...
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<?xml version="1.0" encoding="UTF-8"?> <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://sp01service.devtestexample.eduteams.org/saml/default-sp" > <md:Extensions> <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <!-- Required for R&S SPs --> <saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">http://refeds.org/category/research-and-scholarship</saml:AttributeValue> <!-- Required for Production SPs --> <saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">http://www.geant.net/uri/dataprotection-code-of-conduct/v1</saml:AttributeValue> </saml:Attribute> <!-- Required for SPs supporting Sirtfi --> <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <saml:AttributeValue xsi:type="xs:string">https://refeds.org/sirtfi</saml:AttributeValue> </saml:Attribute> <!-- Required to signal the requirement for the release of subject-id --> <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:subject-id:req" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <saml:AttributeValue>any</saml:AttributeValue> </saml:Attribute> </mdattr:EntityAttributes> </md:Extensions> <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" AuthnRequestsSigned="false"> <md:Extensions> <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> <!-- Required: Change it for your SP --> <mdui:DisplayName xml:lang="en">eduTEAMS Test Service Provider (SP01)<>Example service</mdui:DisplayName> <!-- Required: Change it for your SP --> <mdui:Description xml:lang="en">eduTEAMS>Example Service Providerservice used in development and test environments (SP01)<environments</mdui:Description> <!-- Required for Production: ChangeUse itthe forGeant yourprivacy SPnotice --> <mdui:PrivacyStatementURL xml:lang="en">https://wiki.geant.org/display/eduTEAMS/Privacy+Policy<privacy-notice/</mdui:PrivacyStatementURL> <!-- Required: Change it for your SP --> <mdui:Logo width="200" height="200">https://wwwservice.eduteamsexample.org/imgsp/logo.png</mdui:Logo> <mdui:Logo width="16" height="16">https://wwwservice.eduteamsexample.org/imgsp/logo_small.png</mdui:Logo> <!-- Optional: Change it for your SP --> <mdui:InformationURL xml:lang="en">https://wwwservice.eduteamsexample.org</mdui:InformationURL> </mdui:UIInfo> </md:Extensions> <!-- Required: Change it for your SP --> <md:KeyDescriptor use="signing"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>....</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <!-- Required: Change it for your SP --> <md:KeyDescriptor use="encryption"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>....</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <!-- Optional: Change it for your SP --> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp01service.devtestexample.eduteams.org/simplesaml/module.php/saml/sp/saml2-logout.php/default-sp"/> <!-- Required --> <<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://service.example.org/sp/acs" index="0"/> <!-- In the list below all the attributes are requested. If your SP needs less attributes, the list has to be modified accordingly. Check the attributes supported by the AAI service you are using. --> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp01.devtest.eduteams.org/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp" index="0"/> <md:AttributeConsumingService index="0"> <md:ServiceName xml:lang="en">eduTEAMS Test Service Provider</md:ServiceName> <md:RequestedAttribute Name="urn:oid:1.3.6.1.4.1.592325178.14.1.1.136" FriendlyName="eduPersonUniqueIdvoPersonID" isRequired="true"/> <md:RequestedAttribute Name="urn:oid:10.39.62342.119200300.4100.1.25178.4.1.6" FriendlyName="voPersonIDuid" isRequired="true"/> <md:RequestedAttribute Name="urn:oid:2.5.4.42" FriendlyName="givenName" isRequired="true"/> <md:RequestedAttribute Name="urn:oid:2.5.4.4" FriendlyName="sn" isRequired="true"/> <md:RequestedAttribute Name="urn:oid:2.16.840.1.113730.3.1.241" FriendlyName="displayName" isRequired="true"/> <md:RequestedAttribute Name="urn:oid:0.9.2342.19200300.100.1.3" FriendlyName="mail" isRequired="true"/> <md:RequestedAttribute Name="urn:oid:1.3.6.1.4.1.25178.4.1.11" FriendlyName="voPersonExternalAffiliation" isRequired="true"/> <md:RequestedAttribute Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.97" FriendlyName="eduPersonScopedAffiliationeduPersonEntitlement" isRequired="true"/> </md:AttributeConsumingService> <md:RequestedAttribute Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" FriendlyName="eduPersonEntitlement" isRequired="true"/> <md:RequestedAttribute Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" FriendlyName="eduPersonAssurance" isRequired="true"/> </md:SPSSODescriptor> <!-- Required: Keep as is for the Geant Services --> <md:Organization> <md:RequestedAttribute Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.16" FriendlyName="eduPersonOrcid" isRequired="true"/> OrganizationName xml:lang="en">GEANT</md:OrganizationName> <md:RequestedAttribute Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" FriendlyName="eduPersonPrincipalName" isRequired="true"/>OrganizationDisplayName xml:lang="en">GEANT</md:OrganizationDisplayName> <md:RequestedAttributeOrganizationURL Namexml:lang="urn:oid:1.3.6.1.4.1.24552.500.1.1.1.13" FriendlyName="sshPublicKey" isRequired="true"/> en">https://www.geant.org</md:OrganizationURL> </md:AttributeConsumingService> Organization> </md:SPSSODescriptor> <!-- Required: Change it for your SP --> <md:Organization> <md:OrganizationName xml:langContactPerson contactType="en">GEANT</md:OrganizationName>administrative"> <md:OrganizationDisplayName xml:lang="en">GEANT<GivenName>John Doe</md:OrganizationDisplayName>GivenName> <md:OrganizationURL xml:lang="en">https://www.geantEmailAddress>mailto:admin@service.example.org</md:OrganizationURL>EmailAddress> </md:Organization>ContactPerson> <!-- Required: Change it for your SP --> <md:ContactPerson contactType="administrativetechnical"> <md:GivenName>Smith Brown</md:GivenName> <md:EmailAddress>mailto:admin@eduteamstech@service.example.org</md:EmailAddress> </md:ContactPerson> <!-- Required: Keep Changeas itis for yourthe Geant SPServices --> <md <md:ContactPerson contactType="technicalsupport"> <md:GivenName>Geant Helpdesk</md:GivenName> <md:EmailAddress>mailto:support@eduteamshelp@geant.org</md:EmailAddress> </md:ContactPerson> <!-- Required for SPs supporting Sirtfi: Change it for your SP --> <md:ContactPerson xmlns:remd="http://refeds.org/metadata" contactType="other" remd:contactType="http://refeds.org/metadata/contactType/security"> <md:GivenName>eduTEAMSGivenName>Klara Service<Novak</md:GivenName> <md:EmailAddress>mailto:security@eduteamssecurity@service.example.org</md:EmailAddress> </md:ContactPerson> </md:EntityDescriptor> |
...