blob: b37b20bd9feb0fe08e442601a1d2e31778461f96 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
|
<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://idportal.test.ki.se/shibboleth">
<md:Extensions>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
<mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/" registrationInstant="2023-10-25T11:57:21Z">
<mdrpi:RegistrationPolicy xml:lang="en">http://swamid.se/policy/mdrps</mdrpi:RegistrationPolicy>
</mdrpi:RegistrationInfo>
</md:Extensions>
<md:SPSSODescriptor AuthnRequestsSigned="1" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:Extensions>
<mdui:UIInfo>
<mdui:DisplayName xml:lang="en">Karolinska Institutet ID Portal (test)</mdui:DisplayName>
<mdui:DisplayName xml:lang="sv">Karolinska Institutet ID-portal (test)</mdui:DisplayName>
<mdui:Logo xml:lang="en" height="100" width="200">https://login.ki.se/images/KI_digital_logotyp_positiv_RGB.svg</mdui:Logo>
<mdui:Logo xml:lang="sv" height="100" width="200">https://login.ki.se/images/KI_digital_logotyp_positiv_RGB.svg</mdui:Logo>
<mdui:Description xml:lang="en">Portal for activating and verifying Karolinska Institutet accounts</mdui:Description>
<mdui:Description xml:lang="sv">Portal för aktivering och verifiering av konton hos Karolinska Institutet</mdui:Description>
<mdui:InformationURL xml:lang="sv">https://idportal.test.ki.se</mdui:InformationURL>
<mdui:InformationURL xml:lang="en">https://idportal.test.ki.se</mdui:InformationURL>
<mdui:PrivacyStatementURL xml:lang="sv">https://idportal.ki.se/pp_sv.html</mdui:PrivacyStatementURL>
<mdui:PrivacyStatementURL xml:lang="en">https://idportal.ki.se/pp_en.html</mdui:PrivacyStatementURL>
</mdui:UIInfo>
<init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://idportal.test.ki.se/Shibboleth.sso/Login"/>
</md:Extensions>
<md:KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:KeyName>kitstauth01.test.ki.se</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=kitstauth01.test.ki.se</ds:X509SubjectName>
<ds:X509Certificate>MIIEFDCCAnygAwIBAgIUY4FeTq0u11nQV9g3qKdpDdmDiAYwDQYJKoZIhvcNAQEL
BQAwITEfMB0GA1UEAxMWa2l0c3RhdXRoMDEudGVzdC5raS5zZTAeFw0yMzAyMjgx
NjQ4NTBaFw0zMzAyMjUxNjQ4NTBaMCExHzAdBgNVBAMTFmtpdHN0YXV0aDAxLnRl
c3Qua2kuc2UwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCk8oNlmPlX
G8p31d5Z/d+v1ONmqOvbhfGrUuxPmper1qIcTweWKPch2jad1onIqnDKsprZnJ96
ne0Z2qs0kwz7OHSL/z1rd2u0yjl2uYcgbvXSJXNQMlprnvdVgnhZ3xvJDwyrXc/e
eVoxco6zeCkux/emD9y5tJIBydoyxtsXOMKgBuisp23uwe3QBnWqyx2gnQDEXeVn
FasFEI2d5TGjIDroG1b3lHCnComTDft33o6CmNUdLKfdE3KrP87WZDilbqb8lJBM
So9pKVe8NhpHG1jTBFJp98xQi6jP+RoWH82SKgW0Ri1EHeqjxq6vFlci5HQfp1x1
RURofUG7espWmwK+1c3VIoZGpg33qNoWKE11i4BCD/RMCNzXqefNM4CXSBXmAivG
z+bLIX0wjB3L0juvM6clyvENwjvyWRBSC8nzuKJ0a6yzMVeSp3s5vx7JALYMA5Ki
gMiq2QgArt0rM0Pu70Wk2wJrXO3XqtVXvyg28IgSjFdVxau6fBkcRn8CAwEAAaNE
MEIwIQYDVR0RBBowGIIWa2l0c3RhdXRoMDEudGVzdC5raS5zZTAdBgNVHQ4EFgQU
weOatJUcO0fSa+QCoSI/pp7Gle4wDQYJKoZIhvcNAQELBQADggGBAAI+sp1e9Sc5
3dJIJ0gSpa7HUxCnwTaBNlSGMbgabTQfXknbCNy4dF/Yzj1V+YqCCism4Cx0uctp
8WUdzcM43XgZ/D7CUZTCZYcKpBjfVVr2ToY9S+Xr6ytv3lq+kWG/CemP17H9uV5b
b2VggoVxcTaQysUzQIdb8dlp4B10/8V2oIBYOrfyPXdF5frAwgpz4tNH3vLMoUk/
KAQZ67emZ3mznMVTrVDWfb3P+0S/yOq3i59x9wFlXeiSDQ8/YRjVtmkmEIKP/Q/v
0LDXotoA+tn8/xScvbQmuagZLYI/Z2K0lLJ/XdGMgG86hGXMr1HaX61Ymo4mQx7f
D43ezv3BRYCdZ23hSzdSrjORtO6kZ4J+2Up4dQ9sdOiRpSnH7LLIu/vNGl149NKB
OjM+8JK7+L3mmVoFoEeBVXUJMfJT21bqC37dZGz6cE45v+dibDQsmmCXwrYKhjgg
V0Gv90/qIWeWq4BXkrh/Me0ijYYOt4Pd7Ld9VM0i7I5oYU2ws2pJYg==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:KeyDescriptor use="encryption">
<ds:KeyInfo>
<ds:KeyName>kitstauth01.test.ki.se</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=kitstauth01.test.ki.se</ds:X509SubjectName>
<ds:X509Certificate>MIIEFDCCAnygAwIBAgIURll1OwMnEXtEDyooIv09DGDb4eAwDQYJKoZIhvcNAQEL
BQAwITEfMB0GA1UEAxMWa2l0c3RhdXRoMDEudGVzdC5raS5zZTAeFw0yMzAyMjgx
NjQ4NDhaFw0zMzAyMjUxNjQ4NDhaMCExHzAdBgNVBAMTFmtpdHN0YXV0aDAxLnRl
c3Qua2kuc2UwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCfOTiI9hYQ
5kTy9chewbAlQ8jt+9TIPQ21NuVjnfAg2WsNpXLHlGLS/gz5KIP/T0JDX9ndmPl7
oCy/gNM+MywduHuwxKhI/7+6l02aAf39o5t21b4mnqUJyfG3kHEBRNR9PEP3AVef
0v6Ym4Pc0rv6J6IpRepmcIUVR5YlDfqk5yNqITgw5RhKDrZexpjBSK0OJGNe3XTT
3xO16mZPKnqH9S6MNFXOLwBHG+gHJ59f/o+UqaIn7Y6///zN9L6IVzoaP3HRNAkf
hFmqikb6RzBDgB60rf8xM3pdcGmUNpwHzOMMY+HkS/oFEtc6hkpdfsN13PbOo8Ck
BEobRdcKd7SlgVk5qlTec98ZmyghtFyk+8lP6EtCr9+DSjjUWzQiSnZhP4npREgt
A8ZKoNIYSOPPnYUnWHNPIPZjcj6lFod7177e9fwUOf++0bVuw1KkPBGG22OVh9G+
2/xJwYDTkJWpZ1dq4kLetGuCbxYi3LyJmmOIxASDC0pbMr9AlMtAk7sCAwEAAaNE
MEIwIQYDVR0RBBowGIIWa2l0c3RhdXRoMDEudGVzdC5raS5zZTAdBgNVHQ4EFgQU
fby4vDGw07T13zynBtnd3pzoFGQwDQYJKoZIhvcNAQELBQADggGBAGb/i4H0BvcQ
fTaw5JdIfwrHVR64kuhgqIq1wWHToOaF3HHs9RtIn1JafBCF3tnPU8oQuq4Nl9pY
NVUhrfV6GynGj2KTkWCem9ZszUTHGipJzAZhmqr2/hGXHXr4pZI6BBYEsT4u7Zya
TGbyT9uAw75bbjfxq7y5/o7+vaQbinvwI9z4HMLDYGTy4J+vuq5sK1PQ0MmvSmUs
Jm7JOUNN2XAZ/aqwtZQb+viAWgh/s//kCmqsFhqxojJMjuV2bP9gddCXAGCFuZOe
XYyh7vf47WQeUh8z1keRCEze0mcVJIHah7ECuNjJX48PAll79xdsNt5IdG8teucy
RC8+vm2d/+DHJbSsSJcI7YsX/tLlrfCZzpSrkBJWmBQfFqpNm0/+nl1AkVpHaYHl
yD1cZxKGKblHafNxKzAHPjGcwwTOqA4hwF8RXHG9NO/AkBfl4d7eLqjJLb3CINQ0
gIPKD9Y1PGRtHQCuKA3wiDl5gMSk8Kahq31M7Vw1ZrNaF4GXwybZlA==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
</md:KeyDescriptor>
<md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idportal.test.ki.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idportal.test.ki.se/Shibboleth.sso/SLO/SOAP"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idportal.test.ki.se/Shibboleth.sso/SLO/Redirect"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idportal.test.ki.se/Shibboleth.sso/SLO/POST"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://idportal.test.ki.se/Shibboleth.sso/SLO/Artifact"/>
<md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
<md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idportal.test.ki.se/Shibboleth.sso/SAML2/POST" index="1"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idportal.test.ki.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://idportal.test.ki.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://idportal.test.ki.se/Shibboleth.sso/SAML2/ECP" index="4"/>
<md:AttributeConsumingService index="1" isDefault="true">
<md:ServiceName xml:lang="en">ID Portal (test)</md:ServiceName>
<md:ServiceName xml:lang="sv">ID Portal (test)</md:ServiceName>
<md:RequestedAttribute FriendlyName="eduPersonAssurance" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="norEduPersonNIN" Name="urn:oid:1.3.6.1.4.1.2428.90.1.5" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
</md:AttributeConsumingService>
</md:SPSSODescriptor>
<md:Organization>
<md:OrganizationName xml:lang="en">Karolinska Institutet</md:OrganizationName>
<md:OrganizationName xml:lang="sv">Karolinska Institutet</md:OrganizationName>
<md:OrganizationDisplayName xml:lang="en">Karolinska Institutet</md:OrganizationDisplayName>
<md:OrganizationDisplayName xml:lang="sv">Karolinska Institutet</md:OrganizationDisplayName>
<md:OrganizationURL xml:lang="en">https://ki.se</md:OrganizationURL>
<md:OrganizationURL xml:lang="sv">https://ki.se</md:OrganizationURL>
</md:Organization>
<md:ContactPerson contactType="technical">
<md:EmailAddress>mailto:selfservice@ki.se</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson contactType="support">
<md:EmailAddress>mailto:selfservice@ki.se</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson contactType="administrative">
<md:EmailAddress>mailto:selfservice@ki.se</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson xmlns:remd="http://refeds.org/metadata" contactType="other" remd:contactType="http://refeds.org/metadata/contactType/security">
<md:GivenName>Security Response Team</md:GivenName>
<md:EmailAddress>mailto:selfservice@ki.se</md:EmailAddress>
</md:ContactPerson>
</md:EntityDescriptor>
|