1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
<!--  idp5 -->    
 <md:EntityDescriptor entityID="https://idp5.test.portalverbund.gv.at/idp.xml"
     xmlns="urn:oasis:names:tc:SAML:2.0:metadata"              
    xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"           
    xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"   
    xmlns:disco="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" 
    xmlns:ds="http://www.w3.org/2000/09/xmldsig#"             
    xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" 
    xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi"        
    xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"          
    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"        
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>
    <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
            <alg:SigningMethod MinKeySize="256" MaxKeySize="511" Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
            <alg:SigningMethod MinKeySize="2048" MaxKeySize="4096" Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <!-- blacklisted: http://www.w3.org/2000/09/xmldsig#rsa-sha1 -->
            <mdui:UIInfo>
                <mdui:DisplayName xml:lang="de">idp5.test.portalverbund.gv.at</mdui:DisplayName>
                <mdui:Description xml:lang="de">
                    Simple Shibboleth testidp in der Domaene test.portalverbund.gv.at
                </mdui:Description>
                <mdui:Logo xml:lang="en" height="70" width="79">https://www.portalverbund.at/sites/www.portalverbund.at/img/logo.png</mdui:Logo>
            </mdui:UIInfo>
            <mdui:DiscoHints>
                <mdui:DomainHint>portalverbund.at</mdui:DomainHint>
                <mdui:IPHint>81.217.70.0/24</mdui:IPHint>
                <mdui:GeolocationHint>geo:48.3308/16.0516</mdui:GeolocationHint>
            </mdui:DiscoHints>
        </md:Extensions>       
        <md:KeyDescriptor>
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>
                        MIIDYTCCAkmgAwIBAgIVALBRJQlk5mmHINIv4nG85tvt5+zuMA0GCSqGSIb3DQEB
                        BQUAMCgxJjAkBgNVBAMTHWlkcDUudGVzdC5wb3J0YWx2ZXJidW5kLmd2LmF0MB4X
                        DTEzMTIwNjIwMjU1NloXDTMzMTIwNjIwMjU1NlowKDEmMCQGA1UEAxMdaWRwNS50
                        ZXN0LnBvcnRhbHZlcmJ1bmQuZ3YuYXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
                        ggEKAoIBAQD+NqSnrphksvBpiJY3ThjsrDCg4fz/timeTRUQ29rPe6jq99QHIuvo
                        40dGyCpC67g331abEdfw4m1zYQDNM+fG3RYcYFQynB0Y7qds4ySkACwAOhrU3sA/
                        StSxmTHdiBTb/heWNo+gklpOFHaCKxN9WqcXpEldI+n0c+vQeqQPoNUvB2sS+Mvs
                        G9Xny/xeaxTdUfCZMyg6dVDVzDESgQy1EuiAJSl3cnFO0IxJ6SxRpmc8adUO+a2C
                        ByjzxtVNAkwkdV+ZQFl/mqCIhLP7nYUP8Qd8O/8z5QavH3DfYWV/2+7p19tWQdaP
                        VvGpaBwnYscJIFzV9LeaCuYSqLAqUxtDAgMBAAGjgYEwfzBeBgNVHREEVzBVgh1p
                        ZHA1LnRlc3QucG9ydGFsdmVyYnVuZC5ndi5hdIY0aHR0cHM6Ly9pZHA1LnRlc3Qu
                        cG9ydGFsdmVyYnVuZC5ndi5hdC9pZHAvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUv5/b
                        HspHaCZobo6MTBS0O2fx6uAwDQYJKoZIhvcNAQEFBQADggEBANZdzfBalA/Hkuoc
                        oOCj3zq4zRtNezoF7o75UR1KR4ajzfOpGF5IRH+yENU05VoUEv0+y0wahbKkEIsl
                        5c7nYyRCrsmpFB5aDfv9osYtuLBACoQW5Ki9BUMJnFOoZ7PicZAR2QI7VSnuM7Ny
                        C806efNcznoNIqIqxvBh0ByuKzgnlqhx2jRJLJO/iFFWLA6o9JEFCihNssPyRPs1
                        hKj9Fn8+GZwUnWjM+q/SdsjAB3cT5dHCnq8v/7/OMZfRHWphMnp+dVvw/9YaS1QE
                        K92zGXm7EFar8IgJ+EPsmyLogjgvY7bbHuFJmm3FLibLMow0lniUQcaZQBHqCOrT
                        d3bfksE=
                        <!--
                        Certificate:
                            Data:
                                Version: 3 (0x2)
                                Serial Number:
                                    b0:51:25:09:64:e6:69:87:20:d2:2f:e2:71:bc:e6:db:ed:e7:ec:ee
                            Signature Algorithm: sha1WithRSAEncryption
                                Issuer: CN=idp5.test.portalverbund.gv.at
                                Validity
                                    Not Before: Dec  6 20:25:56 2013 GMT
                                    Not After : Dec  6 20:25:56 2033 GMT
                                Subject: CN=idp5.test.portalverbund.gv.at
                        -->
                    </ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp5.test.portalverbund.gv.at:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp5.test.portalverbund.gv.at/idp/profile/SAML2/POST/SSO"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp5.test.portalverbund.gv.at/idp/profile/SAML2/Redirect/SSO"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="de">AG-IZ PVP2 SAML Testfederation</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="de">AG-IZ PVP2 SAML Test Federation</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="de">http://www.portalverbund.at</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="technical">
        <md:GivenName>Rainer</md:GivenName>
        <md:SurName>Hoerbe</md:SurName>
        <md:EmailAddress>rainer@hoerbe.at</md:EmailAddress>
        <md:TelephoneNumber>+43 000 9999 0000</md:TelephoneNumber>
    </md:ContactPerson>
 </md:EntityDescriptor>