1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
<?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://am-proxy.pilots.aarc-project.eu/ssp/module.php/saml/sp/metadata.php/proxy">
  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol" AuthnRequestsSigned="true">
    <md:Extensions>
      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
        <mdui:DisplayName xml:lang="en">AARC Attribute Management Pilot SP Proxy</mdui:DisplayName>
        <mdui:Description xml:lang="en">This is the SP Proxy for the AARC Attribute Management Pilot</mdui:Description>
        <mdui:InformationURL xml:lang="en">https://wiki.geant.org/display/AARC/SA1.2+Attribute+Management</mdui:InformationURL>
        <mdui:PrivacyStatementURL xml:lang="en">https://am-proxy.pilots.aarc-project.eu/privacy/en</mdui:PrivacyStatementURL>
      </mdui:UIInfo>
    </md:Extensions>
    <md:KeyDescriptor use="signing">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
          <ds:X509Certificate>MIIDJzCCAg+gAwIBAgIJALK4h6xaJ68EMA0GCSqGSIb3DQEBCwUAMCoxKDAmBgNVBAMMH2FtLXByb3h5LnBpbG90cy5hYXJjLXByb2plY3QuZXUwHhcNMTYwMTI0MjA1NzM4WhcNMjYwMTIzMjA1NzM4WjAqMSgwJgYDVQQDDB9hbS1wcm94eS5waWxvdHMuYWFyYy1wcm9qZWN0LmV1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkZgn30JcyHf4gTuaHcRNpBh2Isk5TIt2kUeXpZjhkB7NdandJy4jEWK/jrZa9Si7uopr7qRTMYVqDRshRsoL/RsA5pKPR+FVD3XuWEvg1141SIzk5k0+HHz1cxw+6ePjI4Mg19cR00nWqFaEi9twXJC4Ta8KzJAZz6ZSYwHn7/TFXfkcd+E/YB8GctmZTDv4sN8UEC5Sr8nhamAu5acIMtVLjw+2fHZmLb7nQ7FkLqJiPUzsaclW+Zc5cPtnx1wsE8eHRcCv+OcLmsLlyMfh5fvXPvPfIYtn9KbbCyibcbNFQWfz+izv+xEaSQOf2Wrjy2Q50OG/Ze/p96gyZu+KwIDAQABo1AwTjAdBgNVHQ4EFgQUeUM7O5B3xkt1b6RwNVBHCF+6csIwHwYDVR0jBBgwFoAUeUM7O5B3xkt1b6RwNVBHCF+6csIwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAO6N2Lp00X/kBoZkj7TJ29DNVYIGA+jishWncVde8FFANSjDkOtA4ENuQHBCmf2zHjDXUT+tmOGnui0SFtGc27u1Kc54e9kEKXsqBYzX4IUhv8KuoXOsP+ajaZBKMJcIKifGqCKLNVlnp3J2pNEtgtbmGhHV6Vom8rXPgReQ6NkSkBAqo2h3/Ca4m3uRP2TmShUWTco7fFQzsTtNksTYRi9heMqOR3AI35SyvXXTfMenssA7+PT41ABBOzjMyP18vLcqgOgdXa4xOjIAoDKAW5m6YP9rpGkfQbNGPn9Iqg8hGHTTpoLMEPw9wF1mywfrC886/4U0jhJ0s0P7H4e67Ow==</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:KeyDescriptor use="encryption">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
          <ds:X509Certificate>MIIDJzCCAg+gAwIBAgIJALK4h6xaJ68EMA0GCSqGSIb3DQEBCwUAMCoxKDAmBgNVBAMMH2FtLXByb3h5LnBpbG90cy5hYXJjLXByb2plY3QuZXUwHhcNMTYwMTI0MjA1NzM4WhcNMjYwMTIzMjA1NzM4WjAqMSgwJgYDVQQDDB9hbS1wcm94eS5waWxvdHMuYWFyYy1wcm9qZWN0LmV1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkZgn30JcyHf4gTuaHcRNpBh2Isk5TIt2kUeXpZjhkB7NdandJy4jEWK/jrZa9Si7uopr7qRTMYVqDRshRsoL/RsA5pKPR+FVD3XuWEvg1141SIzk5k0+HHz1cxw+6ePjI4Mg19cR00nWqFaEi9twXJC4Ta8KzJAZz6ZSYwHn7/TFXfkcd+E/YB8GctmZTDv4sN8UEC5Sr8nhamAu5acIMtVLjw+2fHZmLb7nQ7FkLqJiPUzsaclW+Zc5cPtnx1wsE8eHRcCv+OcLmsLlyMfh5fvXPvPfIYtn9KbbCyibcbNFQWfz+izv+xEaSQOf2Wrjy2Q50OG/Ze/p96gyZu+KwIDAQABo1AwTjAdBgNVHQ4EFgQUeUM7O5B3xkt1b6RwNVBHCF+6csIwHwYDVR0jBBgwFoAUeUM7O5B3xkt1b6RwNVBHCF+6csIwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAO6N2Lp00X/kBoZkj7TJ29DNVYIGA+jishWncVde8FFANSjDkOtA4ENuQHBCmf2zHjDXUT+tmOGnui0SFtGc27u1Kc54e9kEKXsqBYzX4IUhv8KuoXOsP+ajaZBKMJcIKifGqCKLNVlnp3J2pNEtgtbmGhHV6Vom8rXPgReQ6NkSkBAqo2h3/Ca4m3uRP2TmShUWTco7fFQzsTtNksTYRi9heMqOR3AI35SyvXXTfMenssA7+PT41ABBOzjMyP18vLcqgOgdXa4xOjIAoDKAW5m6YP9rpGkfQbNGPn9Iqg8hGHTTpoLMEPw9wF1mywfrC886/4U0jhJ0s0P7H4e67Ow==</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://am-proxy.pilots.aarc-project.eu/ssp/module.php/saml/sp/saml2-logout.php/proxy"/>
    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://am-proxy.pilots.aarc-project.eu/ssp/module.php/saml/sp/saml2-acs.php/proxy" index="0"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://am-proxy.pilots.aarc-project.eu/ssp/module.php/saml/sp/saml1-acs.php/proxy" index="1"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://am-proxy.pilots.aarc-project.eu/ssp/module.php/saml/sp/saml2-acs.php/proxy" index="2"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://am-proxy.pilots.aarc-project.eu/ssp/module.php/saml/sp/saml1-acs.php/proxy/artifact" index="3"/>
    <md:AttributeConsumingService index="0">
      <md:ServiceName xml:lang="en">AARC Attribute Management Pilot SP Proxy</md:ServiceName>
      <md:ServiceDescription xml:lang="en">This is the SP Proxy for the AARC Attribute Management Pilot</md:ServiceDescription>
      <md:RequestedAttribute Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonTargetedID"/>
      <md:RequestedAttribute Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="displayName"/>
      <md:RequestedAttribute Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="uid"/>
      <md:RequestedAttribute Name="urn:oid:2.5.4.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="commonName"/>
      <md:RequestedAttribute Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonPrincipalName"/>
      <md:RequestedAttribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn"/>
      <md:RequestedAttribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail"/>
      <md:RequestedAttribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName"/>
    </md:AttributeConsumingService>
  </md:SPSSODescriptor>
  <md:ContactPerson contactType="technical">
    <md:GivenName>Nicolas</md:GivenName>
    <md:SurName>Liampotis</md:SurName>
    <md:EmailAddress>nliam@grnet.gr</md:EmailAddress>
  </md:ContactPerson>
</md:EntityDescriptor>