summaryrefslogtreecommitdiff
path: root/swamid-2.0/auth.fieldsites.se-saml-cpauth.xml
blob: afe6b894326eaf62bfe778b6bc5c59702f8851f1 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://auth.fieldsites.se/saml/cpauth">
  <md:Extensions>
    <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/">
      <mdrpi:RegistrationPolicy xml:lang="en">https://www.sunet.se/wp-content/uploads/2016/08/SWAMID-Metadata-Registration-Practice-Statement-v2.pdf</mdrpi:RegistrationPolicy>
    </mdrpi:RegistrationInfo>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
    <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
      <samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
        <samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue>
      </samla:Attribute>
    </mdattr:EntityAttributes>
  </md:Extensions>
  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    <md:Extensions>
      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://auth.fieldsites.se/saml/login"/>
      <mdui:UIInfo>
        <mdui:DisplayName xml:lang="en">SITES Authentication Service</mdui:DisplayName>
        <mdui:Description xml:lang="en">Single sign on for SITES data services</mdui:Description>
        <mdui:PrivacyStatementURL xml:lang="en">https://auth.fieldsites.se/saml/privacyStatement</mdui:PrivacyStatementURL>
      </mdui:UIInfo>
    </md:Extensions>
    <md:KeyDescriptor>
      <ds:KeyInfo>
        <ds:KeyName>auth.fieldsites.se</ds:KeyName>
        <ds:X509Data>
          <ds:X509SubjectName>CN=auth.fieldsites.se</ds:X509SubjectName>
          <ds:X509Certificate>MIIEYzCCA0ugAwIBAgIJAInunDnNa8QOMA0GCSqGSIb3DQEBCwUAMIHHMQswCQYD
VQQGEwJTRTERMA8GA1UECAwIU2vDg8KlbmUxDTALBgNVBAcMBEx1bmQxNTAzBgNV
BAoMLFN3ZWRpc2ggSW5mcmFzdHJ1Y3R1cmUgZm9yIEVjb3N5c3RlbSBTY2llbmNl
MR8wHQYDVQQLDBZBdXRoZW50aWNhdGlvbiBTZXJ2aWNlMRswGQYDVQQDDBJhdXRo
LmZpZWxkc2l0ZXMuc2UxITAfBgkqhkiG9w0BCQEWEmluZm9AZmllbGRzaXRlcy5z
ZTAeFw0xODAzMTQxNTAxMjhaFw0yODAzMTExNTAxMjhaMIHHMQswCQYDVQQGEwJT
RTERMA8GA1UECAwIU2vDg8KlbmUxDTALBgNVBAcMBEx1bmQxNTAzBgNVBAoMLFN3
ZWRpc2ggSW5mcmFzdHJ1Y3R1cmUgZm9yIEVjb3N5c3RlbSBTY2llbmNlMR8wHQYD
VQQLDBZBdXRoZW50aWNhdGlvbiBTZXJ2aWNlMRswGQYDVQQDDBJhdXRoLmZpZWxk
c2l0ZXMuc2UxITAfBgkqhkiG9w0BCQEWEmluZm9AZmllbGRzaXRlcy5zZTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL57JL9mbGSUjK6UgD73yGK3FLmW
9JSoob2BoiXlO5AEcnqVBgINzAhPHTDdEfrjh3LChz1tDSOjIubcGAEd9KAV7lmE
6Xf+wnRXgKKsyqF2As+vlT5JQF3JbuD+ezuE8i4sTzW2o/ach0nptAh3SUT47Qc/
4YE6YA7gQncdsFi1w4j69Z8tGAOJydl4Z/ATspGiNSCYw5e8vpjuK06QHOq3pE8n
Bq7Qn9CYO9f3dPsLm6qQcDHeLGrwFlcXDjPRu3eefhTKOyoCq5Yvar6vGdnvE9XV
7laikYCR/Eq8LibfNjs85jY+VzFsIOJHSLztWaBIhWUKGf6HswPxjATrDvECAwEA
AaNQME4wHQYDVR0OBBYEFBgKc06pZUImnNxea4xv7FvcqJaLMB8GA1UdIwQYMBaA
FBgKc06pZUImnNxea4xv7FvcqJaLMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEL
BQADggEBAF9xJfdi7tErpxRe0yCw+M12SrkfiBWp/skwPSfps5DxrR5Kq3/D8H5X
b8UpNU6UUQ12GBHhUP7OFv4VLz1OS3bwWxujRdMxjttW85rtjFCDnzjht2w1K3sJ
+Wix+T8xHE8NVtg8wvEOr53/TKq0U1MwonVJLjbxRY8F3QexxXYGmDore/PtxDIb
to63TmmP1EIbqrj1LGv23EngIG0wfhrKkV5cT1/TJ/0xJfLim6e66SO3crc9L2Q/
r2UZOu21reg8IOKK+GgCBXVyc6ihEFpUF5sg/k4EThNjZM5PDDRYnwOwg8WdnOjF
ut7vQ9gFxIHIfE526gVIlHUomwr6JGU=
					</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
    </md:KeyDescriptor>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://auth.fieldsites.se/saml/logout"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://auth.fieldsites.se/saml/SAML2/POST" index="1" isDefault="true"/>
    <md:AttributeConsumingService index="0">
      <md:ServiceName xml:lang="en">SITES Authentication Service</md:ServiceName>
      <md:ServiceDescription xml:lang="en">Single sign on for SITES data services</md:ServiceDescription>
      <md:RequestedAttribute FriendlyName="givenName" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="mail" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
    </md:AttributeConsumingService>
  </md:SPSSODescriptor>
  
  
<md:Organization>
    <md:OrganizationName xml:lang="en">SITES Data Portal</md:OrganizationName>
    <md:OrganizationDisplayName xml:lang="en">SITES Data Portal</md:OrganizationDisplayName>
    <md:OrganizationURL xml:lang="en">http://www.fieldsites.se/</md:OrganizationURL>
  </md:Organization><md:ContactPerson contactType="technical">
    <md:GivenName>Oleg</md:GivenName>
    <md:SurName>Mirzov</md:SurName>
    <md:EmailAddress>mailto:oleg.mirzov@nateko.lu.se</md:EmailAddress>
  </md:ContactPerson></md:EntityDescriptor>