blob: ce6b589ac5ecbb9df67ec36d722018b8822c1f74 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
|
<?xml version="1.0" encoding="UTF-8"?>
<!--
This is example metadata only. Do *NOT* supply it as is without review,
and do *NOT* provide it in real time to your partners.
This metadata is not dynamic - it will not change as your configuration changes.
-->
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" entityID="https://idp.hj.se/idp/shibboleth">
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
<Extensions>
<shibmd:Scope regexp="false">hj.se</shibmd:Scope>
<mdui:UIInfo>
<mdui:DisplayName xml:lang="en">A Name for the IdP at idp.hj.se</mdui:DisplayName>
<mdui:Description xml:lang="en">Enter a description of your IdP at idp.hj.se</mdui:Description>
</mdui:UIInfo>
</Extensions>
<KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIDDzCCAfegAwIBAgIUULHcuieC4zf04BYU0AR+DuY24ekwDQYJKoZIhvcNAQEL
BQAwFDESMBAGA1UEAwwJaWRwLmhqLnNlMB4XDTE2MDMxNDExMzgxMVoXDTM2MDMx
NDExMzgxMVowFDESMBAGA1UEAwwJaWRwLmhqLnNlMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAk6THbcnraohTYngZOycD0+ctVWACLADGljQThCwnJA/T
skGkGDPKKsFBaYdldgUTJJ0Q3wYqzKx44M5FHNUKWwgBeZAnEWISm3t9Cq24hqEO
c4QNCYt7PVNAK+vS7yarotYAPm4HP3Uo80CXWG69k5HFnpjaF3woQ2N+B0pd39O2
iLzh7iWJ+Nt/qD3Hl7sTIfPzsoY4PdNCKLxvpLT8PGl2ON/PHuM4qK4R6HLqGFQJ
DKhGcmxp6QgJA/5VK3uV8yYdDYuc/Pjk1vavLwlYbKUV0r0Tt8eMlbjPy94Nw/J0
MXIMH56Q3xMIT1a4AZigUzUXkIZYfiYQu2YxU1eEpwIDAQABo1kwVzAdBgNVHQ4E
FgQUn9XP4pFGWs88bAiERYN6xxdhub0wNgYDVR0RBC8wLYIJaWRwLmhqLnNlhiBo
dHRwczovL2lkcC5oai5zZS9pZHAvc2hpYmJvbGV0aDANBgkqhkiG9w0BAQsFAAOC
AQEAUJ5a7In0Z2V4MFky//RAsoCsqXdrHwzvqwB+w3rdN21A/qpyPOPeMX3T9afD
afDbFF94EYNEvRIaH6NbGZLJ0CGfMiw4a37/c9sGLieQwLfRnACoe33jKf+Z/w8J
mIym0ztaWUO/lx8SkWTcMl4YXocFXEujlpoAe3cW1N1q7qcjY9NsEzAoLLs3icKS
D5VOTbkivKbs6KPKzqYe82f5++Hv+tjI/yVMLOVi3ktPo6e2PnhsGQ+qLpFs17Qn
0P2ucB2neCFd88FgeIQoGAGycu9SVumUxi5sE/VEo8yzNIUZQRxyV7st5ECM2eIG
qbiphg2PJniZhcfItlrn7pTs/g==
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIDEDCCAfigAwIBAgIVAMZDZCS54aZ6k2vTnIj+qeIbuU06MA0GCSqGSIb3DQEB
CwUAMBQxEjAQBgNVBAMMCWlkcC5oai5zZTAeFw0xNjAzMTQxMTM4MTBaFw0zNjAz
MTQxMTM4MTBaMBQxEjAQBgNVBAMMCWlkcC5oai5zZTCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBAIym14ZOnC+wJFKdlEmCtWCr3Gd1mWgsveBynbEKe/EU
uuccSv094nBNgEYC5LyM8EhXpUqo7V6ZwIYvyasecmk1kFZMbR9qJ6GOH4j/mEC8
EAAdLdPZ3tNKlUx8qCKDR6n7P1TaTrQKk+QZg2QiZI5aCfv9mlKL7ESI3+sjlcy2
Uo59P8AjXt/5qg8mQPFdzy8y/j1Bp0yI6UON4oG+xZC/NX7L0WaJHJjwJwXTjlRs
RAuau05JGOmRabkV6CWCEEqma2vuF2a8Evo2e0ImUv+4TNmlflokhyYQu1CB3Okr
xZOTGSMFR8dltLQXkisMN2PpDIEjTpugTyw/q0Dldc8CAwEAAaNZMFcwHQYDVR0O
BBYEFFCA2ZGMD+rZjVI9MFpHDe0pKSygMDYGA1UdEQQvMC2CCWlkcC5oai5zZYYg
aHR0cHM6Ly9pZHAuaGouc2UvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQAD
ggEBADxA6tq261XomAqzHLJtrwdElc85hy+TYUh/WZuLSDTG3Vg6NjFqZc86igsD
rlwmwrzACWVR0DMzBDQCPaC8mDLUgrfm1zFkMm9ZkTS8F51TsW4On18TVLBNIOT/
lKBEHXftJllK4y23ljSFIJ8dmJtra92rYBOTUrnougS5qgaEeoHYPXeJQ5VK+79Z
XuTeAhq8HKrntnTn1sVQbE+BEEXDnp0cyKlM+pvBt+kbKx0ElXDJpxQuVOnDSuAO
W+hK8vPoi/NhgSFCFHU6fbAWsZQYVXmKGggCdeiRF2hV1MBTPiMXzy/W7LEMKmD/
wHTEWQ0LC1zCU0Mh0mCpi9a19HI=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<KeyDescriptor use="encryption">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIDDzCCAfegAwIBAgIUUC0X9zn/hpN9nrFMVgdJIiozgH0wDQYJKoZIhvcNAQEL
BQAwFDESMBAGA1UEAwwJaWRwLmhqLnNlMB4XDTE2MDMxNDExMzgxMVoXDTM2MDMx
NDExMzgxMVowFDESMBAGA1UEAwwJaWRwLmhqLnNlMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAuOBo7KMGzTUWzPwhOoJ66zezzBMvohhiII8r0aUggTpg
amFmjWibMENctxiUNDEsY1Om0W+GrBWY3V9Gpw3rMN+q+N472S+gDbN7xYRlsffp
OcX7AZar2W0/U032HtojgvoooEhY5lNkXrfDvqYZI7bLXaqNAyNhEuE83Cb1rGIw
8728A05sGsG9Iu1RmJGZfhDkmqpo0zgmxBxrm9DvWjNusNLRGRExRAeS1NoihKUF
ppLJjsx8uxM5Mtes4cwu9qP2ZYldO4dbXAmdu9hZqrZEI6sXu/5wq2wqHkNXJCQK
kLElOOalwPUF8PUU/+AfymKCiYSA7Nbu7H4OmV01SQIDAQABo1kwVzAdBgNVHQ4E
FgQUwLniboBk0meJreYvopeZun+A/2AwNgYDVR0RBC8wLYIJaWRwLmhqLnNlhiBo
dHRwczovL2lkcC5oai5zZS9pZHAvc2hpYmJvbGV0aDANBgkqhkiG9w0BAQsFAAOC
AQEAbHgUvE4N1vEqSNS7hsxbppBE7dXOTUgpEMkjxzs/2MW7bGuTeXX1vCY6nNd+
C4RzrsOhbWrnenEsstJK08iBMBK48fMPlvCIcXvKXkcpl4v7VzOBQPQvOzUjgMXn
Ed3w1/nbnQ/cp4+rTX9TJS30HOF3ZSSL6KnhbDFgP1WOM3AsLYYqvD75W9CTPHo5
4z3cr8uIazmIHFafmpDbX3+Mm0VaHE9z7z6r3hWhcKxWDUUQKV5Is9QdQ4bQuWMw
R+zjNzlS8LbSSelk0ukuH58O9YEBSxb4LpyJoAlpeUkIm8bhDoym2n+nXYSRwigh
I91KnWp+FpSd3F3W0MlM1+MiKQ==
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.hj.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.hj.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
<!--
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.hj.se/idp/profile/SAML2/Redirect/SLO"/>
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.hj.se/idp/profile/SAML2/POST/SLO"/>
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.hj.se:8443/idp/profile/SAML2/SOAP/SLO"/>
-->
<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.hj.se/idp/profile/Shibboleth/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.hj.se/idp/profile/SAML2/POST/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.hj.se/idp/profile/SAML2/Redirect/SSO"/>
</IDPSSODescriptor>
<AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
<Extensions>
<shibmd:Scope regexp="false">hj.se</shibmd:Scope>
</Extensions>
<KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIDDzCCAfegAwIBAgIUULHcuieC4zf04BYU0AR+DuY24ekwDQYJKoZIhvcNAQEL
BQAwFDESMBAGA1UEAwwJaWRwLmhqLnNlMB4XDTE2MDMxNDExMzgxMVoXDTM2MDMx
NDExMzgxMVowFDESMBAGA1UEAwwJaWRwLmhqLnNlMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAk6THbcnraohTYngZOycD0+ctVWACLADGljQThCwnJA/T
skGkGDPKKsFBaYdldgUTJJ0Q3wYqzKx44M5FHNUKWwgBeZAnEWISm3t9Cq24hqEO
c4QNCYt7PVNAK+vS7yarotYAPm4HP3Uo80CXWG69k5HFnpjaF3woQ2N+B0pd39O2
iLzh7iWJ+Nt/qD3Hl7sTIfPzsoY4PdNCKLxvpLT8PGl2ON/PHuM4qK4R6HLqGFQJ
DKhGcmxp6QgJA/5VK3uV8yYdDYuc/Pjk1vavLwlYbKUV0r0Tt8eMlbjPy94Nw/J0
MXIMH56Q3xMIT1a4AZigUzUXkIZYfiYQu2YxU1eEpwIDAQABo1kwVzAdBgNVHQ4E
FgQUn9XP4pFGWs88bAiERYN6xxdhub0wNgYDVR0RBC8wLYIJaWRwLmhqLnNlhiBo
dHRwczovL2lkcC5oai5zZS9pZHAvc2hpYmJvbGV0aDANBgkqhkiG9w0BAQsFAAOC
AQEAUJ5a7In0Z2V4MFky//RAsoCsqXdrHwzvqwB+w3rdN21A/qpyPOPeMX3T9afD
afDbFF94EYNEvRIaH6NbGZLJ0CGfMiw4a37/c9sGLieQwLfRnACoe33jKf+Z/w8J
mIym0ztaWUO/lx8SkWTcMl4YXocFXEujlpoAe3cW1N1q7qcjY9NsEzAoLLs3icKS
D5VOTbkivKbs6KPKzqYe82f5++Hv+tjI/yVMLOVi3ktPo6e2PnhsGQ+qLpFs17Qn
0P2ucB2neCFd88FgeIQoGAGycu9SVumUxi5sE/VEo8yzNIUZQRxyV7st5ECM2eIG
qbiphg2PJniZhcfItlrn7pTs/g==
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIDEDCCAfigAwIBAgIVAMZDZCS54aZ6k2vTnIj+qeIbuU06MA0GCSqGSIb3DQEB
CwUAMBQxEjAQBgNVBAMMCWlkcC5oai5zZTAeFw0xNjAzMTQxMTM4MTBaFw0zNjAz
MTQxMTM4MTBaMBQxEjAQBgNVBAMMCWlkcC5oai5zZTCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBAIym14ZOnC+wJFKdlEmCtWCr3Gd1mWgsveBynbEKe/EU
uuccSv094nBNgEYC5LyM8EhXpUqo7V6ZwIYvyasecmk1kFZMbR9qJ6GOH4j/mEC8
EAAdLdPZ3tNKlUx8qCKDR6n7P1TaTrQKk+QZg2QiZI5aCfv9mlKL7ESI3+sjlcy2
Uo59P8AjXt/5qg8mQPFdzy8y/j1Bp0yI6UON4oG+xZC/NX7L0WaJHJjwJwXTjlRs
RAuau05JGOmRabkV6CWCEEqma2vuF2a8Evo2e0ImUv+4TNmlflokhyYQu1CB3Okr
xZOTGSMFR8dltLQXkisMN2PpDIEjTpugTyw/q0Dldc8CAwEAAaNZMFcwHQYDVR0O
BBYEFFCA2ZGMD+rZjVI9MFpHDe0pKSygMDYGA1UdEQQvMC2CCWlkcC5oai5zZYYg
aHR0cHM6Ly9pZHAuaGouc2UvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQELBQAD
ggEBADxA6tq261XomAqzHLJtrwdElc85hy+TYUh/WZuLSDTG3Vg6NjFqZc86igsD
rlwmwrzACWVR0DMzBDQCPaC8mDLUgrfm1zFkMm9ZkTS8F51TsW4On18TVLBNIOT/
lKBEHXftJllK4y23ljSFIJ8dmJtra92rYBOTUrnougS5qgaEeoHYPXeJQ5VK+79Z
XuTeAhq8HKrntnTn1sVQbE+BEEXDnp0cyKlM+pvBt+kbKx0ElXDJpxQuVOnDSuAO
W+hK8vPoi/NhgSFCFHU6fbAWsZQYVXmKGggCdeiRF2hV1MBTPiMXzy/W7LEMKmD/
wHTEWQ0LC1zCU0Mh0mCpi9a19HI=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<KeyDescriptor use="encryption">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIDDzCCAfegAwIBAgIUUC0X9zn/hpN9nrFMVgdJIiozgH0wDQYJKoZIhvcNAQEL
BQAwFDESMBAGA1UEAwwJaWRwLmhqLnNlMB4XDTE2MDMxNDExMzgxMVoXDTM2MDMx
NDExMzgxMVowFDESMBAGA1UEAwwJaWRwLmhqLnNlMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAuOBo7KMGzTUWzPwhOoJ66zezzBMvohhiII8r0aUggTpg
amFmjWibMENctxiUNDEsY1Om0W+GrBWY3V9Gpw3rMN+q+N472S+gDbN7xYRlsffp
OcX7AZar2W0/U032HtojgvoooEhY5lNkXrfDvqYZI7bLXaqNAyNhEuE83Cb1rGIw
8728A05sGsG9Iu1RmJGZfhDkmqpo0zgmxBxrm9DvWjNusNLRGRExRAeS1NoihKUF
ppLJjsx8uxM5Mtes4cwu9qP2ZYldO4dbXAmdu9hZqrZEI6sXu/5wq2wqHkNXJCQK
kLElOOalwPUF8PUU/+AfymKCiYSA7Nbu7H4OmV01SQIDAQABo1kwVzAdBgNVHQ4E
FgQUwLniboBk0meJreYvopeZun+A/2AwNgYDVR0RBC8wLYIJaWRwLmhqLnNlhiBo
dHRwczovL2lkcC5oai5zZS9pZHAvc2hpYmJvbGV0aDANBgkqhkiG9w0BAQsFAAOC
AQEAbHgUvE4N1vEqSNS7hsxbppBE7dXOTUgpEMkjxzs/2MW7bGuTeXX1vCY6nNd+
C4RzrsOhbWrnenEsstJK08iBMBK48fMPlvCIcXvKXkcpl4v7VzOBQPQvOzUjgMXn
Ed3w1/nbnQ/cp4+rTX9TJS30HOF3ZSSL6KnhbDFgP1WOM3AsLYYqvD75W9CTPHo5
4z3cr8uIazmIHFafmpDbX3+Mm0VaHE9z7z6r3hWhcKxWDUUQKV5Is9QdQ4bQuWMw
R+zjNzlS8LbSSelk0ukuH58O9YEBSxb4LpyJoAlpeUkIm8bhDoym2n+nXYSRwigh
I91KnWp+FpSd3F3W0MlM1+MiKQ==
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.hj.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
<!-- <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.hj.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/> -->
<!-- If you uncomment the above you should add urn:oasis:names:tc:SAML:2.0:protocol to the protocolSupportEnumeration above -->
</AttributeAuthorityDescriptor>
</EntityDescriptor>
|