SAML 2.0 IdP metadata
Her er metadata som SimpleSAMLphp har generert for deg. Du må utveksle metadata med de partene du stoler på for å sette opp en føderasjon.
Du kan nå metadata i XML-format på en dedikert URL:
http://35.72.173.230/simplesaml/saml2/idp/metadata.php
Metadata
I SAML 2.0 Metadata XML Format:
<?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="http://35.72.173.230/simplesaml/saml2/idp/metadata.php">
<md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>MIIDRTCCAi2gAwIBAgIJAPNsH1Kf38SAMA0GCSqGSIb3DQEBCwUAMDkxCzAJBgNVBAYTAkpQMRAwDgYDVQQIDAdTQUlUQU1BMRgwFgYDVQQDDA9pZHAuZXhhbXBsZS5jb20wHhcNMjIxMTA0MDUwMDIyWhcNMzIxMTAzMDUwMDIyWjA5MQswCQYDVQQGEwJKUDEQMA4GA1UECAwHU0FJVEFNQTEYMBYGA1UEAwwPaWRwLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArx13HhYfTAYIZiIa4uOX/jRn7C+h4snuBkXvu6sKg2Skxqr9smviQOPqTEPpg2g4hOcWdU0cYO3yUnZb+hjXv4nQKElhKJh0XL/njqiiohDMLbnyXnjP2B1Z49jh0X8pj8FVBuXdjLZ6VyjnaBrWbeIc2M8T25yAdWzSy+UaegX1P6QvwjfvgY7vBHBlG4eHV6CLJ2BW27C+aQi9HFd0ijvfLEAwB1gZigFX6XC5jIEnfMPv2y3OprW5ee9JUBRjc/750vrCqYx4LoRW3hgfA1Ay8ZkwlLf6Rp71b62M9wYfEnD7oQ3grEGbAbLJPLrHdy31Gpyfm5P1SjG8mg93gQIDAQABo1AwTjAdBgNVHQ4EFgQUmvHuC6ri0EL+GXLndjurp0x1RiAwHwYDVR0jBBgwFoAUmvHuC6ri0EL+GXLndjurp0x1RiAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAXRMX7JXHS297/I83yHj/Wuk4sZUngaI3CySnRNfAXcicT0xzsf84mlfusdf6ktSfOwZ1wpKcDZBF45sU1b7VLan5dlcr20yUIipiumb0/5ZPFFktnj2KW7i6MuBEKFFzD/ggwZ8LkddWqF42WjWXyD6AepbgUdpPUO/jMe+yG86tUtfAoNOoj6BlWbaxVll2eMBcZ6KbhOZ4VL8yhRo+EektRki1ihS1LwUzoP2nmtDzoFa77NKqKUw1xFrMXpm4UtkEj/KFMc1xjsYvtBAuGVPuF6zZ0570aa0yeD3NkyauT5Na68MVTksEx1UYp40KpDyxS9FG+LW7okeDAnUXuQ==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:KeyDescriptor use="encryption">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>MIIDRTCCAi2gAwIBAgIJAPNsH1Kf38SAMA0GCSqGSIb3DQEBCwUAMDkxCzAJBgNVBAYTAkpQMRAwDgYDVQQIDAdTQUlUQU1BMRgwFgYDVQQDDA9pZHAuZXhhbXBsZS5jb20wHhcNMjIxMTA0MDUwMDIyWhcNMzIxMTAzMDUwMDIyWjA5MQswCQYDVQQGEwJKUDEQMA4GA1UECAwHU0FJVEFNQTEYMBYGA1UEAwwPaWRwLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArx13HhYfTAYIZiIa4uOX/jRn7C+h4snuBkXvu6sKg2Skxqr9smviQOPqTEPpg2g4hOcWdU0cYO3yUnZb+hjXv4nQKElhKJh0XL/njqiiohDMLbnyXnjP2B1Z49jh0X8pj8FVBuXdjLZ6VyjnaBrWbeIc2M8T25yAdWzSy+UaegX1P6QvwjfvgY7vBHBlG4eHV6CLJ2BW27C+aQi9HFd0ijvfLEAwB1gZigFX6XC5jIEnfMPv2y3OprW5ee9JUBRjc/750vrCqYx4LoRW3hgfA1Ay8ZkwlLf6Rp71b62M9wYfEnD7oQ3grEGbAbLJPLrHdy31Gpyfm5P1SjG8mg93gQIDAQABo1AwTjAdBgNVHQ4EFgQUmvHuC6ri0EL+GXLndjurp0x1RiAwHwYDVR0jBBgwFoAUmvHuC6ri0EL+GXLndjurp0x1RiAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAXRMX7JXHS297/I83yHj/Wuk4sZUngaI3CySnRNfAXcicT0xzsf84mlfusdf6ktSfOwZ1wpKcDZBF45sU1b7VLan5dlcr20yUIipiumb0/5ZPFFktnj2KW7i6MuBEKFFzD/ggwZ8LkddWqF42WjWXyD6AepbgUdpPUO/jMe+yG86tUtfAoNOoj6BlWbaxVll2eMBcZ6KbhOZ4VL8yhRo+EektRki1ihS1LwUzoP2nmtDzoFa77NKqKUw1xFrMXpm4UtkEj/KFMc1xjsYvtBAuGVPuF6zZ0570aa0yeD3NkyauT5Na68MVTksEx1UYp40KpDyxS9FG+LW7okeDAnUXuQ==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://35.72.173.230/simplesaml/saml2/idp/SingleLogoutService.php"/>
<md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
<md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://35.72.173.230/simplesaml/saml2/idp/SSOService.php"/>
</md:IDPSSODescriptor>
<md:ContactPerson contactType="technical">
<md:GivenName>Administrator</md:GivenName>
<md:EmailAddress>mailto:na@example.com</md:EmailAddress>
</md:ContactPerson>
</md:EntityDescriptor>
I SimpleSAMLphp format - bruk denne dersom du benytter SimpleSAMLphp i den andre enden:
$metadata['http://35.72.173.230/simplesaml/saml2/idp/metadata.php'] = [
'metadata-set' => 'saml20-idp-remote',
'entityid' => 'http://35.72.173.230/simplesaml/saml2/idp/metadata.php',
'SingleSignOnService' => [
[
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
'Location' => 'http://35.72.173.230/simplesaml/saml2/idp/SSOService.php',
],
],
'SingleLogoutService' => [
[
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
'Location' => 'http://35.72.173.230/simplesaml/saml2/idp/SingleLogoutService.php',
],
],
'certData' => 'MIIDRTCCAi2gAwIBAgIJAPNsH1Kf38SAMA0GCSqGSIb3DQEBCwUAMDkxCzAJBgNVBAYTAkpQMRAwDgYDVQQIDAdTQUlUQU1BMRgwFgYDVQQDDA9pZHAuZXhhbXBsZS5jb20wHhcNMjIxMTA0MDUwMDIyWhcNMzIxMTAzMDUwMDIyWjA5MQswCQYDVQQGEwJKUDEQMA4GA1UECAwHU0FJVEFNQTEYMBYGA1UEAwwPaWRwLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArx13HhYfTAYIZiIa4uOX/jRn7C+h4snuBkXvu6sKg2Skxqr9smviQOPqTEPpg2g4hOcWdU0cYO3yUnZb+hjXv4nQKElhKJh0XL/njqiiohDMLbnyXnjP2B1Z49jh0X8pj8FVBuXdjLZ6VyjnaBrWbeIc2M8T25yAdWzSy+UaegX1P6QvwjfvgY7vBHBlG4eHV6CLJ2BW27C+aQi9HFd0ijvfLEAwB1gZigFX6XC5jIEnfMPv2y3OprW5ee9JUBRjc/750vrCqYx4LoRW3hgfA1Ay8ZkwlLf6Rp71b62M9wYfEnD7oQ3grEGbAbLJPLrHdy31Gpyfm5P1SjG8mg93gQIDAQABo1AwTjAdBgNVHQ4EFgQUmvHuC6ri0EL+GXLndjurp0x1RiAwHwYDVR0jBBgwFoAUmvHuC6ri0EL+GXLndjurp0x1RiAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAXRMX7JXHS297/I83yHj/Wuk4sZUngaI3CySnRNfAXcicT0xzsf84mlfusdf6ktSfOwZ1wpKcDZBF45sU1b7VLan5dlcr20yUIipiumb0/5ZPFFktnj2KW7i6MuBEKFFzD/ggwZ8LkddWqF42WjWXyD6AepbgUdpPUO/jMe+yG86tUtfAoNOoj6BlWbaxVll2eMBcZ6KbhOZ4VL8yhRo+EektRki1ihS1LwUzoP2nmtDzoFa77NKqKUw1xFrMXpm4UtkEj/KFMc1xjsYvtBAuGVPuF6zZ0570aa0yeD3NkyauT5Na68MVTksEx1UYp40KpDyxS9FG+LW7okeDAnUXuQ==',
'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
'contacts' => [
[
'emailAddress' => 'na@example.com',
'contactType' => 'technical',
'givenName' => 'Administrator',
],
],
];
Sertifikater
Last ned X509-sertifikatene som PEM-filer.
Copyright © 2007-2021