summaryrefslogtreecommitdiff
path: root/swamid-2.0/mfa-check.swamid.se-shibboleth.xml
blob: 70623202ce269e4a52615ecbc29fe77eb414d29b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://mfa-check.swamid.se/shibboleth">
  <md:Extensions>
    <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/" registrationInstant="2018-03-19T17:31:59Z">
      <mdrpi:RegistrationPolicy xml:lang="en">http://swamid.se/policy/mdrps</mdrpi:RegistrationPolicy>
    </mdrpi:RegistrationInfo>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
    <mdattr:EntityAttributes>
      <samla:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
        <samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue>
        <samla:AttributeValue>https://refeds.org/category/code-of-conduct/v2</samla:AttributeValue>
      </samla:Attribute>
    </mdattr:EntityAttributes>
  </md:Extensions>
  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    <md:Extensions>
      <idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/haka.funet.fi" index="3"/>
      <idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/kalmar2" index="2"/>
      <idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/kalmar2" index="5"/>
      <idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/loopback" index="9"/>
      <idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/md.nordu.net" index="7"/>
      <idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/nightly.pyff.io" index="6"/>
      <idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/nordu.net" index="1"/>
      <idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/nordu.net-ADFS" index="10"/>
      <idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/skolfederation" index="4"/>
      <idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/swamid-test" index="8"/>
      <idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/swamid-test-ADFS" index="11"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/haka.funet.fi"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/kalmar2"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/kalmar2"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/loopback"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/md.nordu.net"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/nightly.pyff.io"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/nordu.net"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/nordu.net-ADFS"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/skolfederation"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/swamid-test"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/DS/swamid-test-ADFS"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/Login/box-idp.nordu.net"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/Login/box-idp.sunet.se"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/Login/eduid"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/Login/eduid-dev"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/Login/feide"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/Login/idp.funet.fi"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/Login/necs.sll.se"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/Login/openidp"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/Login/socialproxy"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://mfa-check.swamid.se/Shibboleth.sso/Login/unitedid"/>
      <mdui:UIInfo>
        <mdui:DisplayName xml:lang="sv">SWAMIDs MFA IdP-test</mdui:DisplayName>
        <mdui:DisplayName xml:lang="en">SWAMID MFA IdP certification tester</mdui:DisplayName>
        <mdui:Description xml:lang="sv">Verktyg för att testa om en IdP har stöd för MFA</mdui:Description>
        <mdui:Description xml:lang="en">MFA IdP certification testing tool</mdui:Description>
        <mdui:InformationURL xml:lang="sv">https://mfa-check.swamid.se</mdui:InformationURL>
        <mdui:InformationURL xml:lang="en">https://mfa-check.swamid.se</mdui:InformationURL>
        <mdui:Logo xml:lang="en" height="100" width="115">https://release-check.swamid.se/swamid-logo-2-100x115.png</mdui:Logo>
        <mdui:Logo xml:lang="sv" height="100" width="115">https://release-check.swamid.se/swamid-logo-2-100x115.png</mdui:Logo>
        <mdui:PrivacyStatementURL xml:lang="en">https://wiki.sunet.se/display/SWAMID/SWAMID+Entity+Category+Release+Check+-+Privacy+Policy?showLanguage=en_GB</mdui:PrivacyStatementURL>
        <mdui:PrivacyStatementURL xml:lang="sv">https://wiki.sunet.se/display/SWAMID/SWAMID+Entity+Category+Release+Check+-+Privacy+Policy?showLanguage=sv_SE</mdui:PrivacyStatementURL>
      </mdui:UIInfo>
    </md:Extensions>
    <md:KeyDescriptor>
      <ds:KeyInfo>
        <ds:KeyName>mfa-check.swamid.se</ds:KeyName>
        <ds:X509Data>
          <ds:X509SubjectName>CN=mfa-check.swamid.se</ds:X509SubjectName>
          <ds:X509Certificate>MIIEADCCAmigAwIBAgIJAOFBwOSVzcRxMA0GCSqGSIb3DQEBCwUAMB4xHDAaBgNV
BAMTE21mYS1jaGVjay5zd2FtaWQuc2UwHhcNMTgwMzE5MTUyNjU3WhcNMjgwMzE2
MTUyNjU3WjAeMRwwGgYDVQQDExNtZmEtY2hlY2suc3dhbWlkLnNlMIIBojANBgkq
hkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAxC1TObwn0hNG1n3ut5qRbFmkdBGS7KSZ
lGrw+eHiUrihLUiQe9953+JwludTIh0AAFcn++uttaxI7zXHqFv4AnmVbKmKPgWv
o3alW1DApZYLqyD48HEFtGvwhy/k5QbdPbc3eNzFyWyy4U9gJSHyojFk2ts+L6Eu
YmQ3XWUpzeUYgM6PjZZY3GKGlFGuMDs2oZVJPcldwge2DM7KBgUTLY+Oym1zLa3G
STHFNR1Etr987PtFyTkqv6nWXGb60aVm6iWVFYhpBNQucSIUFBmnWWoGCNag7C7L
I9NZBLqQbj9KL/C3ApPAXyIM0fvg8ddD/J8/o+RmUZlGJmc6fPBgwK8AfrbtOwQP
T4jy8UGDLcywkWOX1KlMkuHTVppwFLlO/W8SufrzkqgJ+ps8sOYFjQxBh+aOOp3M
XCcxYkZHSftzzTngiebHxDgb8ZIRCR/LYHOSd7pwtbfkBGrOLHi6vPr0uu1H9PGQ
WHSIVkfhaRZbKcRU9xlS67Iss496MEP3AgMBAAGjQTA/MB4GA1UdEQQXMBWCE21m
YS1jaGVjay5zd2FtaWQuc2UwHQYDVR0OBBYEFIHYrpNd2RpoMTQh42sHJ7pHlUmP
MA0GCSqGSIb3DQEBCwUAA4IBgQBCOZlfACODVvZHQ506qaxew/rqxsuffTe4HWjd
M1LLhi1lN3SXhnfi4eW+jQk6ROoj+8AsUzyimLXBK8CKo1iuYwBaJ0asPlwGEUC0
TQfjE8RbclZkhtpI4knLJgQl5Di9qJB1VB3rLjM9HKXIgyzKDWGjLMMz4iGW/ZmC
vihMpqOjBDng82r0Qp1ZI3ByikJ49msIB5iQFyXZYNf8iHLoG5Sb2dK4DIKvOg2S
A1YIRBT+OwkFh3kL3qfQjSqK/uAkMLq6I2URzTa1Np8rlec4S0lISxHTlVg2L7WW
YPmMj/QXztnb6sjhjgGzt/9D5G3M3elIEkwLSU6YDeUaTauX0Ssj21ZnT5lOCqdC
SndOtwDgcsxXOoho8MsCRdPlMn/ROiMJwodbTakQKSbEXbg+XatbOw1AVmiUHgak
wLA3I1NYNdoyC1wPDgTiEZCIfhOuBttCA8jAUv9k5q1P1pQhqCp5FuzLKAudkeJ0
hNW9Egqc9F3KxXMAxHb63SajnOY=
</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
    </md:KeyDescriptor>
    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://mfa-check.swamid.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://mfa-check.swamid.se/Shibboleth.sso/SLO/SOAP"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://mfa-check.swamid.se/Shibboleth.sso/SLO/Redirect"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mfa-check.swamid.se/Shibboleth.sso/SLO/POST"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://mfa-check.swamid.se/Shibboleth.sso/SLO/Artifact"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mfa-check.swamid.se/Shibboleth.sso/SAML2/POST" index="1"/>
    <md:AttributeConsumingService index="1">
      <md:ServiceName xml:lang="en">MFA IdP certification testing tool</md:ServiceName>
      <md:ServiceName xml:lang="sv">SWAMIDs MFA IdP-test</md:ServiceName>
      <md:ServiceDescription xml:lang="en">MFA IdP certification testing tool</md:ServiceDescription>
      <md:ServiceDescription xml:lang="sv">Verktyg för att testa om en IdP har stöd för MFA</md:ServiceDescription>
      <md:RequestedAttribute FriendlyName="eduPersonAssurance" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
    </md:AttributeConsumingService>
  </md:SPSSODescriptor>
  <md:Organization>
    <md:OrganizationName xml:lang="en">The Swedish Research Council</md:OrganizationName>
    <md:OrganizationName xml:lang="sv">Vetenskapsrådet</md:OrganizationName>
    <md:OrganizationDisplayName xml:lang="en">Swedish Academic Identity Federation (SWAMID)</md:OrganizationDisplayName>
    <md:OrganizationDisplayName xml:lang="sv">Swedish Academic Identity Federation (SWAMID)</md:OrganizationDisplayName>
    <md:OrganizationURL xml:lang="en">http://www.swamid.se</md:OrganizationURL>
    <md:OrganizationURL xml:lang="sv">http://www.swamid.se</md:OrganizationURL>
  </md:Organization>
  <md:ContactPerson contactType="technical">
    <md:Company>SWAMID</md:Company>
    <md:GivenName>SWAMID Operations</md:GivenName>
    <md:EmailAddress>mailto:operations@swamid.se</md:EmailAddress>
  </md:ContactPerson>
  <md:ContactPerson contactType="administrative">
    <md:GivenName>SWAMID Operations</md:GivenName>
    <md:EmailAddress>mailto:operations@swamid.se</md:EmailAddress>
  </md:ContactPerson>
  <md:ContactPerson contactType="support">
    <md:GivenName>SWAMID Operations</md:GivenName>
    <md:EmailAddress>mailto:operations@swamid.se</md:EmailAddress>
  </md:ContactPerson>
  <md:ContactPerson xmlns:remd="http://refeds.org/metadata" contactType="other" remd:contactType="http://refeds.org/metadata/contactType/security">
    <md:GivenName> Security Response Team</md:GivenName>
    <md:EmailAddress>mailto:abuse@sunet.se</md:EmailAddress>
  </md:ContactPerson>
</md:EntityDescriptor>