github.com/crewjam/saml@v0.4.14/samlsp/testdata/testshib_metadata.xml (about) 1 <EntitiesDescriptor Name="urn:mace:shibboleth:testshib:two" 2 xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 3 xmlns:mdalg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" 4 xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> 5 6 <!-- This file contains the metadata for the testing IdP and SP 7 that are operated by TestShib as a service for testing new 8 Shibboleth and SAML providers. --> 9 10 <EntityDescriptor entityID="https://idp.testshib.org/idp/shibboleth"> 11 12 <Extensions> 13 <mdalg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512" /> 14 <mdalg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384" /> 15 <mdalg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" /> 16 <mdalg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> 17 <mdalg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" /> 18 <mdalg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" /> 19 <mdalg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /> 20 <mdalg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> 21 </Extensions> 22 23 <IDPSSODescriptor 24 protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:2.0:protocol"> 25 <Extensions> 26 <shibmd:Scope regexp="false">testshib.org</shibmd:Scope> 27 <mdui:UIInfo> 28 <mdui:DisplayName xml:lang="en">TestShib Test IdP</mdui:DisplayName> 29 <mdui:Description xml:lang="en">TestShib IdP. Use this as a source of attributes 30 for your test SP.</mdui:Description> 31 <mdui:Logo height="88" width="253" 32 >https://www.testshib.org/testshibtwo.jpg</mdui:Logo> 33 </mdui:UIInfo> 34 35 </Extensions> 36 <!-- old signing key 37 <KeyDescriptor> 38 <ds:KeyInfo> 39 <ds:X509Data> 40 <ds:X509Certificate> 41 MIIEDjCCAvagAwIBAgIBADANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJVUzEV 42 MBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1cmdoMREwDwYD 43 VQQKEwhUZXN0U2hpYjEZMBcGA1UEAxMQaWRwLnRlc3RzaGliLm9yZzAeFw0wNjA4 44 MzAyMTEyMjVaFw0xNjA4MjcyMTEyMjVaMGcxCzAJBgNVBAYTAlVTMRUwEwYDVQQI 45 EwxQZW5uc3lsdmFuaWExEzARBgNVBAcTClBpdHRzYnVyZ2gxETAPBgNVBAoTCFRl 46 c3RTaGliMRkwFwYDVQQDExBpZHAudGVzdHNoaWIub3JnMIIBIjANBgkqhkiG9w0B 47 AQEFAAOCAQ8AMIIBCgKCAQEArYkCGuTmJp9eAOSGHwRJo1SNatB5ZOKqDM9ysg7C 48 yVTDClcpu93gSP10nH4gkCZOlnESNgttg0r+MqL8tfJC6ybddEFB3YBo8PZajKSe 49 3OQ01Ow3yT4I+Wdg1tsTpSge9gEz7SrC07EkYmHuPtd71CHiUaCWDv+xVfUQX0aT 50 NPFmDixzUjoYzbGDrtAyCqA8f9CN2txIfJnpHE6q6CmKcoLADS4UrNPlhHSzd614 51 kR/JYiks0K4kbRqCQF0Dv0P5Di+rEfefC6glV8ysC8dB5/9nb0yh/ojRuJGmgMWH 52 gWk6h0ihjihqiu4jACovUZ7vVOCgSE5Ipn7OIwqd93zp2wIDAQABo4HEMIHBMB0G 53 A1UdDgQWBBSsBQ869nh83KqZr5jArr4/7b+QazCBkQYDVR0jBIGJMIGGgBSsBQ86 54 9nh83KqZr5jArr4/7b+Qa6FrpGkwZzELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBl 55 bm5zeWx2YW5pYTETMBEGA1UEBxMKUGl0dHNidXJnaDERMA8GA1UEChMIVGVzdFNo 56 aWIxGTAXBgNVBAMTEGlkcC50ZXN0c2hpYi5vcmeCAQAwDAYDVR0TBAUwAwEB/zAN 57 BgkqhkiG9w0BAQUFAAOCAQEAjR29PhrCbk8qLN5MFfSVk98t3CT9jHZoYxd8QMRL 58 I4j7iYQxXiGJTT1FXs1nd4Rha9un+LqTfeMMYqISdDDI6tv8iNpkOAvZZUosVkUo 59 93pv1T0RPz35hcHHYq2yee59HJOco2bFlcsH8JBXRSRrJ3Q7Eut+z9uo80JdGNJ4 60 /SJy5UorZ8KazGj16lfJhOBXldgrhppQBb0Nq6HKHguqmwRfJ+WkxemZXzhediAj 61 Geka8nz8JjwxpUjAiSWYKLtJhGEaTqCYxCCX2Dw+dOTqUzHOZ7WKv4JXPK5G/Uhr 62 8K/qhmFT2nIQi538n6rVYLeWj8Bbnl+ev0peYzxFyF5sQA== 63 </ds:X509Certificate> 64 </ds:X509Data> 65 </ds:KeyInfo> 66 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> 67 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc" /> 68 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> 69 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> 70 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> 71 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/> 72 </KeyDescriptor> 73 --> 74 75 <!-- new signing key --> 76 <KeyDescriptor> 77 <ds:KeyInfo> 78 <ds:X509Data> 79 <ds:X509Certificate> 80 MIIDAzCCAeugAwIBAgIVAPX0G6LuoXnKS0Muei006mVSBXbvMA0GCSqGSIb3DQEB 81 CwUAMBsxGTAXBgNVBAMMEGlkcC50ZXN0c2hpYi5vcmcwHhcNMTYwODIzMjEyMDU0 82 WhcNMzYwODIzMjEyMDU0WjAbMRkwFwYDVQQDDBBpZHAudGVzdHNoaWIub3JnMIIB 83 IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9C4J2DiRTEhJAWzPt1S3ryh 84 m3M2P3hPpwJwvt2q948vdTUxhhvNMuc3M3S4WNh6JYBs53R+YmjqJAII4ShMGNEm 85 lGnSVfHorex7IxikpuDPKV3SNf28mCAZbQrX+hWA+ann/uifVzqXktOjs6DdzdBn 86 xoVhniXgC8WCJwKcx6JO/hHsH1rG/0DSDeZFpTTcZHj4S9MlLNUtt5JxRzV/MmmB 87 3ObaX0CMqsSWUOQeE4nylSlp5RWHCnx70cs9kwz5WrflnbnzCeHU2sdbNotBEeTH 88 ot6a2cj/pXlRJIgPsrL/4VSicPZcGYMJMPoLTJ8mdy6mpR6nbCmP7dVbCIm/DQID 89 AQABoz4wPDAdBgNVHQ4EFgQUUfaDa2mPi24x09yWp1OFXmZ2GPswGwYDVR0RBBQw 90 EoIQaWRwLnRlc3RzaGliLm9yZzANBgkqhkiG9w0BAQsFAAOCAQEASKKgqTxhqBzR 91 OZ1eVy++si+eTTUQZU4+8UywSKLia2RattaAPMAcXUjO+3cYOQXLVASdlJtt+8QP 92 dRkfp8SiJemHPXC8BES83pogJPYEGJsKo19l4XFJHPnPy+Dsn3mlJyOfAa8RyWBS 93 80u5lrvAcr2TJXt9fXgkYs7BOCigxtZoR8flceGRlAZ4p5FPPxQR6NDYb645jtOT 94 MVr3zgfjP6Wh2dt+2p04LG7ENJn8/gEwtXVuXCsPoSCDx9Y0QmyXTJNdV1aB0AhO 95 RkWPlFYwp+zOyOIR+3m1+pqWFpn0eT/HrxpdKa74FA3R2kq4R7dXe4G0kUgXTdqX 96 MLRKhDgdmA== 97 </ds:X509Certificate> 98 </ds:X509Data> 99 </ds:KeyInfo> 100 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> 101 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc" /> 102 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> 103 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> 104 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> 105 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/> 106 </KeyDescriptor> 107 108 <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" 109 Location="https://idp.testshib.org:8443/idp/profile/SAML1/SOAP/ArtifactResolution" 110 index="1"/> 111 <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" 112 Location="https://idp.testshib.org:8443/idp/profile/SAML2/SOAP/ArtifactResolution" 113 index="2"/> 114 115 <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat> 116 <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> 117 118 <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" 119 Location="https://idp.testshib.org/idp/profile/Shibboleth/SSO"/> 120 <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" 121 Location="https://idp.testshib.org/idp/profile/SAML2/POST/SSO"/> 122 <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" 123 Location="https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO"/> 124 <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" 125 Location="https://idp.testshib.org/idp/profile/SAML2/SOAP/ECP"/> 126 127 </IDPSSODescriptor> 128 129 <AttributeAuthorityDescriptor 130 protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol"> 131 132 <!-- old SSL/TLS 133 <KeyDescriptor> 134 <ds:KeyInfo> 135 <ds:X509Data> 136 <ds:X509Certificate> 137 MIIEDjCCAvagAwIBAgIBADANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJVUzEV 138 MBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1cmdoMREwDwYD 139 VQQKEwhUZXN0U2hpYjEZMBcGA1UEAxMQaWRwLnRlc3RzaGliLm9yZzAeFw0wNjA4 140 MzAyMTEyMjVaFw0xNjA4MjcyMTEyMjVaMGcxCzAJBgNVBAYTAlVTMRUwEwYDVQQI 141 EwxQZW5uc3lsdmFuaWExEzARBgNVBAcTClBpdHRzYnVyZ2gxETAPBgNVBAoTCFRl 142 c3RTaGliMRkwFwYDVQQDExBpZHAudGVzdHNoaWIub3JnMIIBIjANBgkqhkiG9w0B 143 AQEFAAOCAQ8AMIIBCgKCAQEArYkCGuTmJp9eAOSGHwRJo1SNatB5ZOKqDM9ysg7C 144 yVTDClcpu93gSP10nH4gkCZOlnESNgttg0r+MqL8tfJC6ybddEFB3YBo8PZajKSe 145 3OQ01Ow3yT4I+Wdg1tsTpSge9gEz7SrC07EkYmHuPtd71CHiUaCWDv+xVfUQX0aT 146 NPFmDixzUjoYzbGDrtAyCqA8f9CN2txIfJnpHE6q6CmKcoLADS4UrNPlhHSzd614 147 kR/JYiks0K4kbRqCQF0Dv0P5Di+rEfefC6glV8ysC8dB5/9nb0yh/ojRuJGmgMWH 148 gWk6h0ihjihqiu4jACovUZ7vVOCgSE5Ipn7OIwqd93zp2wIDAQABo4HEMIHBMB0G 149 A1UdDgQWBBSsBQ869nh83KqZr5jArr4/7b+QazCBkQYDVR0jBIGJMIGGgBSsBQ86 150 9nh83KqZr5jArr4/7b+Qa6FrpGkwZzELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBl 151 bm5zeWx2YW5pYTETMBEGA1UEBxMKUGl0dHNidXJnaDERMA8GA1UEChMIVGVzdFNo 152 aWIxGTAXBgNVBAMTEGlkcC50ZXN0c2hpYi5vcmeCAQAwDAYDVR0TBAUwAwEB/zAN 153 BgkqhkiG9w0BAQUFAAOCAQEAjR29PhrCbk8qLN5MFfSVk98t3CT9jHZoYxd8QMRL 154 I4j7iYQxXiGJTT1FXs1nd4Rha9un+LqTfeMMYqISdDDI6tv8iNpkOAvZZUosVkUo 155 93pv1T0RPz35hcHHYq2yee59HJOco2bFlcsH8JBXRSRrJ3Q7Eut+z9uo80JdGNJ4 156 /SJy5UorZ8KazGj16lfJhOBXldgrhppQBb0Nq6HKHguqmwRfJ+WkxemZXzhediAj 157 Geka8nz8JjwxpUjAiSWYKLtJhGEaTqCYxCCX2Dw+dOTqUzHOZ7WKv4JXPK5G/Uhr 158 8K/qhmFT2nIQi538n6rVYLeWj8Bbnl+ev0peYzxFyF5sQA== 159 </ds:X509Certificate> 160 </ds:X509Data> 161 </ds:KeyInfo> 162 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> 163 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc" /> 164 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> 165 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> 166 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> 167 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/> 168 </KeyDescriptor> 169 --> 170 171 <!-- new SSL/TLS --> 172 <KeyDescriptor> 173 <ds:KeyInfo> 174 <ds:X509Data> 175 <ds:X509Certificate> 176 MIIDAzCCAeugAwIBAgIVAPX0G6LuoXnKS0Muei006mVSBXbvMA0GCSqGSIb3DQEB 177 CwUAMBsxGTAXBgNVBAMMEGlkcC50ZXN0c2hpYi5vcmcwHhcNMTYwODIzMjEyMDU0 178 WhcNMzYwODIzMjEyMDU0WjAbMRkwFwYDVQQDDBBpZHAudGVzdHNoaWIub3JnMIIB 179 IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9C4J2DiRTEhJAWzPt1S3ryh 180 m3M2P3hPpwJwvt2q948vdTUxhhvNMuc3M3S4WNh6JYBs53R+YmjqJAII4ShMGNEm 181 lGnSVfHorex7IxikpuDPKV3SNf28mCAZbQrX+hWA+ann/uifVzqXktOjs6DdzdBn 182 xoVhniXgC8WCJwKcx6JO/hHsH1rG/0DSDeZFpTTcZHj4S9MlLNUtt5JxRzV/MmmB 183 3ObaX0CMqsSWUOQeE4nylSlp5RWHCnx70cs9kwz5WrflnbnzCeHU2sdbNotBEeTH 184 ot6a2cj/pXlRJIgPsrL/4VSicPZcGYMJMPoLTJ8mdy6mpR6nbCmP7dVbCIm/DQID 185 AQABoz4wPDAdBgNVHQ4EFgQUUfaDa2mPi24x09yWp1OFXmZ2GPswGwYDVR0RBBQw 186 EoIQaWRwLnRlc3RzaGliLm9yZzANBgkqhkiG9w0BAQsFAAOCAQEASKKgqTxhqBzR 187 OZ1eVy++si+eTTUQZU4+8UywSKLia2RattaAPMAcXUjO+3cYOQXLVASdlJtt+8QP 188 dRkfp8SiJemHPXC8BES83pogJPYEGJsKo19l4XFJHPnPy+Dsn3mlJyOfAa8RyWBS 189 80u5lrvAcr2TJXt9fXgkYs7BOCigxtZoR8flceGRlAZ4p5FPPxQR6NDYb645jtOT 190 MVr3zgfjP6Wh2dt+2p04LG7ENJn8/gEwtXVuXCsPoSCDx9Y0QmyXTJNdV1aB0AhO 191 RkWPlFYwp+zOyOIR+3m1+pqWFpn0eT/HrxpdKa74FA3R2kq4R7dXe4G0kUgXTdqX 192 MLRKhDgdmA== 193 </ds:X509Certificate> 194 </ds:X509Data> 195 </ds:KeyInfo> 196 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> 197 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc" /> 198 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> 199 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> 200 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> 201 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/> 202 </KeyDescriptor> 203 204 <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" 205 Location="https://idp.testshib.org:8443/idp/profile/SAML1/SOAP/AttributeQuery"/> 206 <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" 207 Location="https://idp.testshib.org:8443/idp/profile/SAML2/SOAP/AttributeQuery"/> 208 209 <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat> 210 <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> 211 212 </AttributeAuthorityDescriptor> 213 214 <Organization> 215 <OrganizationName xml:lang="en">TestShib Two Identity Provider</OrganizationName> 216 <OrganizationDisplayName xml:lang="en">TestShib Two</OrganizationDisplayName> 217 <OrganizationURL xml:lang="en">http://www.testshib.org/testshib-two/</OrganizationURL> 218 </Organization> 219 <ContactPerson contactType="technical"> 220 <GivenName>Nate</GivenName> 221 <SurName>Klingenstein</SurName> 222 <EmailAddress>ndk@internet2.edu</EmailAddress> 223 </ContactPerson> 224 </EntityDescriptor> 225 226 <!-- = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = --> 227 <!-- Metadata for SP.TESTSHIB.ORG --> 228 <!-- = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = --> 229 230 <EntityDescriptor entityID="https://sp.testshib.org/shibboleth-sp"> 231 232 <Extensions> 233 <mdalg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> 234 <mdalg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> 235 <mdalg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> 236 <mdalg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> 237 <mdalg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> 238 <mdalg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> 239 <mdalg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> 240 <mdalg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> 241 <mdalg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> 242 <mdalg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> 243 <mdalg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> 244 <mdalg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> 245 <mdalg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> 246 <mdalg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> 247 <mdalg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> 248 <mdalg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> 249 </Extensions> 250 251 252 <!-- An SP supporting SAML 1 and 2 contains this element with protocol support as shown. --> 253 <SPSSODescriptor 254 protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol http://schemas.xmlsoap.org/ws/2003/07/secext"> 255 256 <Extensions> 257 <!-- A request initiator at /Testshib that you can use to customize authentication requests issued to your IdP by TestShib. --> 258 <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp.testshib.org/Shibboleth.sso/TestShib"/> 259 260 <mdui:UIInfo> 261 <mdui:DisplayName xml:lang="en">TestShib Test SP</mdui:DisplayName> 262 <mdui:Description xml:lang="en">TestShib SP. Log into this to test your machine. 263 Once logged in check that all attributes that you expected have been 264 released.</mdui:Description> 265 <mdui:Logo height="88" width="253">https://www.testshib.org/testshibtwo.jpg</mdui:Logo> 266 </mdui:UIInfo> 267 </Extensions> 268 269 <KeyDescriptor> 270 <ds:KeyInfo> 271 <ds:X509Data> 272 <ds:X509Certificate> 273 MIIEPjCCAyagAwIBAgIBADANBgkqhkiG9w0BAQUFADB3MQswCQYDVQQGEwJVUzEV 274 MBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1cmdoMSIwIAYD 275 VQQKExlUZXN0U2hpYiBTZXJ2aWNlIFByb3ZpZGVyMRgwFgYDVQQDEw9zcC50ZXN0 276 c2hpYi5vcmcwHhcNMDYwODMwMjEyNDM5WhcNMTYwODI3MjEyNDM5WjB3MQswCQYD 277 VQQGEwJVUzEVMBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1 278 cmdoMSIwIAYDVQQKExlUZXN0U2hpYiBTZXJ2aWNlIFByb3ZpZGVyMRgwFgYDVQQD 279 Ew9zcC50ZXN0c2hpYi5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB 280 AQDJyR6ZP6MXkQ9z6RRziT0AuCabDd3x1m7nLO9ZRPbr0v1LsU+nnC363jO8nGEq 281 sqkgiZ/bSsO5lvjEt4ehff57ERio2Qk9cYw8XCgmYccVXKH9M+QVO1MQwErNobWb 282 AjiVkuhWcwLWQwTDBowfKXI87SA7KR7sFUymNx5z1aoRvk3GM++tiPY6u4shy8c7 283 vpWbVfisfTfvef/y+galxjPUQYHmegu7vCbjYP3On0V7/Ivzr+r2aPhp8egxt00Q 284 XpilNai12LBYV3Nv/lMsUzBeB7+CdXRVjZOHGuQ8mGqEbsj8MBXvcxIKbcpeK5Zi 285 JCVXPfarzuriM1G5y5QkKW+LAgMBAAGjgdQwgdEwHQYDVR0OBBYEFKB6wPDxwYrY 286 StNjU5P4b4AjBVQVMIGhBgNVHSMEgZkwgZaAFKB6wPDxwYrYStNjU5P4b4AjBVQV 287 oXukeTB3MQswCQYDVQQGEwJVUzEVMBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYD 288 VQQHEwpQaXR0c2J1cmdoMSIwIAYDVQQKExlUZXN0U2hpYiBTZXJ2aWNlIFByb3Zp 289 ZGVyMRgwFgYDVQQDEw9zcC50ZXN0c2hpYi5vcmeCAQAwDAYDVR0TBAUwAwEB/zAN 290 BgkqhkiG9w0BAQUFAAOCAQEAc06Kgt7ZP6g2TIZgMbFxg6vKwvDL0+2dzF11Onpl 291 5sbtkPaNIcj24lQ4vajCrrGKdzHXo9m54BzrdRJ7xDYtw0dbu37l1IZVmiZr12eE 292 Iay/5YMU+aWP1z70h867ZQ7/7Y4HW345rdiS6EW663oH732wSYNt9kr7/0Uer3KD 293 9CuPuOidBacospDaFyfsaJruE99Kd6Eu/w5KLAGG+m0iqENCziDGzVA47TngKz2v 294 PVA+aokoOyoz3b53qeti77ijatSEoKjxheBWpO+eoJeGq/e49Um3M2ogIX/JAlMa 295 Inh+vYSYngQB2sx9LGkR9KHaMKNIGCDehk93Xla4pWJx1w== 296 </ds:X509Certificate> 297 </ds:X509Data> 298 </ds:KeyInfo> 299 <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> 300 <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> 301 <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> 302 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> 303 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> 304 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> 305 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> 306 <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/> 307 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> 308 </KeyDescriptor> 309 310 <!-- This tells IdPs that Single Logout is supported and where/how to request it. --> 311 312 <SingleLogoutService Location="https://sp.testshib.org/Shibboleth.sso/SLO/SOAP" 313 Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"/> 314 <SingleLogoutService Location="https://sp.testshib.org/Shibboleth.sso/SLO/Redirect" 315 Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"/> 316 <SingleLogoutService Location="https://sp.testshib.org/Shibboleth.sso/SLO/POST" 317 Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"/> 318 <SingleLogoutService Location="https://sp.testshib.org/Shibboleth.sso/SLO/Artifact" 319 Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"/> 320 321 322 <!-- This tells IdPs that you only need transient identifiers. --> 323 <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> 324 <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat> 325 326 <!-- 327 This tells IdPs where and how to send authentication assertions. Mostly 328 the SP will tell the IdP what location to use in its request, but this 329 is how the IdP validates the location and also figures out which 330 SAML version/binding to use. 331 --> 332 333 <AssertionConsumerService index="1" isDefault="true" 334 Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" 335 Location="https://sp.testshib.org/Shibboleth.sso/SAML2/POST"/> 336 <AssertionConsumerService index="2" 337 Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" 338 Location="https://sp.testshib.org/Shibboleth.sso/SAML2/POST-SimpleSign"/> 339 <AssertionConsumerService index="3" 340 Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" 341 Location="https://sp.testshib.org/Shibboleth.sso/SAML2/Artifact"/> 342 <AssertionConsumerService index="4" 343 Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" 344 Location="https://sp.testshib.org/Shibboleth.sso/SAML/POST"/> 345 <AssertionConsumerService index="5" 346 Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" 347 Location="https://sp.testshib.org/Shibboleth.sso/SAML/Artifact"/> 348 <AssertionConsumerService index="6" 349 Binding="http://schemas.xmlsoap.org/ws/2003/07/secext" 350 Location="https://sp.testshib.org/Shibboleth.sso/ADFS"/> 351 352 <!-- A couple additional assertion consumers for the registration webapp. --> 353 354 <AssertionConsumerService index="7" 355 Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" 356 Location="https://www.testshib.org/Shibboleth.sso/SAML2/POST"/> 357 <AssertionConsumerService index="8" 358 Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" 359 Location="https://www.testshib.org/Shibboleth.sso/SAML/POST"/> 360 361 </SPSSODescriptor> 362 363 <!-- This is just information about the entity in human terms. --> 364 <Organization> 365 <OrganizationName xml:lang="en">TestShib Two Service Provider</OrganizationName> 366 <OrganizationDisplayName xml:lang="en">TestShib Two</OrganizationDisplayName> 367 <OrganizationURL xml:lang="en">http://www.testshib.org/testshib-two/</OrganizationURL> 368 </Organization> 369 <ContactPerson contactType="technical"> 370 <GivenName>Nate</GivenName> 371 <SurName>Klingenstein</SurName> 372 <EmailAddress>ndk@internet2.edu</EmailAddress> 373 </ContactPerson> 374 375 </EntityDescriptor> 376 377 378 </EntitiesDescriptor>