Date: Fri, 29 Mar 2024 12:27:56 +0000 (UTC) Message-ID: <1389841523.39.1711715276560@41be844511b5> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_38_1993777333.1711715276560" ------=_Part_38_1993777333.1711715276560 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
This guide describes how to configure SimpleSAMLphp as an identity provi= der (IdP).
Change to the SimpleSAMLphp home directory
cd /var= /simplesamlphp
Edit config/config.php cha=
nge enable.saml20-idp to
'enable= .saml20-idp' =3D> true,
Change metadata/saml20-idp-hosted.php to the following.
$metadat= a['__DYNAMIC:1__'] =3D array( 'host' =3D> '__DEFAULT__', 'auth' =3D> 'example-userpass', 'privatekey' =3D> 'server.key', 'certificate' =3D> 'server.crt', 'attributes.NameFormat' =3D> 'urn:oasis:names:tc:SAML:2.0:attrname-f= ormat:uri', 'authproc' =3D> array( 97 =3D> array( 'class' =3D> 'saml:AuthnContextClassRef', 'AuthnContextClassRef' =3D> 'skolfederation.se-bas', ), 100 =3D> array( 'class' =3D> 'core:AttributeMap', 'name2oid' ), ), );
To be able to test the installation there must exist some users. Enable =
the SimpleSAMLphp module exampleauth
by creating the file
sudo t= ouch modules/exampleauth/enable
Edit the filen config/authsources= .php change example-userpass<= /span> to the following.
'exampl= e-userpass' =3D> array( 'exampleauth:UserPass', 'student:studentpass' =3D> array( 'urn:oid:1.3.6.1.4.1.5923.1.1.1.6' =3D> array('student@example.c= om'), 'urn:oid:0.9.2342.19200300.100.1.3' =3D> array('student@mymail.l= oc'), ), 'teacher:teacherpass' =3D> array( 'urn:oid:1.2.752.194.10.2.4' =3D> array('2699'), 'urn:oid:1.3.6.1.4.1.5923.1.1.1.6' =3D> array('teacher@example.c= om'), 'urn:oid:0.9.2342.19200300.100.1.3' =3D> array('teacher@mymail.c= om'), 'urn:oid:2.5.4.42' =3D> array('Teacher'), 'urn:oid:2.5.4.4' =3D> array('Tester'), ), ),
Get the metadata describing the IdP. Change the hostnamn. --no-check-certificate is only needed if th= e HTTPS certificate is self-signed.
wget --= no-check-certificate -O metadata-idp.xml 'https://myhost.example.com/simple= saml/saml2/idp/metadata.php'
<?xml= version=3D"1.0"?> <md:EntityDescriptor xmlns:md=3D"urn:oasis:names:tc:SAML:2.0:metadata" x= mlns:ds=3D"http://www.w3.org/2000/09/xmldsig#" entityID=3D"http://myhost.ex= ample.com/simplesaml/saml2/idp/metadata.php" ID=3D"pfx8ccd623c-59aa-b036-13= a7-ad92c55c0a1b"><ds:Signature> <ds:SignedInfo><ds:CanonicalizationMethod Algorithm=3D"http://ww= w.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm=3D"http://www.w3.org/2000/09/xmldsig#r= sa-sha1"/> <ds:Reference URI=3D"#pfx8ccd623c-59aa-b036-13a7-ad92c55c0a1b"><= ds:Transforms><ds:Transform Algorithm=3D"http://www.w3.org/2000/09/xm= ldsig#enveloped-signature"/><ds:Transform Algorithm=3D"http://www.w3.= org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Al= gorithm=3D"http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue&g= t;ntATud6YtsyMStC8cNKhcVFue3w=3D</ds:DigestValue></ds:Reference>= ;</ds:SignedInfo><ds:SignatureValue>u12WXysmt/AAQ86wX7+NVWMv+Db= Rr1pKJrk0rp1WPuNkk3P+KYdcte0pboBLU3v7MKTWtRyZOA26tJ34WTa1LBzzm302qQLIkjYP2w= CKWInQM9uqDzPkdI5lX2Ry+nSwfqAsHlAiM2FChTcbTAJIn76UJhHMPY4jNle7rNqmfR1oc4jIr= 9Whaketn1XKWIX5jl/kRN8PHQ0vDOdeWQl1sHRtWvec+lI8vtKMm6ZMwXlnQabp0GqdgbyJnFmW= V0lEWhUgumnfqf2aQaKId20ANZtUgr7INdHKPGB/hO1rRdEBwGQ+S6tnB8CqAC7xn8s574hw+t4= hhLoqJAzT2wqL8g=3D=3D</ds:SignatureValue> <ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDszCCApug= AwIBAgIJAP7RfQ50pS1JMA0GCSqGSIb3DQEBCwUAMHAxCzAJBgNVBAYTAlNFMRIwEAYDVQQIDAl= TdG9ja2hvbG0xEjAQBgNVBAcMCVN0b2NraG9sbTEMMAoGA1UECgwDSUlTMQwwCgYDVQQLDANGZW= QxHTAbBgNVBAMMFHNhbWxpZHAubXlkb21haW4ubG9jMB4XDTE1MDgwNDExNDMzNloXDTIwMDgwM= zExNDMzNlowcDELMAkGA1UEBhMCU0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3Rv= Y2tob2xtMQwwCgYDVQQKDANJSVMxDDAKBgNVBAsMA0ZlZDEdMBsGA1UEAwwUc2FtbGlkcC5teWR= vbWFpbi5sb2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT1HIQFaO7i5Zxt/Nf6k= yHzy7gDXXaxLO++E7cjbMnaWUg/5dsWU0oBLpme+1m+7DybQQsIg9+yjqkJkS22z/2go3MB9PBn= xmiaplhAYjWN7oBGpo1R1dwofYQZnLo/iBH0rT+odzv8RvxkhLtGASpNR/b5MIwrnIpWLXgcSyb= AHNQPi/9peW5eNIq26AHF7QwxgUOHnSazNPCWkSjTye00uFHx8xHYQ7Fjq2pifzhTrDABZgtc3w= s/bxOwxz2XnbLWAYhivUCSXCtNErLO68yO0X2NILtUJpJJ6JD+yRFjjBp6KFFwcsEIOHnJ7TW+j= k+gAYFrRLRZb9Xp/yjO+JFAgMBAAGjUDBOMB0GA1UdDgQWBBTDeQkkzM7pXo6WQmW74xYTvPf5G= DAfBgNVHSMEGDAWgBTDeQkkzM7pXo6WQmW74xYTvPf5GDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3= DQEBCwUAA4IBAQBawGnUJabQ/V9UG6/+tCZwKCge4qZKVQ67feu4NAIiQKrcnuuQb0U0g/CrwrJ= 2TTwHzRVJscf5KW9bWhK4Xuwm2Pq+ySTExHputJW8VaAYZ5J5G7K4M7H4zjCRJwdDSSNI3Jv4+B= s/sOi5jcLQ7wk0oCjQkiARFbB6On22WeAun618AHBTVgn0TsP2JasJyJJomrP6IqVF2Ox6/NB0G= Er1gRAv5Apzvxvgra72JN9DcPjgsceJrRpTa8BBAglj87SFPq9khCrv1mnu2PQU0KM7aw35Ijvg= OdAXnBVmMX+S1UvB6UkT6L2T8PbjAR4Y3k8B4lbJxPVfk807TmA07bYF</ds:X509Certifi= cate></ds:X509Data></ds:KeyInfo></ds:Signature> <md:IDPSSODescriptor protocolSupportEnumeration=3D"urn:oasis:names:tc:= SAML:2.0:protocol"> <md:KeyDescriptor use=3D"signing"> <ds:KeyInfo xmlns:ds=3D"http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>MIIDszCCApugAwIBAgIJAP7RfQ50pS1JMA0GCSq= GSIb3DQEBCwUAMHAxCzAJBgNVBAYTAlNFMRIwEAYDVQQIDAlTdG9ja2hvbG0xEjAQBgNVBAcMCV= N0b2NraG9sbTEMMAoGA1UECgwDSUlTMQwwCgYDVQQLDANGZWQxHTAbBgNVBAMMFHNhbWxpZHAub= Xlkb21haW4ubG9jMB4XDTE1MDgwNDExNDMzNloXDTIwMDgwMzExNDMzNlowcDELMAkGA1UEBhMC= U0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2tob2xtMQwwCgYDVQQKDANJSVM= xDDAKBgNVBAsMA0ZlZDEdMBsGA1UEAwwUc2FtbGlkcC5teWRvbWFpbi5sb2MwggEiMA0GCSqGSI= b3DQEBAQUAA4IBDwAwggEKAoIBAQDT1HIQFaO7i5Zxt/Nf6kyHzy7gDXXaxLO++E7cjbMnaWUg/= 5dsWU0oBLpme+1m+7DybQQsIg9+yjqkJkS22z/2go3MB9PBnxmiaplhAYjWN7oBGpo1R1dwofYQ= ZnLo/iBH0rT+odzv8RvxkhLtGASpNR/b5MIwrnIpWLXgcSybAHNQPi/9peW5eNIq26AHF7QwxgU= OHnSazNPCWkSjTye00uFHx8xHYQ7Fjq2pifzhTrDABZgtc3ws/bxOwxz2XnbLWAYhivUCSXCtNE= rLO68yO0X2NILtUJpJJ6JD+yRFjjBp6KFFwcsEIOHnJ7TW+jk+gAYFrRLRZb9Xp/yjO+JFAgMBA= AGjUDBOMB0GA1UdDgQWBBTDeQkkzM7pXo6WQmW74xYTvPf5GDAfBgNVHSMEGDAWgBTDeQkkzM7p= Xo6WQmW74xYTvPf5GDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBawGnUJabQ/V9= UG6/+tCZwKCge4qZKVQ67feu4NAIiQKrcnuuQb0U0g/CrwrJ2TTwHzRVJscf5KW9bWhK4Xuwm2P= q+ySTExHputJW8VaAYZ5J5G7K4M7H4zjCRJwdDSSNI3Jv4+Bs/sOi5jcLQ7wk0oCjQkiARFbB6O= n22WeAun618AHBTVgn0TsP2JasJyJJomrP6IqVF2Ox6/NB0GEr1gRAv5Apzvxvgra72JN9DcPjg= sceJrRpTa8BBAglj87SFPq9khCrv1mnu2PQU0KM7aw35IjvgOdAXnBVmMX+S1UvB6UkT6L2T8Pb= jAR4Y3k8B4lbJxPVfk807TmA07bYF</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:KeyDescriptor use=3D"encryption"> <ds:KeyInfo xmlns:ds=3D"http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>MIIDszCCApugAwIBAgIJAP7RfQ50pS1JMA0GCSq= GSIb3DQEBCwUAMHAxCzAJBgNVBAYTAlNFMRIwEAYDVQQIDAlTdG9ja2hvbG0xEjAQBgNVBAcMCV= N0b2NraG9sbTEMMAoGA1UECgwDSUlTMQwwCgYDVQQLDANGZWQxHTAbBgNVBAMMFHNhbWxpZHAub= Xlkb21haW4ubG9jMB4XDTE1MDgwNDExNDMzNloXDTIwMDgwMzExNDMzNlowcDELMAkGA1UEBhMC= U0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2tob2xtMQwwCgYDVQQKDANJSVM= xDDAKBgNVBAsMA0ZlZDEdMBsGA1UEAwwUc2FtbGlkcC5teWRvbWFpbi5sb2MwggEiMA0GCSqGSI= b3DQEBAQUAA4IBDwAwggEKAoIBAQDT1HIQFaO7i5Zxt/Nf6kyHzy7gDXXaxLO++E7cjbMnaWUg/= 5dsWU0oBLpme+1m+7DybQQsIg9+yjqkJkS22z/2go3MB9PBnxmiaplhAYjWN7oBGpo1R1dwofYQ= ZnLo/iBH0rT+odzv8RvxkhLtGASpNR/b5MIwrnIpWLXgcSybAHNQPi/9peW5eNIq26AHF7QwxgU= OHnSazNPCWkSjTye00uFHx8xHYQ7Fjq2pifzhTrDABZgtc3ws/bxOwxz2XnbLWAYhivUCSXCtNE= rLO68yO0X2NILtUJpJJ6JD+yRFjjBp6KFFwcsEIOHnJ7TW+jk+gAYFrRLRZb9Xp/yjO+JFAgMBA= AGjUDBOMB0GA1UdDgQWBBTDeQkkzM7pXo6WQmW74xYTvPf5GDAfBgNVHSMEGDAWgBTDeQkkzM7p= Xo6WQmW74xYTvPf5GDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBawGnUJabQ/V9= UG6/+tCZwKCge4qZKVQ67feu4NAIiQKrcnuuQb0U0g/CrwrJ2TTwHzRVJscf5KW9bWhK4Xuwm2P= q+ySTExHputJW8VaAYZ5J5G7K4M7H4zjCRJwdDSSNI3Jv4+Bs/sOi5jcLQ7wk0oCjQkiARFbB6O= n22WeAun618AHBTVgn0TsP2JasJyJJomrP6IqVF2Ox6/NB0GEr1gRAv5Apzvxvgra72JN9DcPjg= sceJrRpTa8BBAglj87SFPq9khCrv1mnu2PQU0KM7aw35IjvgOdAXnBVmMX+S1UvB6UkT6L2T8Pb= jAR4Y3k8B4lbJxPVfk807TmA07bYF</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:SingleLogoutService Binding=3D"urn:oasis:names:tc:SAML:2.0:bindi= ngs:HTTP-Redirect" Location=3D"https://myhost.example.com/simplesaml/saml2/= idp/SingleLogoutService.php"/> <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transi= ent</md:NameIDFormat> <md:SingleSignOnService Binding=3D"urn:oasis:names:tc:SAML:2.0:bindi= ngs:HTTP-Redirect" Location=3D"https://myhost.example.com/simplesaml/saml2/= idp/SSOService.php"/> </md:IDPSSODescriptor> </md:EntityDescriptor>
In the following metadata persist= ent NameID (row 24), organisa= tion and ContacPerson&= nbsp;(row 27-58) have been added. NOTE: This is an example and can't be uploaded to the= federation. Read more about ow to publish metadata on the federation websi= te.
<?xml= version=3D"1.0"?> <md:EntityDescriptor xmlns:md=3D"urn:oasis:names:tc:SAML:2.0:metadata" x= mlns:ds=3D"http://www.w3.org/2000/09/xmldsig#" entityID=3D"http://myhost.ex= ample.com/simplesaml/saml2/idp/metadata.php" ID=3D"pfx797787f7-e5bd-acc6-89= ef-4d120e679a48"><ds:Signature> <ds:SignedInfo><ds:CanonicalizationMethod Algorithm=3D"http://ww= w.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm=3D"http://www.w3.org/2000/09/xmldsig#r= sa-sha1"/> <ds:Reference URI=3D"#pfx797787f7-e5bd-acc6-89ef-4d120e679a48"><= ds:Transforms><ds:Transform Algorithm=3D"http://www.w3.org/2000/09/xm= ldsig#enveloped-signature"/><ds:Transform Algorithm=3D"http://www.w3.= org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Al= gorithm=3D"http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue&g= t;AzMFoTwyoKc0YHcPAaYl5jPIclE=3D</ds:DigestValue></ds:Reference>= ;</ds:SignedInfo><ds:SignatureValue>Srzu2vX2+FC6tTNH+vImIdvfo8f= XuWbcF4vkL3NdiTB/ZU3HTmjKg3KkNLKxw/DbGznNdnmi16ImWOqtETSbYDGPUwhYM13PvQ+OIf= ogmurj5sNE57pa3sg/MEOJB80A7axXCUKsOV4CqLTDZNh/d7imiS2G4VB7Kmo9o0y1ZQtkV6U5L= WO87Mw9rIj+D16KiB2HVIqq/cxOJBa4A7BoVuqJi3Qsc7rDjZK8b6e/EhP1QKgfAPwmTIp7K88m= fUlD3/fKo9EP5haLuXxjLLKySIwgqR56sLEwHttHMZMPg83zeOLgaeT8+qVA0NeplsM+2c5y2/O= Mk8vM9Q6ix7eOfg=3D=3D</ds:SignatureValue> <ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDszCCApug= AwIBAgIJAP7RfQ50pS1JMA0GCSqGSIb3DQEBCwUAMHAxCzAJBgNVBAYTAlNFMRIwEAYDVQQIDAl= TdG9ja2hvbG0xEjAQBgNVBAcMCVN0b2NraG9sbTEMMAoGA1UECgwDSUlTMQwwCgYDVQQLDANGZW= QxHTAbBgNVBAMMFHNhbWxpZHAubXlkb21haW4ubG9jMB4XDTE1MDgwNDExNDMzNloXDTIwMDgwM= zExNDMzNlowcDELMAkGA1UEBhMCU0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3Rv= Y2tob2xtMQwwCgYDVQQKDANJSVMxDDAKBgNVBAsMA0ZlZDEdMBsGA1UEAwwUc2FtbGlkcC5teWR= vbWFpbi5sb2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT1HIQFaO7i5Zxt/Nf6k= yHzy7gDXXaxLO++E7cjbMnaWUg/5dsWU0oBLpme+1m+7DybQQsIg9+yjqkJkS22z/2go3MB9PBn= xmiaplhAYjWN7oBGpo1R1dwofYQZnLo/iBH0rT+odzv8RvxkhLtGASpNR/b5MIwrnIpWLXgcSyb= AHNQPi/9peW5eNIq26AHF7QwxgUOHnSazNPCWkSjTye00uFHx8xHYQ7Fjq2pifzhTrDABZgtc3w= s/bxOwxz2XnbLWAYhivUCSXCtNErLO68yO0X2NILtUJpJJ6JD+yRFjjBp6KFFwcsEIOHnJ7TW+j= k+gAYFrRLRZb9Xp/yjO+JFAgMBAAGjUDBOMB0GA1UdDgQWBBTDeQkkzM7pXo6WQmW74xYTvPf5G= DAfBgNVHSMEGDAWgBTDeQkkzM7pXo6WQmW74xYTvPf5GDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3= DQEBCwUAA4IBAQBawGnUJabQ/V9UG6/+tCZwKCge4qZKVQ67feu4NAIiQKrcnuuQb0U0g/CrwrJ= 2TTwHzRVJscf5KW9bWhK4Xuwm2Pq+ySTExHputJW8VaAYZ5J5G7K4M7H4zjCRJwdDSSNI3Jv4+B= s/sOi5jcLQ7wk0oCjQkiARFbB6On22WeAun618AHBTVgn0TsP2JasJyJJomrP6IqVF2Ox6/NB0G= Er1gRAv5Apzvxvgra72JN9DcPjgsceJrRpTa8BBAglj87SFPq9khCrv1mnu2PQU0KM7aw35Ijvg= OdAXnBVmMX+S1UvB6UkT6L2T8PbjAR4Y3k8B4lbJxPVfk807TmA07bYF</ds:X509Certifi= cate></ds:X509Data></ds:KeyInfo></ds:Signature> <md:IDPSSODescriptor protocolSupportEnumeration=3D"urn:oasis:names:tc:= SAML:2.0:protocol"> <md:KeyDescriptor use=3D"signing"> <ds:KeyInfo xmlns:ds=3D"http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>MIIDszCCApugAwIBAgIJAP7RfQ50pS1JMA0GCSq= GSIb3DQEBCwUAMHAxCzAJBgNVBAYTAlNFMRIwEAYDVQQIDAlTdG9ja2hvbG0xEjAQBgNVBAcMCV= N0b2NraG9sbTEMMAoGA1UECgwDSUlTMQwwCgYDVQQLDANGZWQxHTAbBgNVBAMMFHNhbWxpZHAub= Xlkb21haW4ubG9jMB4XDTE1MDgwNDExNDMzNloXDTIwMDgwMzExNDMzNlowcDELMAkGA1UEBhMC= U0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2tob2xtMQwwCgYDVQQKDANJSVM= xDDAKBgNVBAsMA0ZlZDEdMBsGA1UEAwwUc2FtbGlkcC5teWRvbWFpbi5sb2MwggEiMA0GCSqGSI= b3DQEBAQUAA4IBDwAwggEKAoIBAQDT1HIQFaO7i5Zxt/Nf6kyHzy7gDXXaxLO++E7cjbMnaWUg/= 5dsWU0oBLpme+1m+7DybQQsIg9+yjqkJkS22z/2go3MB9PBnxmiaplhAYjWN7oBGpo1R1dwofYQ= ZnLo/iBH0rT+odzv8RvxkhLtGASpNR/b5MIwrnIpWLXgcSybAHNQPi/9peW5eNIq26AHF7QwxgU= OHnSazNPCWkSjTye00uFHx8xHYQ7Fjq2pifzhTrDABZgtc3ws/bxOwxz2XnbLWAYhivUCSXCtNE= rLO68yO0X2NILtUJpJJ6JD+yRFjjBp6KFFwcsEIOHnJ7TW+jk+gAYFrRLRZb9Xp/yjO+JFAgMBA= AGjUDBOMB0GA1UdDgQWBBTDeQkkzM7pXo6WQmW74xYTvPf5GDAfBgNVHSMEGDAWgBTDeQkkzM7p= Xo6WQmW74xYTvPf5GDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBawGnUJabQ/V9= UG6/+tCZwKCge4qZKVQ67feu4NAIiQKrcnuuQb0U0g/CrwrJ2TTwHzRVJscf5KW9bWhK4Xuwm2P= q+ySTExHputJW8VaAYZ5J5G7K4M7H4zjCRJwdDSSNI3Jv4+Bs/sOi5jcLQ7wk0oCjQkiARFbB6O= n22WeAun618AHBTVgn0TsP2JasJyJJomrP6IqVF2Ox6/NB0GEr1gRAv5Apzvxvgra72JN9DcPjg= sceJrRpTa8BBAglj87SFPq9khCrv1mnu2PQU0KM7aw35IjvgOdAXnBVmMX+S1UvB6UkT6L2T8Pb= jAR4Y3k8B4lbJxPVfk807TmA07bYF</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:KeyDescriptor use=3D"encryption"> <ds:KeyInfo xmlns:ds=3D"http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>MIIDszCCApugAwIBAgIJAP7RfQ50pS1JMA0GCSq= GSIb3DQEBCwUAMHAxCzAJBgNVBAYTAlNFMRIwEAYDVQQIDAlTdG9ja2hvbG0xEjAQBgNVBAcMCV= N0b2NraG9sbTEMMAoGA1UECgwDSUlTMQwwCgYDVQQLDANGZWQxHTAbBgNVBAMMFHNhbWxpZHAub= Xlkb21haW4ubG9jMB4XDTE1MDgwNDExNDMzNloXDTIwMDgwMzExNDMzNlowcDELMAkGA1UEBhMC= U0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2tob2xtMQwwCgYDVQQKDANJSVM= xDDAKBgNVBAsMA0ZlZDEdMBsGA1UEAwwUc2FtbGlkcC5teWRvbWFpbi5sb2MwggEiMA0GCSqGSI= b3DQEBAQUAA4IBDwAwggEKAoIBAQDT1HIQFaO7i5Zxt/Nf6kyHzy7gDXXaxLO++E7cjbMnaWUg/= 5dsWU0oBLpme+1m+7DybQQsIg9+yjqkJkS22z/2go3MB9PBnxmiaplhAYjWN7oBGpo1R1dwofYQ= ZnLo/iBH0rT+odzv8RvxkhLtGASpNR/b5MIwrnIpWLXgcSybAHNQPi/9peW5eNIq26AHF7QwxgU= OHnSazNPCWkSjTye00uFHx8xHYQ7Fjq2pifzhTrDABZgtc3ws/bxOwxz2XnbLWAYhivUCSXCtNE= rLO68yO0X2NILtUJpJJ6JD+yRFjjBp6KFFwcsEIOHnJ7TW+jk+gAYFrRLRZb9Xp/yjO+JFAgMBA= AGjUDBOMB0GA1UdDgQWBBTDeQkkzM7pXo6WQmW74xYTvPf5GDAfBgNVHSMEGDAWgBTDeQkkzM7p= Xo6WQmW74xYTvPf5GDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBawGnUJabQ/V9= UG6/+tCZwKCge4qZKVQ67feu4NAIiQKrcnuuQb0U0g/CrwrJ2TTwHzRVJscf5KW9bWhK4Xuwm2P= q+ySTExHputJW8VaAYZ5J5G7K4M7H4zjCRJwdDSSNI3Jv4+Bs/sOi5jcLQ7wk0oCjQkiARFbB6O= n22WeAun618AHBTVgn0TsP2JasJyJJomrP6IqVF2Ox6/NB0GEr1gRAv5Apzvxvgra72JN9DcPjg= sceJrRpTa8BBAglj87SFPq9khCrv1mnu2PQU0KM7aw35IjvgOdAXnBVmMX+S1UvB6UkT6L2T8Pb= jAR4Y3k8B4lbJxPVfk807TmA07bYF</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:SingleLogoutService Binding=3D"urn:oasis:names:tc:SAML:2.0:bindi= ngs:HTTP-Redirect" Location=3D"https://myhost.example.com/simplesaml/saml2/= idp/SingleLogoutService.php"/> <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transi= ent</md:NameIDFormat> <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persis= tent</md:NameIDFormat> <md:SingleSignOnService Binding=3D"urn:oasis:names:tc:SAML:2.0:bindi= ngs:HTTP-Redirect" Location=3D"https://myhost.example.com/simplesaml/saml2/= idp/SSOService.php"/> </md:IDPSSODescriptor> <md:Organization> <md:OrganizationName xml:lang=3D"en">Example organization</md:= OrganizationName> <md:OrganizationName xml:lang=3D"sv">Exempel organisation</md:= OrganizationName> <md:OrganizationDisplayName xml:lang=3D"en">Example organization&= lt;/md:OrganizationDisplayName> <md:OrganizationDisplayName xml:lang=3D"sv">Exempel organisation&= lt;/md:OrganizationDisplayName> <md:OrganizationURL xml:lang=3D"en">www.example.com</md:Organi= zationURL> <md:OrganizationURL xml:lang=3D"sv">www.example.com</md:Organi= zationURL> </md:Organization> <md:ContactPerson contactType=3D"technical" xml:lang=3D"sv"> <md:GivenName>Kalle</md:GivenName> <md:SurName>Andersson</md:SurName> <md:EmailAddress>kalle.andersson@example.com</md:EmailAddress&= gt; <md:TelephoneNumber>+468123456</md:TelephoneNumber> </md:ContactPerson> <md:ContactPerson contactType=3D"technical" xml:lang=3D"en"> <md:GivenName>Kalle</md:GivenName> <md:SurName>Andersson</md:SurName> <md:EmailAddress>kalle.andersson@example.com</md:EmailAddress&= gt; <md:TelephoneNumber>+468123456</md:TelephoneNumber> </md:ContactPerson> <md:ContactPerson contactType=3D"support" xml:lang=3D"sv"> <md:GivenName>Kalle</md:GivenName> <md:SurName>Andersson</md:SurName> <md:EmailAddress>kalle.andersson@example.com</md:EmailAddress&= gt; <md:TelephoneNumber>+468123456</md:TelephoneNumber> </md:ContactPerson> <md:ContactPerson contactType=3D"support" xml:lang=3D"en"> <md:GivenName>Kalle</md:GivenName> <md:SurName>Andersson</md:SurName> <md:EmailAddress>kalle.andersson@example.com</md:EmailAddress&= gt; <md:TelephoneNumber>+468123456</md:TelephoneNumber> </md:ContactPerson> </md:EntityDescriptor>