed
- - - - -
https://idp.suni.se/adfs/services/trust/mex
- - - - - - - - -
https://idp.suni.se/adfs/ls/
- - - - - - - - MIIEYzCCA0ugAwIBAgIQZHPOuyVURJge5wdOa1kfEzANBgkqhkiG9w0BAQUFADA2MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEgU1NMIENBMB4XDTE0MDMxMTAwMDAwMFoXDTE3MDQzMDIzNTk1OVowOTEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRQwEgYDVQQDEwtpZHAuc3VuaS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMB0RS/jwsLGyG8DB8mIqgzTcEwb5P/7y9beizxgvlJc3dbauQogUIwZtsUn2q7qbV5h66c68bl8fi+JhtJYWXXu/rA9d6i4cQSdKXJPTMAss2ZobcRmnVSDrj0ZTJ5+JBe+fuYI3cDaLy5rGz9PcgxqINcjM4wW01pKjnZzrVqbJ1dsSfWzU5AkMwVS+10UjQYLSeHg/2PAgfDRovqTqTfMpF16DXwx+OcqnJY2yN0JcpVggQNOE9a4y9L6qe0SYbbTlqbrlrz/X+0e4gQ8sjif4PdB4AXVb0dP9D3pjfLXim8leVarNN2knOPZmmFYWKEBNS5KHlkSnHFIyNFof3UCAwEAAaOCAWgwggFkMB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdXR+qQ47ntMB0GA1UdDgQWBBT3yAYidugFyhjhPMuNGIu6pA6hfzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICHTAIBgZngQwBAgEwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcmwwbQYIKwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAChilodHRwOi8vY3J0LnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNydDAmBggrBgEFBQcwAYYaaHR0cDovL29jc3AudGNzLnRlcmVuYS5vcmcwFgYDVR0RBA8wDYILaWRwLnN1bmkuc2UwDQYJKoZIhvcNAQEFBQADggEBAAdzCLw9BLbfTeYy0fLEWT4nrH5oBJ7G1Si/vdf8dvQlUF8gbtizKI/c7871smaPHge5DdwUwY9vqRkRrzeiM/mGUSgUCkN56Y17eTzmbvRQ6EPjpiZ/dlTBycedq2TmnxLM1VbO9Xx3rK07YdSdDn+y+n4GNJlL4NCED/rVDdsEBoy+nmztLLolGztRZPv8xLbCdE2vompEA7sbDsBv4hNCjsuVSCt8FlX3rz3uqaaNcG3r5tQ8VHtrQ7xCCRScSfoYoI0sgwE5BtThwDAi1arLp/tHN5Ow500zq4m8LZEdmGBZ56M3kIHEn1n8UOUlCMWYtYw1rIhX9FYyT8Dn2bY= - - - - - - - MIIEYzCCA0ugAwIBAgIQZHPOuyVURJge5wdOa1kfEzANBgkqhkiG9w0BAQUFADA2MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEgU1NMIENBMB4XDTE0MDMxMTAwMDAwMFoXDTE3MDQzMDIzNTk1OVowOTEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRQwEgYDVQQDEwtpZHAuc3VuaS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMB0RS/jwsLGyG8DB8mIqgzTcEwb5P/7y9beizxgvlJc3dbauQogUIwZtsUn2q7qbV5h66c68bl8fi+JhtJYWXXu/rA9d6i4cQSdKXJPTMAss2ZobcRmnVSDrj0ZTJ5+JBe+fuYI3cDaLy5rGz9PcgxqINcjM4wW01pKjnZzrVqbJ1dsSfWzU5AkMwVS+10UjQYLSeHg/2PAgfDRovqTqTfMpF16DXwx+OcqnJY2yN0JcpVggQNOE9a4y9L6qe0SYbbTlqbrlrz/X+0e4gQ8sjif4PdB4AXVb0dP9D3pjfLXim8leVarNN2knOPZmmFYWKEBNS5KHlkSnHFIyNFof3UCAwEAAaOCAWgwggFkMB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdXR+qQ47ntMB0GA1UdDgQWBBT3yAYidugFyhjhPMuNGIu6pA6hfzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICHTAIBgZngQwBAgEwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcmwwbQYIKwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAChilodHRwOi8vY3J0LnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNydDAmBggrBgEFBQcwAYYaaHR0cDovL29jc3AudGNzLnRlcmVuYS5vcmcwFgYDVR0RBA8wDYILaWRwLnN1bmkuc2UwDQYJKoZIhvcNAQEFBQADggEBAAdzCLw9BLbfTeYy0fLEWT4nrH5oBJ7G1Si/vdf8dvQlUF8gbtizKI/c7871smaPHge5DdwUwY9vqRkRrzeiM/mGUSgUCkN56Y17eTzmbvRQ6EPjpiZ/dlTBycedq2TmnxLM1VbO9Xx3rK07YdSdDn+y+n4GNJlL4NCED/rVDdsEBoy+nmztLLolGztRZPv8xLbCdE2vompEA7sbDsBv4hNCjsuVSCt8FlX3rz3uqaaNcG3r5tQ8VHtrQ7xCCRScSfoYoI0sgwE5BtThwDAi1arLp/tHN5Ow500zq4m8LZEdmGBZ56M3kIHEn1n8UOUlCMWYtYw1rIhX9FYyT8Dn2bY= - - - - - - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent - urn:oasis:names:tc:SAML:2.0:nameid-format:transient - - - - + + suni.se + - suni.se + suni.se @@ -635,13 +21,13 @@ - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress urn:oasis:names:tc:SAML:2.0:nameid-format:persistent urn:oasis:names:tc:SAML:2.0:nameid-format:transient + @@ -664,50 +50,14 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + Södertörns högskola @@ -717,7 +67,7 @@ Tomas Legat - tomas.legat@sh.se - 08-6084000 + mailto:server@sh.se + +46(0)86084000 -- cgit v1.2.3