<?xml version="1.0" encoding="UTF-8"?> <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://uat-adfs.geant.net/adfs/services/trust"> <!-- This is a ADFS SP for GÉANT Limited. --> <Extensions> <mdrpi:RegistrationInfo xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" registrationAuthority="http://ukfederation.org.uk" registrationInstant="2014-02-11T17:06:35Z"> <mdrpi:RegistrationPolicy xml:lang="en">http://ukfederation.org.uk/doc/mdrps-20130902</mdrpi:RegistrationPolicy> </mdrpi:RegistrationInfo> </Extensions> <SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <Extensions> <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> <mdui:DisplayName xml:lang="en">GÉANT ADFS (User Acceptance Test)</mdui:DisplayName> <mdui:Description xml:lang="en">Active Directory Federation Service (UAT) for GÉANT Intranet.</mdui:Description> </mdui:UIInfo> </Extensions> <KeyDescriptor use="encryption"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate> MIIIojCCB4qgAwIBAgIQfoxrYI8bPClvLVhlQwiU/zANBgkqhkiG9w0BAQUFADA2 MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEg U1NMIENBMB4XDTE0MDIwNDAwMDAwMFoXDTE3MDIwMzIzNTk1OVowPzEhMB8GA1UE CxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRowGAYDVQQDExF1YXQtd3d3Lmdl YW50Lm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL5OW7kGWzND Q5/5RlPlHElH9zXF1L53YVLmi7PCVGgRcUW9X5EH/9obrP4c0MzdlGbC7RYf+9mK 77P1ApSlTi00FA7LS4Wf5JythfHvs1YqJQRz1RU8r+AFV4p65UpafSKnk8mx0vcb KcOyo5cMUhhAt72v8rMzMXlNQk9+tM5liLdwOViLUJCRp6ZbwPj2gt+MDWzV8jC3 MWmK7OSW19FNOzj3yMlrTnUDDu1J5R8/ICocUzrRDAyq4PdtbAWu2UdbZdfu/ISi Wg7w1CGIhWJMgM4bzZLl02KCo3yEtvLvRuH6u1JUlqFtbV1pDNQ4dW4rrmWuNWgx hWP0Vh5vWdsCAwEAAaOCBaEwggWdMB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdX R+qQ47ntMB0GA1UdDgQWBBT8CQHkvrrktHXoJLNb7Az5h7kqTTAOBgNVHQ8BAf8E BAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH AwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICHTAIBgZngQwBAgEwOgYDVR0fBDMw MTAvoC2gK4YpaHR0cDovL2NybC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5j cmwwbQYIKwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAChilodHRwOi8vY3J0LnRjcy50 ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNydDAmBggrBgEFBQcwAYYaaHR0cDovL29j c3AudGNzLnRlcmVuYS5vcmcwggRNBgNVHREEggREMIIEQIIRdWF0LXd3dy5nZWFu dC5uZXSCEnVhdC1hZGZzLmRhbnRlLm5ldIISdWF0LWFkZnMuZ2VhbnQubmV0ghV1 YXQtYXJjaGl2ZS5kYW50ZS5uZXSCFnVhdC1hdXRvYmFobi5nZWFudC5uZXSCEXVh dC1ib2QuZ2VhbnQubmV0ghN1YXQtY2FyZW4uZGFudGUubmV0ghN1YXQtY2xvdWQu Z2VhbnQubmV0ghR1YXQtY2xvdWRzLmdlYW50Lm5ldIISdWF0LWNuaXMuZ2VhbnQu bmV0ghd1YXQtY29tbXVuaXR5LmRhbnRlLm5ldIIXdWF0LWNvbW11bml0eS5nZWFu dC5uZXSCEHVhdC1lYy5kYW50ZS5uZXSCEHVhdC1lYy5nZWFudC5uZXSCFXVhdC1l ZHVjb25mLmdlYW50Lm5ldIIVdWF0LWVkdWdhaW4uZ2VhbnQubmV0ghV1YXQtZWR1 cGVydC5nZWFudC5uZXSCFHVhdC1lZHVwa2kuZ2VhbnQubmV0ghB1YXQtZXUuZGFu dGUubmV0ghB1YXQtZXUuZ2VhbnQubmV0giV1YXQtZ2VhbnQzLWludHJhbmV0LmFy Y2hpdmUuZ2VhbnQubmV0ghx1YXQtZ2VhbnQzLmFyY2hpdmUuZ2VhbnQubmV0ghJ1 YXQtZ2lkcC5nZWFudC5uZXSCFXVhdC1pLXNoYXJlLmdlYW50Lm5ldIIddWF0LWlu dHJhbmV0LmFmcmljYWNvbm5lY3QuZXWCHHVhdC1pbnRyYW5ldC5jYXJlbi5kYW50 ZS5uZXSCFnVhdC1pbnRyYW5ldC5kYW50ZS5uZXSCHnVhdC1pbnRyYW5ldC5ldW1l ZGNvbm5lY3QzLm5ldIIWdWF0LWludHJhbmV0LmdlYW50Lm5ldIIWdWF0LWludHJh bmV0LnRlaW4zLm5ldIISdWF0LW1kc2QuZ2VhbnQubmV0ghJ1YXQtbmV3cy5kYW50 ZS5uZXSCEnVhdC1uZXdzLmdlYW50Lm5ldIIVdWF0LXBhcnRuZXIuZ2VhbnQubmV0 ghd1YXQtcGVyZnNvbmFyLmdlYW50Lm5ldIIRdWF0LXBsbS5nZWFudC5uZXSCFnVh dC1zZXJ2aWNlcy5nZWFudC5uZXSCGHVhdC13YXZlbGVuZ3RoLmdlYW50Lm5ldIIW dWF0LXdlYmxvZ2luLmRhbnRlLm5ldIIWdWF0LXdlYmxvZ2luLmdlYW50Lm5ldIIX dWF0LXdlYmxvZ2luMi5kYW50ZS5uZXSCF3VhdC13ZWJsb2dpbjIuZ2VhbnQubmV0 ghh1YXQtd3d3LmFmcmljYWNvbm5lY3QuZXWCEXVhdC13d3cuZGFudGUubmV0ghl1 YXQtd3d3LmV1bWVkY29ubmVjdDMubmV0ghV1YXQtd3d3LmdlYW50b3Blbi5uZXSC EXVhdC13d3cudGVpbjMubmV0MA0GCSqGSIb3DQEBBQUAA4IBAQCBhFhaVetfTvO6 i09vIxNWRlO5kFxXzeVDuHbm351hshNBdkKn+wIynpGOr55RrbO9N3DeupyxD7yL bAOmoo72KXi1hfWfHavmKEn4eYbkvGfa6tWhudLWUg53R2ddXFlEpjR476Ydw4K0 GxbHcI1+XRKqrKEaxbqxhonQL98tW3QPLMTApJgQ4pyP3WY/jTW4B24Y7mrVNIIq eTvZVDJJOberCcq9MDxZsF5RYOeVgKpkuT8XbDr4xKXkgmmGRsMx3eRKntEj7EfC 0eNbLLVlydzw/rOP2UPXDsSmb8DEUMD12OSi+Nq7/0MBgmYtNqesmiqI2cxmjIE9 MuFyz7mc </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </KeyDescriptor> <KeyDescriptor use="signing"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate> MIIIojCCB4qgAwIBAgIQfoxrYI8bPClvLVhlQwiU/zANBgkqhkiG9w0BAQUFADA2 MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEg U1NMIENBMB4XDTE0MDIwNDAwMDAwMFoXDTE3MDIwMzIzNTk1OVowPzEhMB8GA1UE CxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRowGAYDVQQDExF1YXQtd3d3Lmdl YW50Lm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL5OW7kGWzND Q5/5RlPlHElH9zXF1L53YVLmi7PCVGgRcUW9X5EH/9obrP4c0MzdlGbC7RYf+9mK 77P1ApSlTi00FA7LS4Wf5JythfHvs1YqJQRz1RU8r+AFV4p65UpafSKnk8mx0vcb KcOyo5cMUhhAt72v8rMzMXlNQk9+tM5liLdwOViLUJCRp6ZbwPj2gt+MDWzV8jC3 MWmK7OSW19FNOzj3yMlrTnUDDu1J5R8/ICocUzrRDAyq4PdtbAWu2UdbZdfu/ISi Wg7w1CGIhWJMgM4bzZLl02KCo3yEtvLvRuH6u1JUlqFtbV1pDNQ4dW4rrmWuNWgx hWP0Vh5vWdsCAwEAAaOCBaEwggWdMB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdX R+qQ47ntMB0GA1UdDgQWBBT8CQHkvrrktHXoJLNb7Az5h7kqTTAOBgNVHQ8BAf8E BAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH AwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICHTAIBgZngQwBAgEwOgYDVR0fBDMw MTAvoC2gK4YpaHR0cDovL2NybC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5j cmwwbQYIKwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAChilodHRwOi8vY3J0LnRjcy50 ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNydDAmBggrBgEFBQcwAYYaaHR0cDovL29j c3AudGNzLnRlcmVuYS5vcmcwggRNBgNVHREEggREMIIEQIIRdWF0LXd3dy5nZWFu dC5uZXSCEnVhdC1hZGZzLmRhbnRlLm5ldIISdWF0LWFkZnMuZ2VhbnQubmV0ghV1 YXQtYXJjaGl2ZS5kYW50ZS5uZXSCFnVhdC1hdXRvYmFobi5nZWFudC5uZXSCEXVh dC1ib2QuZ2VhbnQubmV0ghN1YXQtY2FyZW4uZGFudGUubmV0ghN1YXQtY2xvdWQu Z2VhbnQubmV0ghR1YXQtY2xvdWRzLmdlYW50Lm5ldIISdWF0LWNuaXMuZ2VhbnQu bmV0ghd1YXQtY29tbXVuaXR5LmRhbnRlLm5ldIIXdWF0LWNvbW11bml0eS5nZWFu dC5uZXSCEHVhdC1lYy5kYW50ZS5uZXSCEHVhdC1lYy5nZWFudC5uZXSCFXVhdC1l ZHVjb25mLmdlYW50Lm5ldIIVdWF0LWVkdWdhaW4uZ2VhbnQubmV0ghV1YXQtZWR1 cGVydC5nZWFudC5uZXSCFHVhdC1lZHVwa2kuZ2VhbnQubmV0ghB1YXQtZXUuZGFu dGUubmV0ghB1YXQtZXUuZ2VhbnQubmV0giV1YXQtZ2VhbnQzLWludHJhbmV0LmFy Y2hpdmUuZ2VhbnQubmV0ghx1YXQtZ2VhbnQzLmFyY2hpdmUuZ2VhbnQubmV0ghJ1 YXQtZ2lkcC5nZWFudC5uZXSCFXVhdC1pLXNoYXJlLmdlYW50Lm5ldIIddWF0LWlu dHJhbmV0LmFmcmljYWNvbm5lY3QuZXWCHHVhdC1pbnRyYW5ldC5jYXJlbi5kYW50 ZS5uZXSCFnVhdC1pbnRyYW5ldC5kYW50ZS5uZXSCHnVhdC1pbnRyYW5ldC5ldW1l ZGNvbm5lY3QzLm5ldIIWdWF0LWludHJhbmV0LmdlYW50Lm5ldIIWdWF0LWludHJh bmV0LnRlaW4zLm5ldIISdWF0LW1kc2QuZ2VhbnQubmV0ghJ1YXQtbmV3cy5kYW50 ZS5uZXSCEnVhdC1uZXdzLmdlYW50Lm5ldIIVdWF0LXBhcnRuZXIuZ2VhbnQubmV0 ghd1YXQtcGVyZnNvbmFyLmdlYW50Lm5ldIIRdWF0LXBsbS5nZWFudC5uZXSCFnVh dC1zZXJ2aWNlcy5nZWFudC5uZXSCGHVhdC13YXZlbGVuZ3RoLmdlYW50Lm5ldIIW dWF0LXdlYmxvZ2luLmRhbnRlLm5ldIIWdWF0LXdlYmxvZ2luLmdlYW50Lm5ldIIX dWF0LXdlYmxvZ2luMi5kYW50ZS5uZXSCF3VhdC13ZWJsb2dpbjIuZ2VhbnQubmV0 ghh1YXQtd3d3LmFmcmljYWNvbm5lY3QuZXWCEXVhdC13d3cuZGFudGUubmV0ghl1 YXQtd3d3LmV1bWVkY29ubmVjdDMubmV0ghV1YXQtd3d3LmdlYW50b3Blbi5uZXSC EXVhdC13d3cudGVpbjMubmV0MA0GCSqGSIb3DQEBBQUAA4IBAQCBhFhaVetfTvO6 i09vIxNWRlO5kFxXzeVDuHbm351hshNBdkKn+wIynpGOr55RrbO9N3DeupyxD7yL bAOmoo72KXi1hfWfHavmKEn4eYbkvGfa6tWhudLWUg53R2ddXFlEpjR476Ydw4K0 GxbHcI1+XRKqrKEaxbqxhonQL98tW3QPLMTApJgQ4pyP3WY/jTW4B24Y7mrVNIIq eTvZVDJJOberCcq9MDxZsF5RYOeVgKpkuT8XbDr4xKXkgmmGRsMx3eRKntEj7EfC 0eNbLLVlydzw/rOP2UPXDsSmb8DEUMD12OSi+Nq7/0MBgmYtNqesmiqI2cxmjIE9 MuFyz7mc </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </KeyDescriptor> <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://uat-adfs.geant.net/adfs/ls/"/> <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://uat-adfs.geant.net/adfs/ls/"/> <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat> <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat> <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://uat-adfs.geant.net/adfs/ls/" index="0" isDefault="true"/> <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://uat-adfs.geant.net/adfs/ls/" index="1"/> <AttributeConsumingService index="1"> <ServiceName xml:lang="en">GÉANT ADFS (User Acceptance Test)</ServiceName> <ServiceDescription xml:lang="en">Active Directory Federation Service (UAT) for GÉANT Intranet.</ServiceDescription> <RequestedAttribute FriendlyName="email" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> <RequestedAttribute FriendlyName="eduPersonAffiliation" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/> <RequestedAttribute FriendlyName="surname" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/> <RequestedAttribute FriendlyName="givenName" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/> <RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> <RequestedAttribute FriendlyName="eduPersonTargetedID" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/> <RequestedAttribute FriendlyName="eduPersonScopedAffiliation" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/> <RequestedAttribute FriendlyName="displayName" Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> <RequestedAttribute FriendlyName="commonName" Name="urn:oid:2.5.4.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/> </AttributeConsumingService> </SPSSODescriptor> <Organization> <OrganizationName xml:lang="en">GÉANT Limited</OrganizationName> <OrganizationDisplayName xml:lang="en">GÉANT Limited</OrganizationDisplayName> <OrganizationURL xml:lang="en">http://www.geant.org/</OrganizationURL> </Organization> <ContactPerson contactType="support"> <GivenName>DANTE IT Support</GivenName> <EmailAddress>mailto:itsupport@geant.org</EmailAddress> </ContactPerson> <ContactPerson contactType="technical"> <GivenName>DANTE IT</GivenName> <EmailAddress>mailto:it@geant.org</EmailAddress> </ContactPerson> </EntityDescriptor>