SAML 2.0 SP Metadata
SimpleSAMLphp har har genererat följande metadata. För att sätta upp en betrodd federation kan du skicka metadata till de parter du har förtroende för.
Du kan hämta metadata i XML-format på dedicerad URL:
https://demosp.sanet.sk/simplesaml/module.php/saml/sp/metadata.php/test-safeid
Metadata
I SAML 2.0 Metadata XML-format:
<?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://demosp.sanet.sk/sp">
<md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol" AuthnRequestsSigned="true">
<md:Extensions>
<mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
<mdui:DisplayName xml:lang="en">SANET Demo Service</mdui:DisplayName>
<mdui:DisplayName xml:lang="sk">SANET demo služba</mdui:DisplayName>
<mdui:Description xml:lang="en">A demo Service Provider for the SAML2 based Identity Federation</mdui:Description>
<mdui:Description xml:lang="sk">Demo služba pre SAML2 federáciu identít</mdui:Description>
<mdui:InformationURL xml:lang="sk">https://demosp.sanet.sk/simplesaml/module.php/core/authenticate.php?language=cs</mdui:InformationURL>
<mdui:InformationURL xml:lang="en">https://demosp.sanet.sk/simplesaml/module.php/core/authenticate.php?language=en</mdui:InformationURL>
<mdui:Logo width="224" height="166">https://demosp.sanet.sk/simplesaml/resources/logo/sanetlogo_sk.gif</mdui:Logo>
<mdui:Logo width="224" height="166" xml:lang="en">https://demosp.sanet.sk/simplesaml/resources/logo/sanetlogo.gif</mdui:Logo>
</mdui:UIInfo>
</md:Extensions>
<md:KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>MIIDzzCCAregAwIBAgIJAOK2dcApb2tGMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlNLMRMwEQYDVQQIDApCcmF0aXNsYXZhMRMwEQYDVQQHDApCcmF0aXNsYXZhMQ4wDAYDVQQKDAVTQU5FVDEYMBYGA1UEAwwPZGVtb3NwLnNhbmV0LnNrMRswGQYJKoZIhvcNAQkBFgxub2NAdWFrb20uc2swHhcNMTYwNDA5MDkwNDUyWhcNMjYwNDA5MDkwNDUyWjB+MQswCQYDVQQGEwJTSzETMBEGA1UECAwKQnJhdGlzbGF2YTETMBEGA1UEBwwKQnJhdGlzbGF2YTEOMAwGA1UECgwFU0FORVQxGDAWBgNVBAMMD2RlbW9zcC5zYW5ldC5zazEbMBkGCSqGSIb3DQEJARYMbm9jQHVha29tLnNrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSqqmD2UO+Nw7wzMZvK3EQUL1cAPRPvgttg+jE5dzVT3BbE6tTsyBrYc+u4BS2dJJBmJvlyGr5xmK5kf7k3TcfIWz+Vf/uw9q8w3YouweQrbJ/95nxOZZScRCA3K9KJuynisA8hEHihc7zBTD9HR7QuqoejEbSMnVm+m/HoM1Se37Yp2EPE0YZiWfFduqe+Vd9yrVFm5VlFjbq2bOO9nOGL3T82lvoNl7OOJhb1amvynpg1bzDN68XHyTKJKNaywdo/ww9xTb7DYyEW6pSin0IHW7O0C/PpPpVS0ZcJ4LJu7TuaaupYW1x078tbGfM9xt8dEfSH78I0ZsdFeo15QKwIDAQABo1AwTjAdBgNVHQ4EFgQUVcxDwS4DllsblJbXZiB+t+3WKfUwHwYDVR0jBBgwFoAUVcxDwS4DllsblJbXZiB+t+3WKfUwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAMWLnH57Y2mE8B36EM1VTAwJku0S27Ic1IiWApaOigpr9Vnnw5RXLzyjFBZ5wQutU3VDdSF0eTChedFOY9ZAv822O4mGnFnAjyQGpwGuR5orbeKq/FZBqm+O+elh8I3dktPnCsqJJQEBrStLrfKfynhXuL0OUmgChw2VdNa+pIyppTAmAL9c07yk2DfGg8D5rqNwNoxSLinOgZLUfOUnT7ecxnelspmItZeLbIZ4W3JzsNr3/3ux1GTWQ3DAxGRFkc6k9GDJEr55lmMnWMnG8wmqrC3Tp7qFpbqDjXfOxz9x1wUaHt02HfUKJVudcJCS6sbrE+pE+zKr2vTG+UESk0A==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:KeyDescriptor use="encryption">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>MIIDzzCCAregAwIBAgIJAOK2dcApb2tGMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlNLMRMwEQYDVQQIDApCcmF0aXNsYXZhMRMwEQYDVQQHDApCcmF0aXNsYXZhMQ4wDAYDVQQKDAVTQU5FVDEYMBYGA1UEAwwPZGVtb3NwLnNhbmV0LnNrMRswGQYJKoZIhvcNAQkBFgxub2NAdWFrb20uc2swHhcNMTYwNDA5MDkwNDUyWhcNMjYwNDA5MDkwNDUyWjB+MQswCQYDVQQGEwJTSzETMBEGA1UECAwKQnJhdGlzbGF2YTETMBEGA1UEBwwKQnJhdGlzbGF2YTEOMAwGA1UECgwFU0FORVQxGDAWBgNVBAMMD2RlbW9zcC5zYW5ldC5zazEbMBkGCSqGSIb3DQEJARYMbm9jQHVha29tLnNrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSqqmD2UO+Nw7wzMZvK3EQUL1cAPRPvgttg+jE5dzVT3BbE6tTsyBrYc+u4BS2dJJBmJvlyGr5xmK5kf7k3TcfIWz+Vf/uw9q8w3YouweQrbJ/95nxOZZScRCA3K9KJuynisA8hEHihc7zBTD9HR7QuqoejEbSMnVm+m/HoM1Se37Yp2EPE0YZiWfFduqe+Vd9yrVFm5VlFjbq2bOO9nOGL3T82lvoNl7OOJhb1amvynpg1bzDN68XHyTKJKNaywdo/ww9xTb7DYyEW6pSin0IHW7O0C/PpPpVS0ZcJ4LJu7TuaaupYW1x078tbGfM9xt8dEfSH78I0ZsdFeo15QKwIDAQABo1AwTjAdBgNVHQ4EFgQUVcxDwS4DllsblJbXZiB+t+3WKfUwHwYDVR0jBBgwFoAUVcxDwS4DllsblJbXZiB+t+3WKfUwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAMWLnH57Y2mE8B36EM1VTAwJku0S27Ic1IiWApaOigpr9Vnnw5RXLzyjFBZ5wQutU3VDdSF0eTChedFOY9ZAv822O4mGnFnAjyQGpwGuR5orbeKq/FZBqm+O+elh8I3dktPnCsqJJQEBrStLrfKfynhXuL0OUmgChw2VdNa+pIyppTAmAL9c07yk2DfGg8D5rqNwNoxSLinOgZLUfOUnT7ecxnelspmItZeLbIZ4W3JzsNr3/3ux1GTWQ3DAxGRFkc6k9GDJEr55lmMnWMnG8wmqrC3Tp7qFpbqDjXfOxz9x1wUaHt02HfUKJVudcJCS6sbrE+pE+zKr2vTG+UESk0A==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://demosp.sanet.sk/simplesaml/module.php/saml/sp/saml2-logout.php/test-safeid"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://demosp.sanet.sk/simplesaml/module.php/saml/sp/saml2-acs.php/test-safeid" index="0"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://demosp.sanet.sk/simplesaml/module.php/saml/sp/saml1-acs.php/test-safeid" index="1"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://demosp.sanet.sk/simplesaml/module.php/saml/sp/saml2-acs.php/test-safeid" index="2"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://demosp.sanet.sk/simplesaml/module.php/saml/sp/saml1-acs.php/test-safeid/artifact" index="3"/>
<md:AttributeConsumingService index="0">
<md:ServiceName xml:lang="en">SANET Demo Service</md:ServiceName>
<md:ServiceName xml:lang="sk">SANET demo služba</md:ServiceName>
<md:ServiceDescription xml:lang="en">A demo Service Provider for the SAML2 based Identity Federation</md:ServiceDescription>
<md:ServiceDescription xml:lang="sk">Demo služba pre SAML2 federáciu identít</md:ServiceDescription>
<md:RequestedAttribute Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonAffiliation"/>
<md:RequestedAttribute Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonScopedAffiliation"/>
<md:RequestedAttribute Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonPrincipalName"/>
<md:RequestedAttribute Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonTargetedID"/>
<md:RequestedAttribute Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonEntitlement"/>
<md:RequestedAttribute Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="displayName"/>
<md:RequestedAttribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName"/>
<md:RequestedAttribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn"/>
<md:RequestedAttribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail"/>
<md:RequestedAttribute Name="urn:oid:1.3.6.1.4.1.25178.1.2.9" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="schacHomeOrganization"/>
<md:RequestedAttribute Name="urn:oid:1.3.6.1.4.1.25178.1.2.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="schacHomeOrganizationType"/>
</md:AttributeConsumingService>
</md:SPSSODescriptor>
<md:Organization>
<md:OrganizationName xml:lang="en">SANET</md:OrganizationName>
<md:OrganizationName xml:lang="sk">SANET</md:OrganizationName>
<md:OrganizationDisplayName xml:lang="en">SANET</md:OrganizationDisplayName>
<md:OrganizationDisplayName xml:lang="sk">SANET</md:OrganizationDisplayName>
<md:OrganizationURL xml:lang="en">http://www.sanet.sk/</md:OrganizationURL>
<md:OrganizationURL xml:lang="sk">http://www.sanet.sk/</md:OrganizationURL>
</md:Organization>
<md:ContactPerson contactType="technical">
<md:GivenName>UAKOM</md:GivenName>
<md:SurName>NOC</md:SurName>
<md:EmailAddress>mailto:noc@uakom.sk</md:EmailAddress>
</md:ContactPerson>
</md:EntityDescriptor>
I filformatet för simpleSAML, använd detta detta format om SimpleSAMLphp används i mottagende sida:
$metadata['https://demosp.sanet.sk/sp'] = array (
'SingleLogoutService' =>
array (
0 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
'Location' => 'https://demosp.sanet.sk/simplesaml/module.php/saml/sp/saml2-logout.php/test-safeid',
),
),
'AssertionConsumerService' =>
array (
0 =>
array (
'index' => 0,
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
'Location' => 'https://demosp.sanet.sk/simplesaml/module.php/saml/sp/saml2-acs.php/test-safeid',
),
1 =>
array (
'index' => 1,
'Binding' => 'urn:oasis:names:tc:SAML:1.0:profiles:browser-post',
'Location' => 'https://demosp.sanet.sk/simplesaml/module.php/saml/sp/saml1-acs.php/test-safeid',
),
2 =>
array (
'index' => 2,
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact',
'Location' => 'https://demosp.sanet.sk/simplesaml/module.php/saml/sp/saml2-acs.php/test-safeid',
),
3 =>
array (
'index' => 3,
'Binding' => 'urn:oasis:names:tc:SAML:1.0:profiles:artifact-01',
'Location' => 'https://demosp.sanet.sk/simplesaml/module.php/saml/sp/saml1-acs.php/test-safeid/artifact',
),
),
'name' =>
array (
'en' => 'SANET Demo Service',
'sk' => 'SANET demo služba',
),
'attributes' =>
array (
0 => 'urn:oid:1.3.6.1.4.1.5923.1.1.1.1',
1 => 'urn:oid:1.3.6.1.4.1.5923.1.1.1.9',
2 => 'urn:oid:1.3.6.1.4.1.5923.1.1.1.6',
3 => 'urn:oid:1.3.6.1.4.1.5923.1.1.1.10',
4 => 'urn:oid:1.3.6.1.4.1.5923.1.1.1.7',
5 => 'urn:oid:2.16.840.1.113730.3.1.241',
6 => 'urn:oid:2.5.4.42',
7 => 'urn:oid:2.5.4.4',
8 => 'urn:oid:0.9.2342.19200300.100.1.3',
9 => 'urn:oid:1.3.6.1.4.1.25178.1.2.9',
10 => 'urn:oid:1.3.6.1.4.1.25178.1.2.10',
),
'description' =>
array (
'en' => 'A demo Service Provider for the SAML2 based Identity Federation',
'sk' => 'Demo služba pre SAML2 federáciu identít',
),
'attributes.NameFormat' => 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
'OrganizationName' =>
array (
'en' => 'SANET',
'sk' => 'SANET',
),
'OrganizationDisplayName' =>
array (
'en' => 'SANET',
'sk' => 'SANET',
),
'OrganizationURL' =>
array (
'en' => 'http://www.sanet.sk/',
'sk' => 'http://www.sanet.sk/',
),
'contacts' =>
array (
0 =>
array (
'emailAddress' => 'mailto:noc@uakom.sk',
'contactType' => 'technical',
'givenName' => 'UAKOM',
'surName' => 'NOC',
),
),
'certData' => 'MIIDzzCCAregAwIBAgIJAOK2dcApb2tGMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlNLMRMwEQYDVQQIDApCcmF0aXNsYXZhMRMwEQYDVQQHDApCcmF0aXNsYXZhMQ4wDAYDVQQKDAVTQU5FVDEYMBYGA1UEAwwPZGVtb3NwLnNhbmV0LnNrMRswGQYJKoZIhvcNAQkBFgxub2NAdWFrb20uc2swHhcNMTYwNDA5MDkwNDUyWhcNMjYwNDA5MDkwNDUyWjB+MQswCQYDVQQGEwJTSzETMBEGA1UECAwKQnJhdGlzbGF2YTETMBEGA1UEBwwKQnJhdGlzbGF2YTEOMAwGA1UECgwFU0FORVQxGDAWBgNVBAMMD2RlbW9zcC5zYW5ldC5zazEbMBkGCSqGSIb3DQEJARYMbm9jQHVha29tLnNrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSqqmD2UO+Nw7wzMZvK3EQUL1cAPRPvgttg+jE5dzVT3BbE6tTsyBrYc+u4BS2dJJBmJvlyGr5xmK5kf7k3TcfIWz+Vf/uw9q8w3YouweQrbJ/95nxOZZScRCA3K9KJuynisA8hEHihc7zBTD9HR7QuqoejEbSMnVm+m/HoM1Se37Yp2EPE0YZiWfFduqe+Vd9yrVFm5VlFjbq2bOO9nOGL3T82lvoNl7OOJhb1amvynpg1bzDN68XHyTKJKNaywdo/ww9xTb7DYyEW6pSin0IHW7O0C/PpPpVS0ZcJ4LJu7TuaaupYW1x078tbGfM9xt8dEfSH78I0ZsdFeo15QKwIDAQABo1AwTjAdBgNVHQ4EFgQUVcxDwS4DllsblJbXZiB+t+3WKfUwHwYDVR0jBBgwFoAUVcxDwS4DllsblJbXZiB+t+3WKfUwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAMWLnH57Y2mE8B36EM1VTAwJku0S27Ic1IiWApaOigpr9Vnnw5RXLzyjFBZ5wQutU3VDdSF0eTChedFOY9ZAv822O4mGnFnAjyQGpwGuR5orbeKq/FZBqm+O+elh8I3dktPnCsqJJQEBrStLrfKfynhXuL0OUmgChw2VdNa+pIyppTAmAL9c07yk2DfGg8D5rqNwNoxSLinOgZLUfOUnT7ecxnelspmItZeLbIZ4W3JzsNr3/3ux1GTWQ3DAxGRFkc6k9GDJEr55lmMnWMnG8wmqrC3Tp7qFpbqDjXfOxz9x1wUaHt02HfUKJVudcJCS6sbrE+pE+zKr2vTG+UESk0A==',
'redirect.validate' => true,
);
Copyright © 2007-2019