blob: 4622865feb772835d046252629a0d4f85e71ebf2 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
|
<?xml version="1.0" encoding="UTF-8"?>
<!--
This is example metadata only. Do *NOT* supply it as is without review,
and do *NOT* provide it in real time to your partners.
This metadata is not dynamic - it will not change as your configuration changes.
-->
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://idp.uhr.se/idp/shibboleth">
<md:Extensions>
<mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/">
<mdrpi:RegistrationPolicy xml:lang="en">http://swamid.se/policy/mdrps</mdrpi:RegistrationPolicy>
</mdrpi:RegistrationInfo>
</md:Extensions>
<IDPSSODescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0" errorURL="https://error.swamid.se/?errorurl_code=ERRORURL_CODE&errorurl_ts=ERRORURL_TS&errorurl_rp=ERRORURL_RP&errorurl_tid=ERRORURL_TID&errorurl_ctx=ERRORURL_CTX&entityid=https://idp.uhr.se/idp/shibboleth">
<Extensions>
<shibmd:Scope regexp="false">uhr.se</shibmd:Scope>
<mdui:UIInfo>
<mdui:DisplayName xml:lang="en">UHR's IDP</mdui:DisplayName>
<mdui:Description xml:lang="en">Identityprovider for UHR</mdui:Description>
</mdui:UIInfo>
</Extensions>
<KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIDEzCCAfugAwIBAgIUQA1fEvobeB0k7/9iU1scJLuj8bgwDQYJKoZIhvcNAQEL
BQAwFTETMBEGA1UEAwwKaWRwLnVoci5zZTAeFw0xNjAzMTMwNjEzNDhaFw0zNjAz
MTMwNjEzNDhaMBUxEzARBgNVBAMMCmlkcC51aHIuc2UwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQC5UJfJ8igHrENbdVYXCnU7yDb0hilzUW/iuZ9+8sj+
GhtbREGNan0lCf5hEn+ZI7oNL6G9zhwdQxVrSuatcBDd63DHrk+pr7EX0b6x3qba
4N3URVdmDcHz3ot+tdd3uxqofDGep/beUpureqW2AscRspLImvgy4lfEkqA7pKuB
3NQvNDhPjiRIYo2gcQVmEI4uDTiJW9/YlXW8SYZO4Q5vHnJ2gItkD+5iGPRxul27
uGaHeEjFov3e5b17NiqX4naZ7dYWPOK0KvBeHbY83pZqVzh/Dav3piXVkrJC+/MM
1W/j1S0nO1J+vTKFYXD41u5b5+VhNCUKkT8Tb95l+5d9AgMBAAGjWzBZMB0GA1Ud
DgQWBBSKLIlyhvxhCYq4b/P2OGh2Ad1YcjA4BgNVHREEMTAvggppZHAudWhyLnNl
hiFodHRwczovL2lkcC51aHIuc2UvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQEL
BQADggEBAKCFa0xcFkZZE+YXVGiRQ78Npu0fISmo3mJIQNfvX1f47kM3veRPX6c6
kz+yCxdBmsFrzS6GZMASUS8HRApumTzbao/2EPXZIX1a6Fli/TRXhBjSKX3BQYv/
qLXYfwDCHTXzxAXmSInEWrAeGsfWkznub7dJBL6gyVwocrgWIdf5NHujkuYCl6X+
UxtRYjrGjs1FzAJS8b+mlaLELIKBmRMLdknZ/IhTExjiuvhIXnQdgcHRbcyKURQx
fEHqr/LXLAx+9GIvQxcC84F2Wq8+iPCERg0b23gjzPT00sKlHkvEPaft5//b1jcd
jh6Yq3qCCn2Yb+cFUDJT72VDJ7NoDRg=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIDEzCCAfugAwIBAgIUK85xuzAU41ZIbKm/LJP7YzIXD/gwDQYJKoZIhvcNAQEL
BQAwFTETMBEGA1UEAwwKaWRwLnVoci5zZTAeFw0xNjAzMTMwNjEzNDdaFw0zNjAz
MTMwNjEzNDdaMBUxEzARBgNVBAMMCmlkcC51aHIuc2UwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQCvNbZH0kfcp0xJ8uVIiBjuRTK2gAmcizSa36WHmsuL
7c6wOx3XNjpMRxr5mA3k5u27sW6/lyGaqMdeQNY2CK6j6oL0hWcLAeRkZh8mRgNS
H8+/FDLKn9+r/IQv4qUxHxvfJquLGotAbD9qcSzQmiqBeHtQTNE5k+5ajFH8IA6W
74TEA1cwCH+g1EATRC36PGaDtLkvmXmKShPcKJ9Qg0Mvd252Y3Cm44I/LG0YgKvl
8ubfC1KOHpEglrCZ+qxtO/rmhdlVpeKRoXIpYSbevDL3FwVE3o47dyM+sn2zhwsh
XMuYD8EUlr+1T/gBLmeaHO9QlYXevGdbdDoEbWjHGsODAgMBAAGjWzBZMB0GA1Ud
DgQWBBRXLdPEN0n4SiGCE9vPuD7ixTBQADA4BgNVHREEMTAvggppZHAudWhyLnNl
hiFodHRwczovL2lkcC51aHIuc2UvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQEL
BQADggEBAAgp4d1TvLdprgUKZj+S/YBwDyQ70Mr54TLrv8FrVCeHRXOw/piEkGAj
Y/GfKbxP5yeQp3UvoYpEFwXEuXbqhX+ejdZRk9fUwQqlsVbUmd1IUauXSvD4qk4S
qpzLqHNEpcwcGvHpv0c/PLMoYfgAB405kna7V+t9LjBgFgdL+QZTDK5SpG2NLnmq
5J49BaZxgxHMcSoDRjeTbli1DlyPCf1QJWzmgJgbi79+SSou0y/1ncirmk7S2dVo
g55hppBxE4Ch23T/kEHh6GraswLGpCOK/kyDyUA1YVrR8wELO7WBmJrxobTtAFWi
jcs6eH7JlXc3P5b44189qTfCgUMntVg=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<KeyDescriptor use="encryption">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIDEzCCAfugAwIBAgIUCRfcQ0FZIWx4ZsT6g19Z/LZ448MwDQYJKoZIhvcNAQEL
BQAwFTETMBEGA1UEAwwKaWRwLnVoci5zZTAeFw0xNjAzMTMwNjEzNDhaFw0zNjAz
MTMwNjEzNDhaMBUxEzARBgNVBAMMCmlkcC51aHIuc2UwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQCZnBiK6quMGf57WTvpfoRWHpb5GSP6Xwh1QsXqf8Ws
6uRqFFx7AXe09Vn2BU/yPtZO+Rw0Yb3+eNByUYbz7A5ZIG2vn0nSnryPo4Q8NQsp
p+VKWXzatXefK+xhYzOgla+f/kIM+CcpqkypLHBzFX3jXPYM31i1HJHcLzXn4EWX
GWKWYNVMVWM3h7aXOozWran5iGlZa2bB5Q/1Mfx2JWgdKKqmxv8HrnupdjcDjqQ1
yA1ARH0Mp6MWGBNE9zm/nmNcTxCzHnZiXze2uHH7mH+qc6jWZbYxQ6PEll5FfgMT
DXO4slIx2WYD7cSXLUYrWOfmzNJROOZz7M5p6G21tjzJAgMBAAGjWzBZMB0GA1Ud
DgQWBBQC6Bz+Gh8FN6WyPNNxumKKWHJJ6zA4BgNVHREEMTAvggppZHAudWhyLnNl
hiFodHRwczovL2lkcC51aHIuc2UvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQEL
BQADggEBAAc/D2iocq5hL7n585M10ola3lyuja91giPXv4vDRAqPN9TznKfPhd2v
2uaWzcyyDVZRXfQbEoqwdm+65ijxSUjEXK8vcD/x4m4OMuBqkY7PAbap1za5dAJQ
uKrjCR95Os2KWDdfuglPz5sh73kQwOKXNG/6fOb7LpW7cd2kBfDFuHLJegmK2H9u
IpYvhjyBB62widywr2u8PXudGhkymB1ZArxaGEKKCbt4804ngM9ImYfop6xt4OwD
ejud16QXqp7rWP7ba6tATI9k3Zngi4hP1bjkRJsmGcBIMQHODb4Xi3dft1uGWBdT
slCO9tT9JJLe1hpBFObZDTDY6/rOkuc=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.uhr.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.uhr.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
<!--
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.uhr.se/idp/profile/SAML2/Redirect/SLO"/>
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.uhr.se/idp/profile/SAML2/POST/SLO"/>
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.uhr.se:8443/idp/profile/SAML2/SOAP/SLO"/>
-->
<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.uhr.se/idp/profile/Shibboleth/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.uhr.se/idp/profile/SAML2/POST/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.uhr.se/idp/profile/SAML2/Redirect/SSO"/>
</IDPSSODescriptor>
<AttributeAuthorityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
<Extensions>
<shibmd:Scope regexp="false">uhr.se</shibmd:Scope>
</Extensions>
<KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIDEzCCAfugAwIBAgIUQA1fEvobeB0k7/9iU1scJLuj8bgwDQYJKoZIhvcNAQEL
BQAwFTETMBEGA1UEAwwKaWRwLnVoci5zZTAeFw0xNjAzMTMwNjEzNDhaFw0zNjAz
MTMwNjEzNDhaMBUxEzARBgNVBAMMCmlkcC51aHIuc2UwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQC5UJfJ8igHrENbdVYXCnU7yDb0hilzUW/iuZ9+8sj+
GhtbREGNan0lCf5hEn+ZI7oNL6G9zhwdQxVrSuatcBDd63DHrk+pr7EX0b6x3qba
4N3URVdmDcHz3ot+tdd3uxqofDGep/beUpureqW2AscRspLImvgy4lfEkqA7pKuB
3NQvNDhPjiRIYo2gcQVmEI4uDTiJW9/YlXW8SYZO4Q5vHnJ2gItkD+5iGPRxul27
uGaHeEjFov3e5b17NiqX4naZ7dYWPOK0KvBeHbY83pZqVzh/Dav3piXVkrJC+/MM
1W/j1S0nO1J+vTKFYXD41u5b5+VhNCUKkT8Tb95l+5d9AgMBAAGjWzBZMB0GA1Ud
DgQWBBSKLIlyhvxhCYq4b/P2OGh2Ad1YcjA4BgNVHREEMTAvggppZHAudWhyLnNl
hiFodHRwczovL2lkcC51aHIuc2UvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQEL
BQADggEBAKCFa0xcFkZZE+YXVGiRQ78Npu0fISmo3mJIQNfvX1f47kM3veRPX6c6
kz+yCxdBmsFrzS6GZMASUS8HRApumTzbao/2EPXZIX1a6Fli/TRXhBjSKX3BQYv/
qLXYfwDCHTXzxAXmSInEWrAeGsfWkznub7dJBL6gyVwocrgWIdf5NHujkuYCl6X+
UxtRYjrGjs1FzAJS8b+mlaLELIKBmRMLdknZ/IhTExjiuvhIXnQdgcHRbcyKURQx
fEHqr/LXLAx+9GIvQxcC84F2Wq8+iPCERg0b23gjzPT00sKlHkvEPaft5//b1jcd
jh6Yq3qCCn2Yb+cFUDJT72VDJ7NoDRg=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIDEzCCAfugAwIBAgIUK85xuzAU41ZIbKm/LJP7YzIXD/gwDQYJKoZIhvcNAQEL
BQAwFTETMBEGA1UEAwwKaWRwLnVoci5zZTAeFw0xNjAzMTMwNjEzNDdaFw0zNjAz
MTMwNjEzNDdaMBUxEzARBgNVBAMMCmlkcC51aHIuc2UwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQCvNbZH0kfcp0xJ8uVIiBjuRTK2gAmcizSa36WHmsuL
7c6wOx3XNjpMRxr5mA3k5u27sW6/lyGaqMdeQNY2CK6j6oL0hWcLAeRkZh8mRgNS
H8+/FDLKn9+r/IQv4qUxHxvfJquLGotAbD9qcSzQmiqBeHtQTNE5k+5ajFH8IA6W
74TEA1cwCH+g1EATRC36PGaDtLkvmXmKShPcKJ9Qg0Mvd252Y3Cm44I/LG0YgKvl
8ubfC1KOHpEglrCZ+qxtO/rmhdlVpeKRoXIpYSbevDL3FwVE3o47dyM+sn2zhwsh
XMuYD8EUlr+1T/gBLmeaHO9QlYXevGdbdDoEbWjHGsODAgMBAAGjWzBZMB0GA1Ud
DgQWBBRXLdPEN0n4SiGCE9vPuD7ixTBQADA4BgNVHREEMTAvggppZHAudWhyLnNl
hiFodHRwczovL2lkcC51aHIuc2UvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQEL
BQADggEBAAgp4d1TvLdprgUKZj+S/YBwDyQ70Mr54TLrv8FrVCeHRXOw/piEkGAj
Y/GfKbxP5yeQp3UvoYpEFwXEuXbqhX+ejdZRk9fUwQqlsVbUmd1IUauXSvD4qk4S
qpzLqHNEpcwcGvHpv0c/PLMoYfgAB405kna7V+t9LjBgFgdL+QZTDK5SpG2NLnmq
5J49BaZxgxHMcSoDRjeTbli1DlyPCf1QJWzmgJgbi79+SSou0y/1ncirmk7S2dVo
g55hppBxE4Ch23T/kEHh6GraswLGpCOK/kyDyUA1YVrR8wELO7WBmJrxobTtAFWi
jcs6eH7JlXc3P5b44189qTfCgUMntVg=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<KeyDescriptor use="encryption">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIDEzCCAfugAwIBAgIUCRfcQ0FZIWx4ZsT6g19Z/LZ448MwDQYJKoZIhvcNAQEL
BQAwFTETMBEGA1UEAwwKaWRwLnVoci5zZTAeFw0xNjAzMTMwNjEzNDhaFw0zNjAz
MTMwNjEzNDhaMBUxEzARBgNVBAMMCmlkcC51aHIuc2UwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQCZnBiK6quMGf57WTvpfoRWHpb5GSP6Xwh1QsXqf8Ws
6uRqFFx7AXe09Vn2BU/yPtZO+Rw0Yb3+eNByUYbz7A5ZIG2vn0nSnryPo4Q8NQsp
p+VKWXzatXefK+xhYzOgla+f/kIM+CcpqkypLHBzFX3jXPYM31i1HJHcLzXn4EWX
GWKWYNVMVWM3h7aXOozWran5iGlZa2bB5Q/1Mfx2JWgdKKqmxv8HrnupdjcDjqQ1
yA1ARH0Mp6MWGBNE9zm/nmNcTxCzHnZiXze2uHH7mH+qc6jWZbYxQ6PEll5FfgMT
DXO4slIx2WYD7cSXLUYrWOfmzNJROOZz7M5p6G21tjzJAgMBAAGjWzBZMB0GA1Ud
DgQWBBQC6Bz+Gh8FN6WyPNNxumKKWHJJ6zA4BgNVHREEMTAvggppZHAudWhyLnNl
hiFodHRwczovL2lkcC51aHIuc2UvaWRwL3NoaWJib2xldGgwDQYJKoZIhvcNAQEL
BQADggEBAAc/D2iocq5hL7n585M10ola3lyuja91giPXv4vDRAqPN9TznKfPhd2v
2uaWzcyyDVZRXfQbEoqwdm+65ijxSUjEXK8vcD/x4m4OMuBqkY7PAbap1za5dAJQ
uKrjCR95Os2KWDdfuglPz5sh73kQwOKXNG/6fOb7LpW7cd2kBfDFuHLJegmK2H9u
IpYvhjyBB62widywr2u8PXudGhkymB1ZArxaGEKKCbt4804ngM9ImYfop6xt4OwD
ejud16QXqp7rWP7ba6tATI9k3Zngi4hP1bjkRJsmGcBIMQHODb4Xi3dft1uGWBdT
slCO9tT9JJLe1hpBFObZDTDY6/rOkuc=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.uhr.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
<!-- <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.uhr.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/> -->
<!-- If you uncomment the above you should add urn:oasis:names:tc:SAML:2.0:protocol to the protocolSupportEnumeration above -->
</AttributeAuthorityDescriptor>
</md:EntityDescriptor>
|