diff --git a/metadata-templates/xml/saml20-hosted.xml b/metadata-templates/xml/saml20-hosted.xml new file mode 100644 index 0000000000000000000000000000000000000000..f304ea10ce1b358cf1ed0dc0fd4ce4833f68cad9 --- /dev/null +++ b/metadata-templates/xml/saml20-hosted.xml @@ -0,0 +1,54 @@ +<?xml version="1.0" encoding="UTF-8" standalone="yes"?> +<EntitiesDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:metadata ../../Users/andreas/Documents/UNINETT/AAISpecs/SAML-2.0/saml-schema-metadata-2.0.xsd" + xmlns="urn:oasis:names:tc:SAML:2.0:metadata"> + + + <EntityDescriptor entityID="dev2.andreas.feide.no"> + <IDPSSODescriptor WantAuthnRequestsSigned="false" + protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <Extensions> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:mace:feide.no:simplesamlphp:host"> + <AttributeValue>dev2.andreas.feide.no</AttributeValue> + </Attribute> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:mace:feide.no:simplesamlphp:privatekey"> + <AttributeValue>server.pem</AttributeValue> + </Attribute> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:mace:feide.no:simplesamlphp:certificate"> + <AttributeValue>server.crt</AttributeValue> + </Attribute> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:mace:feide.no:simplesamlphp:auth"> + <AttributeValue>auth/login-ldapmulti.php</AttributeValue> + </Attribute> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:mace:feide.no:simplesamlphp:requireconsent"> + <AttributeValue>false</AttributeValue> + </Attribute> + </Extensions> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> + <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" + Location="https://"/> + </IDPSSODescriptor> + </EntityDescriptor> + + + <EntityDescriptor entityID="dev.andreas.feide.no"> + <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <Extensions> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" + Name="urn:mace:feide.no:simplesamlphp:host"> + <AttributeValue>dev.andreas.feide.no</AttributeValue> + </Attribute> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" + Name="urn:mace:feide.no:simplesamlphp:ForceAuthn"> + <AttributeValue>false</AttributeValue> + </Attribute> + </Extensions> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> + <AssertionConsumerService index="1" Binding="sdf" Location="http://"/> + </SPSSODescriptor> + + </EntityDescriptor> + + + +</EntitiesDescriptor> diff --git a/metadata-templates/xml/saml20-remote.xml b/metadata-templates/xml/saml20-remote.xml new file mode 100644 index 0000000000000000000000000000000000000000..02ef317536592aace6a5b11399b02db06359e94f --- /dev/null +++ b/metadata-templates/xml/saml20-remote.xml @@ -0,0 +1,176 @@ +<?xml version="1.0" encoding="UTF-8" standalone="yes"?> +<EntitiesDescriptor xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:metadata ../Documents/UNINETT/AAISpecs/SAML-2.0/saml-schema-metadata-2.0.xsd" + xmlns="urn:oasis:names:tc:SAML:2.0:metadata"> + + <EntityDescriptor entityID="max.feide.no"> + <IDPSSODescriptor WantAuthnRequestsSigned="false" + protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <Extensions> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:mace:feide.no:simplesamlphp:base64attributes"> + <AttributeValue>true</AttributeValue> + </Attribute> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:mace:feide.no:simplesamlphp:name"> + <AttributeValue>Feide test environment (max.feide.no) (extensions)</AttributeValue> + </Attribute> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:mace:feide.no:simplesamlphp:description"> + <AttributeValue>This is the test enviornment of Feide.</AttributeValue> + </Attribute> + </Extensions> + <KeyDescriptor use="signing"> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:X509Data> + <ds:X509Certificate>MIIB/jCCAWcCBEbzjNswDQYJKoZIhvcNAQEFBQAwRjELMAkGA1UEBhMCTk8xEDAOBgNVBAoTB1VO + SU5FVFQxDjAMBgNVBAsTBUZlaWRlMRUwEwYDVQQDEwxtYXguZmVpZGUubm8wHhcNMDcwOTIxMDky + MDI3WhcNMDcxMjIwMDkyMDI3WjBGMQswCQYDVQQGEwJOTzEQMA4GA1UEChMHVU5JTkVUVDEOMAwG + A1UECxMFRmVpZGUxFTATBgNVBAMTDG1heC5mZWlkZS5ubzCBnzANBgkqhkiG9w0BAQEFAAOBjQAw + gYkCgYEAvZlBzQ2jGM6Q9STBJ6tqtugkOBMEU/kpvvwOlT6c1X5UIXMwApL+NV2Eaqk+oA0N+M42 + J7Sy0dLDqKVCwsh7qpsIYlDS/omyUMdy6AzvptRUUhLLhC6zQFFAU+6rcUKEiSkER5eziB4M3ae0 + EkW0drm1rOZwb22tr8NJ65q3gnsCAwEAATANBgkqhkiG9w0BAQUFAAOBgQCmVSta9TWin/wvvGOi + e8Cq7cEg0MJLkBWLofNNzrzh6hiQgfuz9KMom/kh9JuGEjyE7rIDbXp2ilxSHgZSaVfEkwnMfQ51 + vuHUrtRolD/skysIocm+HJKbsmPMjSRfUFyzBh4RNjPoCvZvTdnyBfMP/i/H39njAdBRi+49aopc + vw==</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </KeyDescriptor> + + <Organization> + <OrganizationName xml:lang="en">urn:mace:feide.no:services:no.feide</OrganizationName> + <OrganizationDisplayName xml:lang="en">Feide test environment (max.feide.no) (organization)</OrganizationDisplayName> + <OrganizationURL xml:lang="en">http://www.uninett.no</OrganizationURL> + </Organization> + + <ArtifactResolutionService index="0" isDefault="true" + Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" + Location="https://max.feide.no/amserver/ArtifactResolver/metaAlias/idp"/> + + <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" + Location="https://max.feide.no/amserver/IDPSloRedirect/metaAlias/idp" + ResponseLocation="https://max.feide.no/amserver/IDPSloRedirect/metaAlias/idp"/> + + <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" + Location="https://max.feide.no/amserver/IDPSloSoap/metaAlias/idp"/> + + <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" + Location="https://max.feide.no/amserver/IDPMniRedirect/metaAlias/idp" + ResponseLocation="https://max.feide.no/amserver/IDPMniRedirect/metaAlias/idp"/> + + <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" + Location="https://max.feide.no/amserver/IDPMniSoap/metaAlias/idp"/> + + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat> + + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> + + <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" + Location="https://max.feide.no/amserver/SSORedirect/metaAlias/idp"/> + + + <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" + Location="https://max.feide.no/amserver/SSOSoap/metaAlias/idp"/> + + + + + </IDPSSODescriptor> + </EntityDescriptor> + + + + <EntityDescriptor entityID="dev2.andreas.feide.no"> + <IDPSSODescriptor WantAuthnRequestsSigned="false" + protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + <Extensions> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:mace:feide.no:simplesamlphp:base64attributes"> + <AttributeValue>true</AttributeValue> + </Attribute> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:mace:feide.no:simplesamlphp:name"> + <AttributeValue>Feide SAML 2.0 test IdP (dev2.andreas.feide.no)</AttributeValue> + </Attribute> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:mace:feide.no:simplesamlphp:description"> + <AttributeValue>This is the test server of Andreas on his laptop.</AttributeValue> + </Attribute> + </Extensions> + <KeyDescriptor use="signing"> + <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:X509Data> + <ds:X509Certificate>MIICgTCCAeoCCQCbOlrWDdX7FTANBgkqhkiG9w0BAQUFADCBhDELMAkGA1UEBhMC +Tk8xGDAWBgNVBAgTD0FuZHJlYXMgU29sYmVyZzEMMAoGA1UEBxMDRm9vMRAwDgYD +VQQKEwdVTklORVRUMRgwFgYDVQQDEw9mZWlkZS5lcmxhbmcubm8xITAfBgkqhkiG +9w0BCQEWEmFuZHJlYXNAdW5pbmV0dC5ubzAeFw0wNzA2MTUxMjAxMzVaFw0wNzA4 +MTQxMjAxMzVaMIGEMQswCQYDVQQGEwJOTzEYMBYGA1UECBMPQW5kcmVhcyBTb2xi +ZXJnMQwwCgYDVQQHEwNGb28xEDAOBgNVBAoTB1VOSU5FVFQxGDAWBgNVBAMTD2Zl +aWRlLmVybGFuZy5ubzEhMB8GCSqGSIb3DQEJARYSYW5kcmVhc0B1bmluZXR0Lm5v +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDivbhR7P516x/S3BqKxupQe0LO +NoliupiBOesCO3SHbDrl3+q9IbfnfmE04rNuMcPsIxB161TdDpIesLCn7c8aPHIS +KOtPlAeTZSnb8QAu7aRjZq3+PbrP5uW3TcfCGPtKTytHOge/OlJbo078dVhXQ14d +1EDwXJW1rRXuUt4C8QIDAQABMA0GCSqGSIb3DQEBBQUAA4GBACDVfp86HObqY+e8 +BUoWQ9+VMQx1ASDohBjwOsg2WykUqRXF+dLfcUH9dWR63CtZIKFDbStNomPnQz7n +bK+onygwBspVEbnHuUihZq3ZUdmumQqCw4Uvs/1Uvq3orOo/WJVhTyvLgFVK2Qar +Q4/67OZfHd7R+POBXhophSMv1ZOo</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </KeyDescriptor> + + <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" + Location="http://dev2.andreas.feide.no/simplesaml/saml2/idp/SingleLogoutService.php" + ResponseLocation="http://dev2.andreas.feide.no/simplesaml/saml2/idp/SingleLogoutService.php"/> + + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> + + <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" + Location="http://dev2.andreas.feide.no/simplesaml/saml2/idp/SSOService.php"/> + + </IDPSSODescriptor> + </EntityDescriptor> + + + + + <EntityDescriptor entityID="dev.andreas.feide.no"> + <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> + + <Extensions> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" + Name="urn:mace:feide.no:simplesamlphp:host"> + <AttributeValue>dev.andreas.feide.no</AttributeValue> + </Attribute> + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" + Name="urn:mace:feide.no:simplesamlphp:spnamequalifier"> + <AttributeValue>dev.andreas.feide.no</AttributeValue> + </Attribute> + + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" + Name="urn:mace:feide.no:simplesamlphp:base64attributes"> + <AttributeValue>true</AttributeValue> + </Attribute> + + <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" + Name="urn:mace:feide.no:simplesamlphp:simplesaml.attributes"> + <AttributeValue>true</AttributeValue> + </Attribute> + + <!-- Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" + Name="urn:mace:feide.no:simplesamlphp:attributes"> + <AttributeValue>attributes</AttributeValue> + </Attribute --> + + </Extensions> + + <Organization> + <OrganizationName xml:lang="en">dev.andreas.feide.no</OrganizationName> + <OrganizationDisplayName xml:lang="en ">Feide andreas.dev.</OrganizationDisplayName> + <OrganizationURL xml:lang="en">http://feide.no</OrganizationURL> + </Organization> + <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> + + <AssertionConsumerService index="1" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://dev.andreas.feide.no/simplesaml/saml2/sp/AssertionConsumerService.php"/> + + <SingleLogoutService index="1" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://dev.andreas.feide.no/simplesaml/saml2/sp/SingleLogoutService.php"/> + + </SPSSODescriptor> + + </EntityDescriptor> + + +</EntitiesDescriptor>