blob: 0443bc4b4ec6163c018b894fcb5a8e5b45b63e27 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
|
<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://acc.nais.uhr.se/shibboleth">
<md:Extensions>
<mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/" registrationInstant="2021-12-21T11:12:08Z">
<mdrpi:RegistrationPolicy xml:lang="en">http://swamid.se/policy/mdrps</mdrpi:RegistrationPolicy>
</mdrpi:RegistrationInfo>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
<mdattr:EntityAttributes>
<samla:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
<samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue>
</samla:Attribute>
</mdattr:EntityAttributes>
</md:Extensions>
<md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
<md:Extensions>
<init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://acc.nais.uhr.se/Shibboleth.sso/DS/ds.swamid.se"/>
<idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://acc.nais.uhr.se/Shibboleth.sso/DS/ds.swamid.se" index="1"/>
<init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://acc.nais.uhr.se/Shibboleth.sso/Login"/>
<mdui:UIInfo>
<mdui:DisplayName xml:lang="sv">NaisAcc</mdui:DisplayName>
<mdui:DisplayName xml:lang="en">NaisAcc</mdui:DisplayName>
<mdui:Description xml:lang="sv">NaisAcc</mdui:Description>
<mdui:Description xml:lang="en">NaisAcc</mdui:Description>
<mdui:InformationURL xml:lang="sv">https://www.uhr.se/systemtjanster-for-larosaten/stodsystem-for-larosaten/nationellt-administrations--och-informationssystem-for-samordnare-nais/</mdui:InformationURL>
<mdui:InformationURL xml:lang="en">https://www.uhr.se/systemtjanster-for-larosaten/stodsystem-for-larosaten/nationellt-administrations--och-informationssystem-for-samordnare-nais/</mdui:InformationURL>
<mdui:PrivacyStatementURL xml:lang="sv">https://nais.uhr.se/About/PrivacyPolicy</mdui:PrivacyStatementURL>
<mdui:PrivacyStatementURL xml:lang="en">https://nais.uhr.se/About/PrivacyPolicy</mdui:PrivacyStatementURL>
<mdui:Logo xml:lang="sv" height="83" width="83">https://nyaanvandarstod.uhr.se/globalassets/uhr_symbol_lila.png</mdui:Logo>
<mdui:Logo xml:lang="en" height="83" width="83">https://nyaanvandarstod.uhr.se/globalassets/uhr_symbol_lila.png</mdui:Logo>
</mdui:UIInfo>
</md:Extensions>
<md:KeyDescriptor>
<ds:KeyInfo>
<ds:KeyName>acc.nais.uhr.se</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=acc.nais.uhr.se</ds:X509SubjectName>
<ds:X509Certificate>MIID/zCCAmegAwIBAgIUM7FzGCEs/I3IxdVbO2eA0aJVaK8wDQYJKoZIhvcNAQEL
BQAwGjEYMBYGA1UEAxMPYWNjLm5haXMudWhyLnNlMB4XDTIxMDMxMjExNDk0M1oX
DTMxMDMxMDExNDk0M1owGjEYMBYGA1UEAxMPYWNjLm5haXMudWhyLnNlMIIBojAN
BgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAnb4k77PE6MjSy77SKbx3B1e3Kj5J
6POiKlZrV2Ew/j6Zk17WOSZf2YNAj2pDECRSa3nLvW4CuU43dks08cWLKRw4xStu
I0JqWXAS1daeGXg4JAcpt5mf45JVk93SBTmxYZxwUnBKZIm88QqSM7zWvcD/9ux/
pWa0fvJoqnpGXk6vNYEAiRo8wYI4QbYR3ZnHYwA1GTbf74MpN9oKPShYRvNwGwsf
WktDBirhJ463VvC/vENWUpIV61yjTm6mQ/ZqAfZdYos6h+C1HQhEv7ZxecDgwq+k
5WZmaifladI00/WeTu5eXdZrGwAIAqCZEeOjXOtDBdTeL+QQHzhbH7gogCvBuIzQ
NImK/jRfanivD5hzEWrgq1JYNjIg0FgtFpkaWgOAlrTGJpwpHuy3TlrjgXpEYqhe
zL2DGVYJSIo4W0dP1o562+GScNwmQQXrN5FdGsuKsbueJZXB5cYjCCxlnvwS/WM4
KWRSDy+OoPS7ojkDtXSO948QFYzZTspwTAxjAgMBAAGjPTA7MBoGA1UdEQQTMBGC
D2FjYy5uYWlzLnVoci5zZTAdBgNVHQ4EFgQUueYTDVaOfQ43I5W6SnqzJmFIOSYw
DQYJKoZIhvcNAQELBQADggGBAHE38de5674JGIg547hnHR6vbJtqiRCY8VoabIAF
De2YfE0Y58hKbz/sXfAH8LgNLKdc9RUJNpXEMu9+JPfTZLd7nHqrflEYZ7r+KkCZ
ginZ/OcGJQt7la1NrRD9ukL74wX9vux04jL3vVyb8uHKel5xg41sZ7ONZeROLw1p
EprJkLN90dhzTmv557fPCyaAvQiu31pQ4wRV6uU8eQd45bngzxRLKrz5ANwzHXXX
ZtQcfGqTe/ZIUM0Mw73meEhGol9+B52ZLACzYIHa166hDCbJ8uiVoQ61N8sszu6X
ejOxH6e/oomGwI5qbP5A+y0M/sZCY6OxAYhZUd1WHJLXfFPshBItPWz8AOqti8GT
JautiDRCRLi5YsyeWEjI5RUT0gJZLlgSiLE+dddDoOXU6535OJBQ/CqVS6muoAuQ
SBdbsATbOt1cwjyvaD+I0+zxwit4Gg/6l7ENBqrREIFYKa0IyFGjAJbJMlAIg13k
hqj4vsnmj5P2D3MHXocrWkPzxg==
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
</md:KeyDescriptor>
<md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://acc.nais.uhr.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://acc.nais.uhr.se/Shibboleth.sso/SLO/SOAP"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://acc.nais.uhr.se/Shibboleth.sso/SLO/Redirect"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://acc.nais.uhr.se/Shibboleth.sso/SLO/POST"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://acc.nais.uhr.se/Shibboleth.sso/SLO/Artifact"/>
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://acc.nais.uhr.se/Shibboleth.sso/NIM/SOAP"/>
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://acc.nais.uhr.se/Shibboleth.sso/NIM/Redirect"/>
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://acc.nais.uhr.se/Shibboleth.sso/NIM/POST"/>
<md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://acc.nais.uhr.se/Shibboleth.sso/NIM/Artifact"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://acc.nais.uhr.se/Shibboleth.sso/SAML2/POST" index="1"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://acc.nais.uhr.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://acc.nais.uhr.se/Shibboleth.sso/SAML2/ECP" index="4"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://acc.nais.uhr.se/Shibboleth.sso/SAML/POST" index="5"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://acc.nais.uhr.se/Shibboleth.sso/SAML/Artifact" index="6"/>
<!-- Required för personnummer -->
<md:AttributeConsumingService index="1">
<md:ServiceName xml:lang="en">NaisAcc</md:ServiceName>
<md:ServiceName xml:lang="sv">NaisAcc</md:ServiceName>
<md:RequestedAttribute FriendlyName="norEduPersonNIN" Name="urn:oid:1.3.6.1.4.1.2428.90.1.5" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="displayName" Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="mail" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="personalIdentityNumber" Name="urn:oid:1.2.752.29.4.13" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="eduPersonAssurance" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="givenName" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
</md:AttributeConsumingService>
</md:SPSSODescriptor>
<md:Organization>
<md:OrganizationName xml:lang="sv">Universitets- och högskolerådet</md:OrganizationName>
<md:OrganizationName xml:lang="en">Swedish Council for Higher Education</md:OrganizationName>
<md:OrganizationDisplayName xml:lang="sv">Universitets- och högskolerådet</md:OrganizationDisplayName>
<md:OrganizationDisplayName xml:lang="en">Swedish Council for Higher Education</md:OrganizationDisplayName>
<md:OrganizationURL xml:lang="sv">https://www.uhr.se</md:OrganizationURL>
<md:OrganizationURL xml:lang="en">https://www.uhr.se/en/start/</md:OrganizationURL>
</md:Organization>
<md:ContactPerson contactType="administrative">
<md:Company>Universitets- och högskolerådet</md:Company>
<md:EmailAddress>mailto:nais.support@uhr.se</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson contactType="technical">
<md:Company>Universitets- och högskolerådet</md:Company>
<md:EmailAddress>mailto:nais.support@uhr.se</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson contactType="support">
<md:Company>Universitets- och högskolerådet</md:Company>
<md:EmailAddress>mailto:nais.support@uhr.se</md:EmailAddress>
</md:ContactPerson>
</md:EntityDescriptor>
|