From e5b3f713d959a7af8fbe9ed83078d9cf74873a33 Mon Sep 17 00:00:00 2001 From: Leif Johansson <leifj@sunet.se> Date: Tue, 15 Feb 2011 14:37:15 +0100 Subject: resolves SWAMIDOPS-6179 --- swamid-1.0.mxml | 1 + swamid-1.0/idp.irf.se.xml | 118 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 119 insertions(+) create mode 100644 swamid-1.0/idp.irf.se.xml diff --git a/swamid-1.0.mxml b/swamid-1.0.mxml index 055fc27a..a5a12334 100644 --- a/swamid-1.0.mxml +++ b/swamid-1.0.mxml @@ -162,4 +162,5 @@ <xi:include href="swamid-1.0/idp2.hig.se.xml"/> <xi:include href="swamid-1.0/login.du.se.xml"/> <xi:include href="nya-1.0/www.antagning.se.xml"/> + <xi:include href="swamid-1.0/idp.irf.se.xml"/> </EntitiesDescriptor> diff --git a/swamid-1.0/idp.irf.se.xml b/swamid-1.0/idp.irf.se.xml new file mode 100644 index 00000000..eb4200c0 --- /dev/null +++ b/swamid-1.0/idp.irf.se.xml @@ -0,0 +1,118 @@ +<EntityDescriptor entityID="https://idp.irf.se/idp/shibboleth" + xmlns="urn:oasis:names:tc:SAML:2.0:metadata" + xmlns:ds="http://www.w3.org/2000/09/xmldsig#" + xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + + <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol"> + + <Extensions> + <shibmd:Scope regexp="false">irf.se</shibmd:Scope> + </Extensions> + + <KeyDescriptor> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate> +MIIDFDCCAfygAwIBAgIVAPBjklkGoYOts1Thq2Tib2SW7KLrMA0GCSqGSIb3DQEB +BQUAMBUxEzARBgNVBAMTCmlkcC5pcmYuc2UwHhcNMTEwMjE1MDgwODE2WhcNMTQw +MjE1MDgwODE2WjAVMRMwEQYDVQQDEwppZHAuaXJmLnNlMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAjjNXbUusdmeG5NOtfesU+e9bWSNnjakDy738JFRd +1gOEHC5WRiQDpD0PLBNotYz3yxrtq9mv/pJ5zc83JpO9C99sNpsehdhhAdUscl1c +BaGpv9RuL/5IHttH2JPEP5Evj4Txp+Cxl9c1C47mUT2BVdDbu24aSrSd+x9tKVs/ +u2rmaRrBFshPe1n6h8pLedI3nEmPNIMh+qklkpG3TWS13KLYZkX5yDahCOcEGe1P +IjTB75Z8CWUiKCOB3vk2YtcCS7y4bZ23KYcNPUF88Dfkmxjg6LsCfzBfaVKKWdTD +cEeSmu8Q3SUA6s6NRdgl1TZzr7VUvG7SGqEZmwf+e/ZGVwIDAQABo1swWTA4BgNV +HREEMTAvggppZHAuaXJmLnNlhiFodHRwczovL2lkcC5pcmYuc2UvaWRwL3NoaWJi +b2xldGgwHQYDVR0OBBYEFFSIYI0CtNOkIx0HH4EyfiV5rQaTMA0GCSqGSIb3DQEB +BQUAA4IBAQAEiYbUXCNu1kTFfRSYeD02223t1YYmBSUjzvOnKrpJQbyRKxl7hwTp +baTmxKu4n8wawUSTzlD8tpZe2wKbAAoE7K2TO89uAKLwTUj3V/oh5qy40DVxNOm7 +9tjhkt0ZVOvFdlBxw+LA/mYTg0H6IcqIcpXEgBenVXK1/RDT5ZEyDT0K/1Badyii +mYoOgJsxQc5+NrGhkqSnw4kSwH5seBEqs5eq/260BjFErYuMvWbElxnMkh/FUJ4T +F84dF7JlnXcS7kJj9sVwzWyEzR4GlpZQLTuucQqAWabMtOe8VDBkTIAj5xdNJgZp +dJt1/U0DjbFQsA/iA4d9R6U7wKQ6rbi2 + + </ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </KeyDescriptor> + + <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" + Location="https://idp.irf.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" + index="1"/> + + <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" + Location="https://idp.irf.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" + index="2"/> + + <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> + + <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" + Location="https://idp.irf.se/idp/profile/Shibboleth/SSO" /> + + <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" + Location="https://idp.irf.se/idp/profile/SAML2/POST/SSO" /> + + <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" + Location="https://idp.irf.se/idp/profile/SAML2/POST-SimpleSign/SSO" /> + + <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" + Location="https://idp.irf.se/idp/profile/SAML2/Redirect/SSO" /> + </IDPSSODescriptor> + + <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol"> + + <Extensions> + <shibmd:Scope regexp="false">irf.se</shibmd:Scope> + </Extensions> + + <KeyDescriptor> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate> +MIIDFDCCAfygAwIBAgIVAPBjklkGoYOts1Thq2Tib2SW7KLrMA0GCSqGSIb3DQEB +BQUAMBUxEzARBgNVBAMTCmlkcC5pcmYuc2UwHhcNMTEwMjE1MDgwODE2WhcNMTQw +MjE1MDgwODE2WjAVMRMwEQYDVQQDEwppZHAuaXJmLnNlMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAjjNXbUusdmeG5NOtfesU+e9bWSNnjakDy738JFRd +1gOEHC5WRiQDpD0PLBNotYz3yxrtq9mv/pJ5zc83JpO9C99sNpsehdhhAdUscl1c +BaGpv9RuL/5IHttH2JPEP5Evj4Txp+Cxl9c1C47mUT2BVdDbu24aSrSd+x9tKVs/ +u2rmaRrBFshPe1n6h8pLedI3nEmPNIMh+qklkpG3TWS13KLYZkX5yDahCOcEGe1P +IjTB75Z8CWUiKCOB3vk2YtcCS7y4bZ23KYcNPUF88Dfkmxjg6LsCfzBfaVKKWdTD +cEeSmu8Q3SUA6s6NRdgl1TZzr7VUvG7SGqEZmwf+e/ZGVwIDAQABo1swWTA4BgNV +HREEMTAvggppZHAuaXJmLnNlhiFodHRwczovL2lkcC5pcmYuc2UvaWRwL3NoaWJi +b2xldGgwHQYDVR0OBBYEFFSIYI0CtNOkIx0HH4EyfiV5rQaTMA0GCSqGSIb3DQEB +BQUAA4IBAQAEiYbUXCNu1kTFfRSYeD02223t1YYmBSUjzvOnKrpJQbyRKxl7hwTp +baTmxKu4n8wawUSTzlD8tpZe2wKbAAoE7K2TO89uAKLwTUj3V/oh5qy40DVxNOm7 +9tjhkt0ZVOvFdlBxw+LA/mYTg0H6IcqIcpXEgBenVXK1/RDT5ZEyDT0K/1Badyii +mYoOgJsxQc5+NrGhkqSnw4kSwH5seBEqs5eq/260BjFErYuMvWbElxnMkh/FUJ4T +F84dF7JlnXcS7kJj9sVwzWyEzR4GlpZQLTuucQqAWabMtOe8VDBkTIAj5xdNJgZp +dJt1/U0DjbFQsA/iA4d9R6U7wKQ6rbi2 + + </ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </KeyDescriptor> + + <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" + Location="https://idp.irf.se:8443/idp/profile/SAML1/SOAP/AttributeQuery" /> + + <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" + Location="https://idp.irf.se:8443/idp/profile/SAML2/SOAP/AttributeQuery" /> + + <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> + + </AttributeAuthorityDescriptor> + <Organization> + <OrganizationName xml:lang="en">IRFTEST</OrganizationName> + <OrganizationDisplayName xml:lang="en">Institutet för Rymdfysik (TEST)</OrganizationDisplayName> + <OrganizationURL xml:lang="en">http://www.irf.se</OrganizationURL> + </Organization> + <ContactPerson contactType="technical"> + <GivenName>Mats</GivenName> + <SurName>Luspa</SurName> + <EmailAddress>matsl@irf.se</EmailAddress> + </ContactPerson> + +</EntityDescriptor> -- cgit v1.2.3