blob: c7cd718f960e878de4819eff74d9e4624981bf8c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
|
<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://sp-test.it.su.se/Shibboleth.sso">
<md:Extensions>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
<mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/" registrationInstant="2018-08-20T07:18:31Z">
<mdrpi:RegistrationPolicy xml:lang="en">http://swamid.se/policy/mdrps</mdrpi:RegistrationPolicy>
</mdrpi:RegistrationInfo>
<mdattr:EntityAttributes>
<samla:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue>
<samla:AttributeValue>https://myacademicid.org/entity-categories/esi</samla:AttributeValue>
</samla:Attribute>
</mdattr:EntityAttributes>
</md:Extensions>
<md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:Extensions>
<init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp-test.it.su.se/Shibboleth.sso/WAYF/idp.it.su.se"/>
<init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp-test.it.su.se/Shibboleth.sso/WAYF/idp-test.it.su.se"/>
<init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp-test.it.su.se/Shibboleth.sso/WAYF/idp.bonsu.se"/>
<init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp-test.it.su.se/Shibboleth.sso/SWAMID"/>
<idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sp-test.it.su.se/Shibboleth.sso/SWAMID" index="1"/>
<init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp-test.it.su.se/Shibboleth.sso/WAYF/eduid.se"/>
<init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp-test.it.su.se/Shibboleth.sso/WAYF/skolfederation-prod-ds"/>
<idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sp-test.it.su.se/Shibboleth.sso/WAYF/skolfederation-prod-ds" index="2"/>
<init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp-test.it.su.se/Shibboleth.sso/WAYF/antagning.se"/>
<init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp-test.it.su.se/Shibboleth.sso/WAYF/otc-idp.it.su.se"/>
<init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp-test.it.su.se/Shibboleth.sso/WAYF/otc-idp-test.it.su.se"/>
<mdui:UIInfo>
<mdui:Description xml:lang="en">Test attribute releases from IdPs</mdui:Description>
<mdui:Description xml:lang="sv">Testa attribut-releaser från IdPer</mdui:Description>
<mdui:DisplayName xml:lang="en">sp-test.it.su.se</mdui:DisplayName>
<mdui:DisplayName xml:lang="sv">sp-test.it.su.se</mdui:DisplayName>
<mdui:InformationURL xml:lang="en">https://sp-test.it.su.se</mdui:InformationURL>
<mdui:InformationURL xml:lang="sv">https://sp-test.it.su.se</mdui:InformationURL>
<mdui:PrivacyStatementURL xml:lang="en">https://sp-test.it.su.se/behandling-av-personuppgifter-vid-sp-test</mdui:PrivacyStatementURL>
<mdui:PrivacyStatementURL xml:lang="sv">https://sp-test.it.su.se/behandling-av-personuppgifter-vid-sp-test</mdui:PrivacyStatementURL>
</mdui:UIInfo>
</md:Extensions>
<md:KeyDescriptor>
<ds:KeyInfo>
<ds:KeyName>shib-test-sp03.it.su.se</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=shib-test-sp03.it.su.se</ds:X509SubjectName>
<ds:X509Certificate>MIIEFzCCAn+gAwIBAgIUJAevSpdToQxKkSd2ce+yei2tHlwwDQYJKoZIhvcNAQEL
BQAwIjEgMB4GA1UEAxMXc2hpYi10ZXN0LXNwMDMuaXQuc3Uuc2UwHhcNMjQwOTEx
MDczMzUwWhcNMzQwOTA5MDczMzUwWjAiMSAwHgYDVQQDExdzaGliLXRlc3Qtc3Aw
My5pdC5zdS5zZTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAN3U6EJC
bqqs+RgdRvThzusg+YyWJ7iqsW9RACjM6WuQVqcAhGaP/9m8dnt0gL97hHzZtOyj
OAClLAETeiJMbImtCZXnzJzfsR0jTQv8OaCAsI2sBYkLtZHTwxrzxOdHoUtt1Fdp
AVjIF12FVu7xI1ihjs950G3MFGbIlQjvOjmYHp8FlPRhsV2S1i/wi5gvaaYVpl8G
0CvOOG9ksDrux573OUiHGaViSG67YRJiXG1RIn+0ChrSvMpuH735E5DiyzfEjpAU
24soU2whqQfu0yuXkRcLDcP7NqwgH4E0tb2IkaA5g78wEZC1k2cqLi/NRTObizFj
A7jEU2XwkKhDRMX06ZADSgLkioqARA163YqNcc5PnDETLJtroIf3RCMnfqbDHher
e0HQs4DfnYJO6TctJ8mmWDMiLIs5A1NtMLnPHUOK5s4/OHsgqdG7rIcDo5yUHb8g
hCyn5YczVlmMh0eDmimzPq71uUHM913Lh3Z53BpmflqWDecfqUXVyO/8BwIDAQAB
o0UwQzAiBgNVHREEGzAZghdzaGliLXRlc3Qtc3AwMy5pdC5zdS5zZTAdBgNVHQ4E
FgQUu26ABUF/JymLMqTO1MlZayBi3BIwDQYJKoZIhvcNAQELBQADggGBALR9iBC+
H6/BaGyUcPbVQl4+cu7fD94Rniy3E6HTcY9YTciddZg8fj+Ja78fQNkNOxjW6/UL
3DItJ3S5I1xEvk3vV/Z95zXr46Rl6QgTu+xqGWI3r/BcCTGQKus3b2vBQV4ySpiX
IYLKN7TrOI0PxA7bNPV+D5zJuTSO5o+VentXPeWxmAB4HlDPwcXTVSgVlB3OPiUD
7I85VrKIr3cFO829xwHATSxEHetnuPv+8ECFUyiUlqjBYqmhzaZHsHUGji/qRsBb
albf3rGZi6tDaYuSa+kR4XTbcaDmLYgOXLlzXJavrOwEQ9CYHfc3/QbXzo2jRVIS
3PK+KbbPGGHKCcOWTCFg+FM7h/4802RBCtLUrY+9MPW4q8FISP7WOpDNUgUz6jrG
wfFI4R0f2sa6ZhFzfBoO2ICTpeL7izLQ6/P4qeN0yxlp5CzemaYc0AgludJbcyjl
cpDUyqGXOaPk+Po7MUC55ebgVhnx2Cy15yNtVRCOFC241/FqKZHxbegryg==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
</md:KeyDescriptor>
<md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp-test.it.su.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp-test.it.su.se/Shibboleth.sso/SLO/SOAP"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp-test.it.su.se/Shibboleth.sso/SLO/Redirect"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp-test.it.su.se/Shibboleth.sso/SLO/POST"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp-test.it.su.se/Shibboleth.sso/SLO/Artifact"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp-test.it.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
<md:AttributeConsumingService index="1">
<md:ServiceName xml:lang="en">sp-test.it.su.se</md:ServiceName>
<md:ServiceName xml:lang="sv">sp-test.it.su.se</md:ServiceName>
<md:RequestedAttribute FriendlyName="c" Name="urn:oid:2.5.4.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="cn" Name="urn:oid:2.5.4.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="co" Name="urn:oid:0.9.2342.19200300.100.1.43" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="displayName" Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="eduPersonAffiliation" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="eduPersonAssurance" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="eduPersonOrcid" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.16" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="eduPersonScopedAffiliation" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="eduPersonTargetedID" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="eduPersonUniqueId" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.13" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="givenName" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="mail" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="norEduOrgAcronym" Name="urn:oid:1.3.6.1.4.1.2428.90.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="norEduPersonNIN" Name="urn:oid:1.3.6.1.4.1.2428.90.1.5" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="o" Name="urn:oid:2.5.4.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="personalIdentityNumber" Name="urn:oid:1.2.752.29.4.13" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="schacDateOfBirth" Name="urn:oid:1.3.6.1.4.1.25178.1.2.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="schacHomeOrganization" Name="urn:oid:1.3.6.1.4.1.25178.1.2.9" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="schacHomeOrganizationType" Name="urn:oid:1.3.6.1.4.1.25178.1.2.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
</md:AttributeConsumingService>
</md:SPSSODescriptor>
<md:Organization>
<md:OrganizationName xml:lang="en">Stockholm University</md:OrganizationName>
<md:OrganizationName xml:lang="sv">Stockholms universitet</md:OrganizationName>
<md:OrganizationDisplayName xml:lang="en">Stockholm University</md:OrganizationDisplayName>
<md:OrganizationDisplayName xml:lang="sv">Stockholms universitet</md:OrganizationDisplayName>
<md:OrganizationURL xml:lang="en">https://www.su.se/english</md:OrganizationURL>
<md:OrganizationURL xml:lang="sv">https://www.su.se</md:OrganizationURL>
</md:Organization>
<md:ContactPerson contactType="technical">
<md:SurName>IT-avdelningen</md:SurName>
<md:EmailAddress>mailto:helpdesk@su.se</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson contactType="support">
<md:SurName>IT-avdelningen</md:SurName>
<md:EmailAddress>mailto:helpdesk@su.se</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson xmlns:remd="http://refeds.org/metadata" contactType="other" remd:contactType="http://refeds.org/metadata/contactType/security">
<md:GivenName>IT</md:GivenName>
<md:SurName>Avdelningen</md:SurName>
<md:EmailAddress>mailto:helpdesk@su.se</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson contactType="administrative">
<md:SurName>IT-avdelningen</md:SurName>
<md:EmailAddress>mailto:helpdesk@su.se</md:EmailAddress>
</md:ContactPerson>
</md:EntityDescriptor>
|
