1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
<EntityDescriptor entityID="https://idp2.iay.org.uk/idp/shibboleth"
    xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:shibmeta="urn:mace:shibboleth:metadata:1.0"
    xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
    <Extensions>
        <shibmeta:Scope regexp="false">iay.org.uk</shibmeta:Scope>
    </Extensions>
    <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:2.0:protocol">
        <Extensions>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">SDSS (Fountainhall)</mdui:DisplayName>
                <mdui:Description xml:lang="en">This is the identity provider for the iay.org.uk domain.</mdui:Description>
                <mdui:Logo height="80" width="80">https://idp2.iay.org.uk/images/heads_80x80.jpg</mdui:Logo>
                <mdui:Logo height="43" width="100">https://idp2.iay.org.uk/images/heads_100x43.jpg</mdui:Logo>
                <mdui:Logo height="104" width="240">https://idp2.iay.org.uk/images/heads_240x104.jpg</mdui:Logo>
            </mdui:UIInfo>
            <mdui:DiscoHints xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:IPHint>217.155.173.104/29</mdui:IPHint>
                <mdui:DomainHint>iay.org.uk</mdui:DomainHint>
                <mdui:GeolocationHint>geo:55.9328,-3.17905</mdui:GeolocationHint>
            </mdui:DiscoHints>
        </Extensions>
        <KeyDescriptor>
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>
                        MIIDSTCCAjGgAwIBAgIhAMSPOSGN+3UUTXSKV+2EBOuF3x/pwPX/TD9GfyEkzLp+
                        MA0GCSqGSIb3DQEBBQUAMFgxGDAWBgNVBAMMD2lkcDIuaWF5Lm9yZy51azETMBEG
                        CgmSJomT8ixkARkWA2lheTETMBEGCgmSJomT8ixkARkWA29yZzESMBAGCgmSJomT
                        8ixkARkWAnVrMB4XDTA4MDIyNTEwMzAxNFoXDTI4MDIyNTEwMzAxNFowWDEYMBYG
                        A1UEAwwPaWRwMi5pYXkub3JnLnVrMRMwEQYKCZImiZPyLGQBGRYDaWF5MRMwEQYK
                        CZImiZPyLGQBGRYDb3JnMRIwEAYKCZImiZPyLGQBGRYCdWswggEiMA0GCSqGSIb3
                        DQEBAQUAA4IBDwAwggEKAoIBAQCb6ts48g10XHTnpy+23huzR184aahkrG0AoeUl
                        FVlomPjoFDk6czq0S3Qyd+ceF7tMRu3XzS7cMmtVH53O9d+wCs8aPQcPXxHQ5gLk
                        L7Gu6eJ+3N3jXhpt7/DDPhnzFPNW3EVMueHJ/0IzyspTvq2LPbNWXJ86NKJ+gesZ
                        QftskwXScOjpoJEIP0EA890QYd4WdYtQPqVV+LPKtnYBoGOnuRhSAM1D/EhCbeb0
                        lCmRGcdGbDFBchiPO4VLGl85sLa0EhjxMIPAOKXcj8bBlO9Ww9kkG06kQp6eLHwm
                        Jmt7VNKveCGhyF2QH/CvmdUaPv3gcp1UjrlqFN9LBVSaTIL/AgMBAAEwDQYJKoZI
                        hvcNAQEFBQADggEBAG+jDBAtlKoHaEBB+l6PpW5zuiDjyHG4zZZYqX77mZ9xP/xe
                        Kn0yJ18ZLjS3b9WztGLYyC4SJHSF2okq1K02bqsCv9YeP+UWpw2uRR8jt96lLWxZ
                        jTjoko2v8jBtzDk8LZsqw58m4vZ0AGNZjKeGIywKhxnepwREguyj3bjBpZAGgl0M
                        HQuXoO/BDC9yKyZslE5CpWp5xP4XzY2/LrorrkwOJLnFuk1sox4/gvkDQukUx/jr
                        YRbrWfOjcNBx3LE/HI6RNLINicK7yUwerDE86nix5Zc3hskVcCykW+r6HbY6bx7P
                        YmNKYMZhQAgDtXIjFHOy+WbyVTidmJvxM9UeYCY=
                    </ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </KeyDescriptor>

        <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
            Location="https://idp2.iay.org.uk:8443/idp/profile/SAML1/SOAP/ArtifactResolution" 
            index="1"/>
        <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
            Location="https://idp2.iay.org.uk:8443/idp/profile/SAML2/SOAP/ArtifactResolution" 
            index="2"/>

        <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>

        <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" 
            Location="https://idp2.iay.org.uk/idp/profile/Shibboleth/SSO" />
        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" 
            Location="https://idp2.iay.org.uk/idp/profile/SAML2/POST/SSO" />
        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" 
            Location="https://idp2.iay.org.uk/idp/profile/SAML2/POST-SimpleSign/SSO" />
        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" 
            Location="https://idp2.iay.org.uk/idp/profile/SAML2/Redirect/SSO" />
    </IDPSSODescriptor>
    <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
        <KeyDescriptor>
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>
                        MIIDSTCCAjGgAwIBAgIhAMSPOSGN+3UUTXSKV+2EBOuF3x/pwPX/TD9GfyEkzLp+
                        MA0GCSqGSIb3DQEBBQUAMFgxGDAWBgNVBAMMD2lkcDIuaWF5Lm9yZy51azETMBEG
                        CgmSJomT8ixkARkWA2lheTETMBEGCgmSJomT8ixkARkWA29yZzESMBAGCgmSJomT
                        8ixkARkWAnVrMB4XDTA4MDIyNTEwMzAxNFoXDTI4MDIyNTEwMzAxNFowWDEYMBYG
                        A1UEAwwPaWRwMi5pYXkub3JnLnVrMRMwEQYKCZImiZPyLGQBGRYDaWF5MRMwEQYK
                        CZImiZPyLGQBGRYDb3JnMRIwEAYKCZImiZPyLGQBGRYCdWswggEiMA0GCSqGSIb3
                        DQEBAQUAA4IBDwAwggEKAoIBAQCb6ts48g10XHTnpy+23huzR184aahkrG0AoeUl
                        FVlomPjoFDk6czq0S3Qyd+ceF7tMRu3XzS7cMmtVH53O9d+wCs8aPQcPXxHQ5gLk
                        L7Gu6eJ+3N3jXhpt7/DDPhnzFPNW3EVMueHJ/0IzyspTvq2LPbNWXJ86NKJ+gesZ
                        QftskwXScOjpoJEIP0EA890QYd4WdYtQPqVV+LPKtnYBoGOnuRhSAM1D/EhCbeb0
                        lCmRGcdGbDFBchiPO4VLGl85sLa0EhjxMIPAOKXcj8bBlO9Ww9kkG06kQp6eLHwm
                        Jmt7VNKveCGhyF2QH/CvmdUaPv3gcp1UjrlqFN9LBVSaTIL/AgMBAAEwDQYJKoZI
                        hvcNAQEFBQADggEBAG+jDBAtlKoHaEBB+l6PpW5zuiDjyHG4zZZYqX77mZ9xP/xe
                        Kn0yJ18ZLjS3b9WztGLYyC4SJHSF2okq1K02bqsCv9YeP+UWpw2uRR8jt96lLWxZ
                        jTjoko2v8jBtzDk8LZsqw58m4vZ0AGNZjKeGIywKhxnepwREguyj3bjBpZAGgl0M
                        HQuXoO/BDC9yKyZslE5CpWp5xP4XzY2/LrorrkwOJLnFuk1sox4/gvkDQukUx/jr
                        YRbrWfOjcNBx3LE/HI6RNLINicK7yUwerDE86nix5Zc3hskVcCykW+r6HbY6bx7P
                        YmNKYMZhQAgDtXIjFHOy+WbyVTidmJvxM9UeYCY=
                    </ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </KeyDescriptor>

        <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" 
            Location="https://idp2.iay.org.uk:8443/idp/profile/SAML1/SOAP/AttributeQuery" />
        <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
            Location="https://idp2.iay.org.uk:8443/idp/profile/SAML2/SOAP/AttributeQuery" />

        <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>    
    </AttributeAuthorityDescriptor>
    <Organization>
        <OrganizationName xml:lang="en">Ian A. Young</OrganizationName>
        <OrganizationDisplayName xml:lang="en">SDSS (Fountainhall)</OrganizationDisplayName>
        <OrganizationURL xml:lang="en">http://iay.org.uk/</OrganizationURL>
    </Organization>
    <ContactPerson contactType="support">
        <GivenName>Ian</GivenName>
        <SurName>Young</SurName>
        <EmailAddress>mailto:ukfed@iay.org.uk</EmailAddress>
    </ContactPerson>
    <ContactPerson contactType="technical">
        <GivenName>Ian</GivenName>
        <SurName>Young</SurName>
        <EmailAddress>mailto:ukfed@iay.org.uk</EmailAddress>
    </ContactPerson>
    <ContactPerson contactType="administrative">
        <GivenName>Ian</GivenName>
        <SurName>Young</SurName>
        <EmailAddress>mailto:ian@iay.org.uk</EmailAddress>
    </ContactPerson>
</EntityDescriptor>