blob: 7cc4b0896ccf9f89d92bfcad13e6fd78d7210574 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
|
<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://passport.lu.se/SAML2/shibboleth">
<md:Extensions>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
<mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/" registrationInstant="2024-02-12T12:20:47Z">
<mdrpi:RegistrationPolicy xml:lang="en">http://swamid.se/policy/mdrps</mdrpi:RegistrationPolicy>
</mdrpi:RegistrationInfo>
<mdattr:EntityAttributes>
<samla:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<samla:AttributeValue>https://refeds.org/category/code-of-conduct/v2</samla:AttributeValue>
<samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue>
</samla:Attribute>
</mdattr:EntityAttributes>
</md:Extensions>
<md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:Extensions>
<init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://nyapassport.lu.se/Shibboleth.sso/Login"/>
<mdui:UIInfo>
<mdui:DisplayName xml:lang="sv">Lund universitets kontoaktivering och lösenordsåterställning</mdui:DisplayName>
<mdui:DisplayName xml:lang="en">Lund University user account activation and password reset</mdui:DisplayName>
<mdui:Description xml:lang="sv">Denna tjänst används för att du som ny vid universitetet ska kunna aktivera ditt användarkonto vid universitetet.</mdui:Description>
<mdui:Description xml:lang="en">As a new user you use this service to activate your university user account.</mdui:Description>
<mdui:InformationURL xml:lang="sv">https://nyapassport.lu.se</mdui:InformationURL>
<mdui:InformationURL xml:lang="en">https://nyapassport.lu.se</mdui:InformationURL>
<mdui:PrivacyStatementURL xml:lang="sv">https://passport.lu.se/privacy/</mdui:PrivacyStatementURL>
<mdui:PrivacyStatementURL xml:lang="en">https://passport.lu.se/privacy/</mdui:PrivacyStatementURL>
</mdui:UIInfo>
</md:Extensions>
<md:KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:KeyName>https://passport.lu.se/SAML2/shibboleth</ds:KeyName>
<ds:KeyName>passport.lu.se</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=passport.lu.se</ds:X509SubjectName>
<ds:X509Certificate>MIIFJTCCAw2gAwIBAgIUXrykXcE1GoDoQzebhaf3ebOAlp0wDQYJKoZIhvcNAQEL
BQAwGTEXMBUGA1UEAxMOcGFzc3BvcnQubHUuc2UwHhcNMjQwMjA2MTMxMjIyWhcN
MzQwMjAzMTMxMjIyWjAZMRcwFQYDVQQDEw5wYXNzcG9ydC5sdS5zZTCCAiIwDQYJ
KoZIhvcNAQEBBQADggIPADCCAgoCggIBAJbM1MW7CrYLUANFcNuvyT3n3Cuf7s8T
ExftIZbHWir0a/RQaV86YkyzF4WJ6hcg/6oFSm/mIOrVuOPAhYjJ99zmiDSy4yXd
xmHfUqqd9l8Jt4eQBsgZR1u1WXWe2gE6Z6ptl2pZKJ/94hibzJtB1HSsWLvUkk/O
BEJ9ant2r6W89V6e9vdA3l0TFfaRlfgdHiKGPqKgiTqTFA8j/sZHfJ+dM54CPsA5
2Oo+raSerMmiJno5mwyufaLlmV5w+P1Y2qnuDq6zvoq+0ch8knGq1E8ta5s1gC4P
3ug3JW8czOXAAsTCjnBlPDXwlLmWwhpMNqfAXbl19MR87mAMCbcK45ZUalq02FjU
uKqarD1qJeP90SSdvh4cNzTjjcEPFchw9vjKZQ77MxrSPyQc7sdb98u3dk1CYx2g
zsIkFZm6oxM8evfPDHEM5d7PcBWl74VDlNsE9fISoaDK/CfPKmJfA7GyKICNkDDp
Zb0UgUlV6uLa0SZlH1f+5eawtD6xfC+CeOmxZRzeM/4axlKc8/wjC8zo18qOo3Ll
yZM7gvgTpGrdHibTttxIYpxXKxPh3hTrZjbKng2nGe254pCIDGqRb1spY7uYsbRD
Ne+vUvqfAx2Lxn20QLhMU4zUgINKKtdTa8KGC54udiEalWl+8SOQ9BGK1SZZ55Wg
WS7Qsb4z1Qk1AgMBAAGjZTBjMEIGA1UdEQQ7MDmCDnBhc3Nwb3J0Lmx1LnNlhido
dHRwczovL3Bhc3Nwb3J0Lmx1LnNlL1NBTUwyL3NoaWJib2xldGgwHQYDVR0OBBYE
FIg9rYX7G5NI59Mjj0LTJPeKxZlrMA0GCSqGSIb3DQEBCwUAA4ICAQA6P1D7KGuB
5ofsPMW79IWfZdxmgWJvicQjsM6eBRw9jIlvTYO9aUdHugnULUBKPtOuIEIyBBMd
sxm4tgsM4r52gPlrygykasgCMg0fYHRibgeCHcUrXx8ZmDvTmmZTD8+iNgG/rVo0
rm8Y04qsUJs3bme1yCnwt3O/oqn/ekwt2GwEST9DkOBx0TQz1orG7n28uxuBZe9L
Yo65thNKnSDhLPH0GIBxcsoLpsS7RuxyV6kQmAZp0t2jkAdXj2GiKLBkrrLJ5JP7
/jhaNPHwuJGTWN0ZG+jBWZAatIZhfUGPXRCcaZ/Ta/gj+hQLnatx6n6++IFOjHRo
Ce9+ou1Scj5lfuU5rZeByBwpNqVuLROntMWWdhnPlnQ5RmkVha+IkYnKia5sepov
jXnVSZsEDK3f7ZFNmIJ0XRlt5L0bOqf6QxR5SdwwmNntONkRcEhecMwv/gJDSLMn
r/Hk2aKnXo8AYLNxChh7laAWt1jrKtoNyadTzViUCK103ggetVNs8uYiywTEFMCT
RsYLLmDks4X3/GxKQ/WxzKAeiHZer8vGKZ3hciiJaayT2xdV3zpjlpN5fAMJLILY
1+NbkQ/u7J4zTAsaHLGBQpKdeJbpcchw+n76Fzq5spFJO7SpjWWUIo2f+AvC2YzF
zt6g+nouncXF2TkJMgsV6B5QYIy+QbwLGw==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:KeyDescriptor use="encryption">
<ds:KeyInfo>
<ds:KeyName>https://passport.lu.se/SAML2/shibboleth</ds:KeyName>
<ds:KeyName>passport.lu.se</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=passport.lu.se</ds:X509SubjectName>
<ds:X509Certificate>MIIFJTCCAw2gAwIBAgIUFGS48sdXpn0sQdORtwCC7PdVam8wDQYJKoZIhvcNAQEL
BQAwGTEXMBUGA1UEAxMOcGFzc3BvcnQubHUuc2UwHhcNMjQwMjA2MTMxMTQ0WhcN
MzQwMjAzMTMxMTQ0WjAZMRcwFQYDVQQDEw5wYXNzcG9ydC5sdS5zZTCCAiIwDQYJ
KoZIhvcNAQEBBQADggIPADCCAgoCggIBAOHCdDupfhJsfK2cvxs0nEvtvnxZ8xLX
Xt5RPl93kamVW1+eLSoebAFzgd3yBrAuKooNBZUsCSjyRrUIq+Nvh0YxNHCu9Y39
JJLTe1a3W2UYTKjgnMB99/hiLLmTkoAAKgzt4tqne8eXNcy0dMwMyJj9K3I6wNNA
ZewL4hD6UPgIT/WaHg4brdki671A1nRbk6RAKEzM6vXe9IJKyHaTiooaZwh9f1YV
xE7kradIwfNHsoJQGPEU5fbuG207NrNtDrIqEmb9jKIq9dSoBVi8TkUWfanVUzAu
HzJxj5qwzvscGUS26yszTMVah7ZcjcqOBi/11Hzpn+2/JRm1EyZiyt9JaTNcyI35
ufeVNDBtoCgOOEc9ScfyC3+mCBMPxdbvUM4QwaP6PlHqI0aG3wtc134L8klV4r7/
iHlQZ1bHV13LLeScZDLAo3y0fTlZrsdB70KdPk1PL3XXKYT2MomPD4fb7CcoeCKK
0eqR8BSsN/h6pNLe//VEdFT2nwhW7Nq4zRwHO437VFFuuanZNfKemH1T0HOMAfn1
3ISE80EXhtCqL+BLbcZpp6DeRGXLZ/zRP0LKV4NsDMn7HkJ34oceeqVyZYFcicsP
8UrWPyISQF82tKQVJRN+l7NHl6Wi1gwiWe4+1ZPdqY6cA1RCwb+GK2pTWBsT2bcV
fNd0bP1+2cr5AgMBAAGjZTBjMEIGA1UdEQQ7MDmCDnBhc3Nwb3J0Lmx1LnNlhido
dHRwczovL3Bhc3Nwb3J0Lmx1LnNlL1NBTUwyL3NoaWJib2xldGgwHQYDVR0OBBYE
FNffVcXDvLV32VKBAJ22imAC0pJ0MA0GCSqGSIb3DQEBCwUAA4ICAQAdti4uTdeS
5ZdK9r6YRsJ53Cw/Kb2I7tvffGf7vJUUwDID9zQIMN5mg+P2YrHmFISh+agphhLG
tcW8ba2VSddkb/PRv5zFlDnQUSyEdcByjPDzHJNYEoGPVOJtJFoGQewLBD3AFhCW
CRKKsK/etB07VKi5H0gXzy+os5aT/vcsMpvKeWPmrSs/VEDT3aSxVuAUC9oj4tCK
6P63d9wu+z1Mf5/4Wb3IN1IF9H1ey4s++F+dqilDnfGpS8e4OmQbMJnFL/8PmJk/
gAzJrScsQec+FrUfACTMswsNEtdsmtrWPiGA/IFmBPUzfvmE6OKQ/nFGge0Plb2w
uRtQyPNZQsJh5wHY88Ty5KfmtLx51+445RiBIC1/aLc1eDblOv93fSROCQRdzEIU
nnGEwEnAUt08OqfsemGs0fYjEtlDl24m/HylS2s34J60a+eKeMuQPNkxNhp1p76W
ZO/pzimDkhQDUSIIVVlidmMhWdrsowZ3xb62Iu2Es7wSfQl738dOmuCDwTedMWUi
x6NJfPE9JTNJOUgDpbqmLyv/Z++VxkL5zFaL14xGL1cibkqwd8OgFETwBmeBfM+S
Rkg2NOsTv+AwAbj6DxsULT+cAHncD/xZAQZeg3upEuh8O44YZyG1nMgl0He+rqLx
h0X73HoY75row29dAE1JPwF4ckyRhUU1cQ==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
</md:KeyDescriptor>
<md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://nyapassport.lu.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://nyapassport.lu.se/Shibboleth.sso/SLO/SOAP"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://nyapassport.lu.se/Shibboleth.sso/SLO/Redirect"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://nyapassport.lu.se/Shibboleth.sso/SLO/POST"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://nyapassport.lu.se/Shibboleth.sso/SLO/Artifact"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://nyapassport.lu.se/Shibboleth.sso/SAML2/POST" index="1"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://nyapassport.lu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://nyapassport.lu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://nyapassport.lu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
<md:AttributeConsumingService index="1">
<md:ServiceName xml:lang="en">Lund University user account management portal</md:ServiceName>
<md:ServiceName xml:lang="sv">Lunds universitets kontohanteringsportal</md:ServiceName>
<md:RequestedAttribute FriendlyName="eduPersonAssurance" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="norEduPersonNIN" Name="urn:oid:1.3.6.1.4.1.2428.90.1.5" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
</md:AttributeConsumingService>
</md:SPSSODescriptor>
<md:Organization>
<md:OrganizationName xml:lang="sv">Lunds universitet</md:OrganizationName>
<md:OrganizationName xml:lang="en">Lund University</md:OrganizationName>
<md:OrganizationDisplayName xml:lang="sv">Lunds universitet</md:OrganizationDisplayName>
<md:OrganizationDisplayName xml:lang="en">Lund University</md:OrganizationDisplayName>
<md:OrganizationURL xml:lang="sv">https://www.lu.se</md:OrganizationURL>
<md:OrganizationURL xml:lang="en">https://www.lunduniversity.lu.se/</md:OrganizationURL>
</md:Organization>
<md:ContactPerson contactType="technical">
<md:EmailAddress>mailto:passportadmin@epic.lu.se</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson contactType="administrative">
<md:EmailAddress>mailto:servicedesk@lu.se</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson xmlns:remd="http://refeds.org/metadata" contactType="other" remd:contactType="http://refeds.org/metadata/contactType/security">
<md:GivenName>LU IRT</md:GivenName>
<md:EmailAddress>mailto:abuse@lu.se</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson contactType="support">
<md:EmailAddress>mailto:passportadmin@epic.lu.se</md:EmailAddress>
</md:ContactPerson>
</md:EntityDescriptor>
|