SAML 2.0 IdP metadata

Her er metadata som SimpleSAMLphp har generert for deg. Du må utveksle metadata med de partene du stoler på for å sette opp en føderasjon.

Du kan nå metadata i XML-format på en dedikert URL:

https://kaguya-system-saml.work/saml/saml2/idp/metadata.php

Metadata

I SAML 2.0 Metadata XML Format:

<?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://kaguya-system-saml.work/saml/saml2/idp/metadata.php">
  <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    <md:KeyDescriptor use="signing">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
          <ds:X509Certificate>MIIDMzCCAhugAwIBAgIJALVOccbhOSK+MA0GCSqGSIb3DQEBCwUAMDAxCzAJBgNVBAYTAkpQMRAwDgYDVQQIDAdTYWl0YW1hMQ8wDQYDVQQDDAZrYWd1eWEwHhcNMjAwODI4MDcwMjAwWhcNMzAwODI4MDcwMjAwWjAwMQswCQYDVQQGEwJKUDEQMA4GA1UECAwHU2FpdGFtYTEPMA0GA1UEAwwGa2FndXlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0kiALPK50saMK5wJYROa9Jo0G67Op7uKzj/IjLz/gr7d0bSl/cYA8fYAWLK1UjRyGiOp4FNZU5clR1ReG88jF934uoxwZMT/29dR3KL0Obs2bkTzPEbfBk7n8CCPlFAwpRsKqlH+FYBSyjmRuD6TENgjNHB+cGhLl/vb+iQuTtg7KRMR36+yfBlsTGgeHh6BFMaxEy84+Y1wi/UpUBUqvEu00XcfMEEilwRuxj2JDflO+54AYZ86KieDQQZSK7hmDa8MW28Cx5Jgzzmzc3qxCy2VfdfrlTL5jrp1d2nEni7DACy0AsPM8z7Buip9g1KMmmqbRoEgbYn5TfcUJiTWQIDAQABo1AwTjAdBgNVHQ4EFgQULE93ehjgK0QgcucIrsJHcyqBgpcwHwYDVR0jBBgwFoAULE93ehjgK0QgcucIrsJHcyqBgpcwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAMsJqdW+3F5cvq7lNo9XP2haf3JqH3wpk0VoLEd7OG6CIxkkV4AtkIP5YJBbVehlrLsBkeV8IOocc7+SMoFPNKC5QjcNfAg8SYuAanu4yWEZSUT9tHWukWqPKTPkaJGlr5lf2GskOO+2bTwVInA1JRR1J936i4nb2aZFQBrZm6mXbThlhMW1vVMddaFctg1hqnc26CGIOvytjBr46aOE/Wt5VSEGuwYuGPaZ4B1nGysOGJq/wZDyRaBzefmk1Yyr+ktN8/ch5zqGRdSk8BvInT1iJXBcRgfr5gqYFq4FMV7c3rjDD/5VCtq1mT+9gFYvlDApIjSWL61PYwaNa1SvgYA==</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:KeyDescriptor use="encryption">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
          <ds:X509Certificate>MIIDMzCCAhugAwIBAgIJALVOccbhOSK+MA0GCSqGSIb3DQEBCwUAMDAxCzAJBgNVBAYTAkpQMRAwDgYDVQQIDAdTYWl0YW1hMQ8wDQYDVQQDDAZrYWd1eWEwHhcNMjAwODI4MDcwMjAwWhcNMzAwODI4MDcwMjAwWjAwMQswCQYDVQQGEwJKUDEQMA4GA1UECAwHU2FpdGFtYTEPMA0GA1UEAwwGa2FndXlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0kiALPK50saMK5wJYROa9Jo0G67Op7uKzj/IjLz/gr7d0bSl/cYA8fYAWLK1UjRyGiOp4FNZU5clR1ReG88jF934uoxwZMT/29dR3KL0Obs2bkTzPEbfBk7n8CCPlFAwpRsKqlH+FYBSyjmRuD6TENgjNHB+cGhLl/vb+iQuTtg7KRMR36+yfBlsTGgeHh6BFMaxEy84+Y1wi/UpUBUqvEu00XcfMEEilwRuxj2JDflO+54AYZ86KieDQQZSK7hmDa8MW28Cx5Jgzzmzc3qxCy2VfdfrlTL5jrp1d2nEni7DACy0AsPM8z7Buip9g1KMmmqbRoEgbYn5TfcUJiTWQIDAQABo1AwTjAdBgNVHQ4EFgQULE93ehjgK0QgcucIrsJHcyqBgpcwHwYDVR0jBBgwFoAULE93ehjgK0QgcucIrsJHcyqBgpcwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAMsJqdW+3F5cvq7lNo9XP2haf3JqH3wpk0VoLEd7OG6CIxkkV4AtkIP5YJBbVehlrLsBkeV8IOocc7+SMoFPNKC5QjcNfAg8SYuAanu4yWEZSUT9tHWukWqPKTPkaJGlr5lf2GskOO+2bTwVInA1JRR1J936i4nb2aZFQBrZm6mXbThlhMW1vVMddaFctg1hqnc26CGIOvytjBr46aOE/Wt5VSEGuwYuGPaZ4B1nGysOGJq/wZDyRaBzefmk1Yyr+ktN8/ch5zqGRdSk8BvInT1iJXBcRgfr5gqYFq4FMV7c3rjDD/5VCtq1mT+9gFYvlDApIjSWL61PYwaNa1SvgYA==</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kaguya-system-saml.work/saml/saml2/idp/SingleLogoutService.php"/>
    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
    <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kaguya-system-saml.work/saml/saml2/idp/SSOService.php"/>
  </md:IDPSSODescriptor>
</md:EntityDescriptor>

I SimpleSAMLphp format - bruk denne dersom du benytter SimpleSAMLphp i den andre enden:

$metadata['https://kaguya-system-saml.work/saml/saml2/idp/metadata.php'] = array (
  'metadata-set' => 'saml20-idp-remote',
  'entityid' => 'https://kaguya-system-saml.work/saml/saml2/idp/metadata.php',
  'SingleSignOnService' => 
  array (
    0 => 
    array (
      'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
      'Location' => 'https://kaguya-system-saml.work/saml/saml2/idp/SSOService.php',
    ),
  ),
  'SingleLogoutService' => 
  array (
    0 => 
    array (
      'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
      'Location' => 'https://kaguya-system-saml.work/saml/saml2/idp/SingleLogoutService.php',
    ),
  ),
  'certData' => 'MIIDMzCCAhugAwIBAgIJALVOccbhOSK+MA0GCSqGSIb3DQEBCwUAMDAxCzAJBgNVBAYTAkpQMRAwDgYDVQQIDAdTYWl0YW1hMQ8wDQYDVQQDDAZrYWd1eWEwHhcNMjAwODI4MDcwMjAwWhcNMzAwODI4MDcwMjAwWjAwMQswCQYDVQQGEwJKUDEQMA4GA1UECAwHU2FpdGFtYTEPMA0GA1UEAwwGa2FndXlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0kiALPK50saMK5wJYROa9Jo0G67Op7uKzj/IjLz/gr7d0bSl/cYA8fYAWLK1UjRyGiOp4FNZU5clR1ReG88jF934uoxwZMT/29dR3KL0Obs2bkTzPEbfBk7n8CCPlFAwpRsKqlH+FYBSyjmRuD6TENgjNHB+cGhLl/vb+iQuTtg7KRMR36+yfBlsTGgeHh6BFMaxEy84+Y1wi/UpUBUqvEu00XcfMEEilwRuxj2JDflO+54AYZ86KieDQQZSK7hmDa8MW28Cx5Jgzzmzc3qxCy2VfdfrlTL5jrp1d2nEni7DACy0AsPM8z7Buip9g1KMmmqbRoEgbYn5TfcUJiTWQIDAQABo1AwTjAdBgNVHQ4EFgQULE93ehjgK0QgcucIrsJHcyqBgpcwHwYDVR0jBBgwFoAULE93ehjgK0QgcucIrsJHcyqBgpcwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAMsJqdW+3F5cvq7lNo9XP2haf3JqH3wpk0VoLEd7OG6CIxkkV4AtkIP5YJBbVehlrLsBkeV8IOocc7+SMoFPNKC5QjcNfAg8SYuAanu4yWEZSUT9tHWukWqPKTPkaJGlr5lf2GskOO+2bTwVInA1JRR1J936i4nb2aZFQBrZm6mXbThlhMW1vVMddaFctg1hqnc26CGIOvytjBr46aOE/Wt5VSEGuwYuGPaZ4B1nGysOGJq/wZDyRaBzefmk1Yyr+ktN8/ch5zqGRdSk8BvInT1iJXBcRgfr5gqYFq4FMV7c3rjDD/5VCtq1mT+9gFYvlDApIjSWL61PYwaNa1SvgYA==',
  'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
);

Sertifikater

Last ned X509-sertifikatene som PEM-filer.

idp.crt