This guide describes how to configure SimpleSAMLphp as an identity provider (IdP).
Change to the SimpleSAMLphp home directory
cd /var/simplesamlphp |
Edit config/config.php change enable.saml20-idp to true.
'enable.saml20-idp' => true, |
Change metadata/saml20-idp-hosted.php to the following.
$metadata['__DYNAMIC:1__'] = array( 'host' => '__DEFAULT__', 'auth' => 'example-userpass', 'privatekey' => 'server.key', 'certificate' => 'server.crt', 'attributes.NameFormat' => 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri', 'authproc' => array( 97 => array( 'class' => 'saml:AuthnContextClassRef', 'AuthnContextClassRef' => 'skolfederation.se-bas', ), 100 => array( 'class' => 'core:AttributeMap', 'name2oid' ), ), ); |
To be able to test the installation there must exist some users. Enable the SimpleSAMLphp module exampleauth
by creating the file enable in the exampleauth module directory.
sudo touch modules/exampleauth/enable |
Edit the filen config/authsources.php change example-userpass to the following.
'example-userpass' => array( 'exampleauth:UserPass', 'student:studentpass' => array( 'urn:oid:1.3.6.1.4.1.5923.1.1.1.6' => array('student@example.com'), 'urn:oid:0.9.2342.19200300.100.1.3' => array('student@mymail.loc'), ), 'teacher:teacherpass' => array( 'urn:oid:1.2.752.194.10.2.4' => array('2699'), 'urn:oid:1.3.6.1.4.1.5923.1.1.1.6' => array('teacher@example.com'), 'urn:oid:0.9.2342.19200300.100.1.3' => array('teacher@mymail.com'), 'urn:oid:2.5.4.42' => array('Teacher'), 'urn:oid:2.5.4.4' => array('Tester'), ), ), |
Get the metadata describing the IdP. Change the hostnamn. --no-check-certificate is only needed if the HTTPS certificate is self-signed.
wget --no-check-certificate -O metadata-idp.xml 'https://myhost.example.com/simplesaml/saml2/idp/metadata.php' |
<?xml version="1.0"?> <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="http://myhost.example.com/simplesaml/saml2/idp/metadata.php" ID="pfx8ccd623c-59aa-b036-13a7-ad92c55c0a1b"><ds:Signature> <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:Reference URI="#pfx8ccd623c-59aa-b036-13a7-ad92c55c0a1b"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>ntATud6YtsyMStC8cNKhcVFue3w=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>u12WXysmt/AAQ86wX7+NVWMv+DbRr1pKJrk0rp1WPuNkk3P+KYdcte0pboBLU3v7MKTWtRyZOA26tJ34WTa1LBzzm302qQLIkjYP2wCKWInQM9uqDzPkdI5lX2Ry+nSwfqAsHlAiM2FChTcbTAJIn76UJhHMPY4jNle7rNqmfR1oc4jIr9Whaketn1XKWIX5jl/kRN8PHQ0vDOdeWQl1sHRtWvec+lI8vtKMm6ZMwXlnQabp0GqdgbyJnFmWV0lEWhUgumnfqf2aQaKId20ANZtUgr7INdHKPGB/hO1rRdEBwGQ+S6tnB8CqAC7xn8s574hw+t4hhLoqJAzT2wqL8g==</ds:SignatureValue> <ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDszCCApugAwIBAgIJAP7RfQ50pS1JMA0GCSqGSIb3DQEBCwUAMHAxCzAJBgNVBAYTAlNFMRIwEAYDVQQIDAlTdG9ja2hvbG0xEjAQBgNVBAcMCVN0b2NraG9sbTEMMAoGA1UECgwDSUlTMQwwCgYDVQQLDANGZWQxHTAbBgNVBAMMFHNhbWxpZHAubXlkb21haW4ubG9jMB4XDTE1MDgwNDExNDMzNloXDTIwMDgwMzExNDMzNlowcDELMAkGA1UEBhMCU0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2tob2xtMQwwCgYDVQQKDANJSVMxDDAKBgNVBAsMA0ZlZDEdMBsGA1UEAwwUc2FtbGlkcC5teWRvbWFpbi5sb2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT1HIQFaO7i5Zxt/Nf6kyHzy7gDXXaxLO++E7cjbMnaWUg/5dsWU0oBLpme+1m+7DybQQsIg9+yjqkJkS22z/2go3MB9PBnxmiaplhAYjWN7oBGpo1R1dwofYQZnLo/iBH0rT+odzv8RvxkhLtGASpNR/b5MIwrnIpWLXgcSybAHNQPi/9peW5eNIq26AHF7QwxgUOHnSazNPCWkSjTye00uFHx8xHYQ7Fjq2pifzhTrDABZgtc3ws/bxOwxz2XnbLWAYhivUCSXCtNErLO68yO0X2NILtUJpJJ6JD+yRFjjBp6KFFwcsEIOHnJ7TW+jk+gAYFrRLRZb9Xp/yjO+JFAgMBAAGjUDBOMB0GA1UdDgQWBBTDeQkkzM7pXo6WQmW74xYTvPf5GDAfBgNVHSMEGDAWgBTDeQkkzM7pXo6WQmW74xYTvPf5GDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBawGnUJabQ/V9UG6/+tCZwKCge4qZKVQ67feu4NAIiQKrcnuuQb0U0g/CrwrJ2TTwHzRVJscf5KW9bWhK4Xuwm2Pq+ySTExHputJW8VaAYZ5J5G7K4M7H4zjCRJwdDSSNI3Jv4+Bs/sOi5jcLQ7wk0oCjQkiARFbB6On22WeAun618AHBTVgn0TsP2JasJyJJomrP6IqVF2Ox6/NB0GEr1gRAv5Apzvxvgra72JN9DcPjgsceJrRpTa8BBAglj87SFPq9khCrv1mnu2PQU0KM7aw35IjvgOdAXnBVmMX+S1UvB6UkT6L2T8PbjAR4Y3k8B4lbJxPVfk807TmA07bYF</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature> <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <md:KeyDescriptor use="signing"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>MIIDszCCApugAwIBAgIJAP7RfQ50pS1JMA0GCSqGSIb3DQEBCwUAMHAxCzAJBgNVBAYTAlNFMRIwEAYDVQQIDAlTdG9ja2hvbG0xEjAQBgNVBAcMCVN0b2NraG9sbTEMMAoGA1UECgwDSUlTMQwwCgYDVQQLDANGZWQxHTAbBgNVBAMMFHNhbWxpZHAubXlkb21haW4ubG9jMB4XDTE1MDgwNDExNDMzNloXDTIwMDgwMzExNDMzNlowcDELMAkGA1UEBhMCU0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2tob2xtMQwwCgYDVQQKDANJSVMxDDAKBgNVBAsMA0ZlZDEdMBsGA1UEAwwUc2FtbGlkcC5teWRvbWFpbi5sb2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT1HIQFaO7i5Zxt/Nf6kyHzy7gDXXaxLO++E7cjbMnaWUg/5dsWU0oBLpme+1m+7DybQQsIg9+yjqkJkS22z/2go3MB9PBnxmiaplhAYjWN7oBGpo1R1dwofYQZnLo/iBH0rT+odzv8RvxkhLtGASpNR/b5MIwrnIpWLXgcSybAHNQPi/9peW5eNIq26AHF7QwxgUOHnSazNPCWkSjTye00uFHx8xHYQ7Fjq2pifzhTrDABZgtc3ws/bxOwxz2XnbLWAYhivUCSXCtNErLO68yO0X2NILtUJpJJ6JD+yRFjjBp6KFFwcsEIOHnJ7TW+jk+gAYFrRLRZb9Xp/yjO+JFAgMBAAGjUDBOMB0GA1UdDgQWBBTDeQkkzM7pXo6WQmW74xYTvPf5GDAfBgNVHSMEGDAWgBTDeQkkzM7pXo6WQmW74xYTvPf5GDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBawGnUJabQ/V9UG6/+tCZwKCge4qZKVQ67feu4NAIiQKrcnuuQb0U0g/CrwrJ2TTwHzRVJscf5KW9bWhK4Xuwm2Pq+ySTExHputJW8VaAYZ5J5G7K4M7H4zjCRJwdDSSNI3Jv4+Bs/sOi5jcLQ7wk0oCjQkiARFbB6On22WeAun618AHBTVgn0TsP2JasJyJJomrP6IqVF2Ox6/NB0GEr1gRAv5Apzvxvgra72JN9DcPjgsceJrRpTa8BBAglj87SFPq9khCrv1mnu2PQU0KM7aw35IjvgOdAXnBVmMX+S1UvB6UkT6L2T8PbjAR4Y3k8B4lbJxPVfk807TmA07bYF</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:KeyDescriptor use="encryption"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>MIIDszCCApugAwIBAgIJAP7RfQ50pS1JMA0GCSqGSIb3DQEBCwUAMHAxCzAJBgNVBAYTAlNFMRIwEAYDVQQIDAlTdG9ja2hvbG0xEjAQBgNVBAcMCVN0b2NraG9sbTEMMAoGA1UECgwDSUlTMQwwCgYDVQQLDANGZWQxHTAbBgNVBAMMFHNhbWxpZHAubXlkb21haW4ubG9jMB4XDTE1MDgwNDExNDMzNloXDTIwMDgwMzExNDMzNlowcDELMAkGA1UEBhMCU0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2tob2xtMQwwCgYDVQQKDANJSVMxDDAKBgNVBAsMA0ZlZDEdMBsGA1UEAwwUc2FtbGlkcC5teWRvbWFpbi5sb2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT1HIQFaO7i5Zxt/Nf6kyHzy7gDXXaxLO++E7cjbMnaWUg/5dsWU0oBLpme+1m+7DybQQsIg9+yjqkJkS22z/2go3MB9PBnxmiaplhAYjWN7oBGpo1R1dwofYQZnLo/iBH0rT+odzv8RvxkhLtGASpNR/b5MIwrnIpWLXgcSybAHNQPi/9peW5eNIq26AHF7QwxgUOHnSazNPCWkSjTye00uFHx8xHYQ7Fjq2pifzhTrDABZgtc3ws/bxOwxz2XnbLWAYhivUCSXCtNErLO68yO0X2NILtUJpJJ6JD+yRFjjBp6KFFwcsEIOHnJ7TW+jk+gAYFrRLRZb9Xp/yjO+JFAgMBAAGjUDBOMB0GA1UdDgQWBBTDeQkkzM7pXo6WQmW74xYTvPf5GDAfBgNVHSMEGDAWgBTDeQkkzM7pXo6WQmW74xYTvPf5GDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBawGnUJabQ/V9UG6/+tCZwKCge4qZKVQ67feu4NAIiQKrcnuuQb0U0g/CrwrJ2TTwHzRVJscf5KW9bWhK4Xuwm2Pq+ySTExHputJW8VaAYZ5J5G7K4M7H4zjCRJwdDSSNI3Jv4+Bs/sOi5jcLQ7wk0oCjQkiARFbB6On22WeAun618AHBTVgn0TsP2JasJyJJomrP6IqVF2Ox6/NB0GEr1gRAv5Apzvxvgra72JN9DcPjgsceJrRpTa8BBAglj87SFPq9khCrv1mnu2PQU0KM7aw35IjvgOdAXnBVmMX+S1UvB6UkT6L2T8PbjAR4Y3k8B4lbJxPVfk807TmA07bYF</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://myhost.example.com/simplesaml/saml2/idp/SingleLogoutService.php"/> <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat> <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://myhost.example.com/simplesaml/saml2/idp/SSOService.php"/> </md:IDPSSODescriptor> </md:EntityDescriptor> |
In the following metadata persistent NameID (row 24), organisation and ContacPerson (row 27-58) have been added. NOTE: This is an example and can't be uploaded to the federation. Read more about ow to publish metadata on the federation website.
<?xml version="1.0"?> <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="http://myhost.example.com/simplesaml/saml2/idp/metadata.php" ID="pfx797787f7-e5bd-acc6-89ef-4d120e679a48"><ds:Signature> <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:Reference URI="#pfx797787f7-e5bd-acc6-89ef-4d120e679a48"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>AzMFoTwyoKc0YHcPAaYl5jPIclE=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>Srzu2vX2+FC6tTNH+vImIdvfo8fXuWbcF4vkL3NdiTB/ZU3HTmjKg3KkNLKxw/DbGznNdnmi16ImWOqtETSbYDGPUwhYM13PvQ+OIfogmurj5sNE57pa3sg/MEOJB80A7axXCUKsOV4CqLTDZNh/d7imiS2G4VB7Kmo9o0y1ZQtkV6U5LWO87Mw9rIj+D16KiB2HVIqq/cxOJBa4A7BoVuqJi3Qsc7rDjZK8b6e/EhP1QKgfAPwmTIp7K88mfUlD3/fKo9EP5haLuXxjLLKySIwgqR56sLEwHttHMZMPg83zeOLgaeT8+qVA0NeplsM+2c5y2/OMk8vM9Q6ix7eOfg==</ds:SignatureValue> <ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDszCCApugAwIBAgIJAP7RfQ50pS1JMA0GCSqGSIb3DQEBCwUAMHAxCzAJBgNVBAYTAlNFMRIwEAYDVQQIDAlTdG9ja2hvbG0xEjAQBgNVBAcMCVN0b2NraG9sbTEMMAoGA1UECgwDSUlTMQwwCgYDVQQLDANGZWQxHTAbBgNVBAMMFHNhbWxpZHAubXlkb21haW4ubG9jMB4XDTE1MDgwNDExNDMzNloXDTIwMDgwMzExNDMzNlowcDELMAkGA1UEBhMCU0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2tob2xtMQwwCgYDVQQKDANJSVMxDDAKBgNVBAsMA0ZlZDEdMBsGA1UEAwwUc2FtbGlkcC5teWRvbWFpbi5sb2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT1HIQFaO7i5Zxt/Nf6kyHzy7gDXXaxLO++E7cjbMnaWUg/5dsWU0oBLpme+1m+7DybQQsIg9+yjqkJkS22z/2go3MB9PBnxmiaplhAYjWN7oBGpo1R1dwofYQZnLo/iBH0rT+odzv8RvxkhLtGASpNR/b5MIwrnIpWLXgcSybAHNQPi/9peW5eNIq26AHF7QwxgUOHnSazNPCWkSjTye00uFHx8xHYQ7Fjq2pifzhTrDABZgtc3ws/bxOwxz2XnbLWAYhivUCSXCtNErLO68yO0X2NILtUJpJJ6JD+yRFjjBp6KFFwcsEIOHnJ7TW+jk+gAYFrRLRZb9Xp/yjO+JFAgMBAAGjUDBOMB0GA1UdDgQWBBTDeQkkzM7pXo6WQmW74xYTvPf5GDAfBgNVHSMEGDAWgBTDeQkkzM7pXo6WQmW74xYTvPf5GDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBawGnUJabQ/V9UG6/+tCZwKCge4qZKVQ67feu4NAIiQKrcnuuQb0U0g/CrwrJ2TTwHzRVJscf5KW9bWhK4Xuwm2Pq+ySTExHputJW8VaAYZ5J5G7K4M7H4zjCRJwdDSSNI3Jv4+Bs/sOi5jcLQ7wk0oCjQkiARFbB6On22WeAun618AHBTVgn0TsP2JasJyJJomrP6IqVF2Ox6/NB0GEr1gRAv5Apzvxvgra72JN9DcPjgsceJrRpTa8BBAglj87SFPq9khCrv1mnu2PQU0KM7aw35IjvgOdAXnBVmMX+S1UvB6UkT6L2T8PbjAR4Y3k8B4lbJxPVfk807TmA07bYF</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature> <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <md:KeyDescriptor use="signing"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>MIIDszCCApugAwIBAgIJAP7RfQ50pS1JMA0GCSqGSIb3DQEBCwUAMHAxCzAJBgNVBAYTAlNFMRIwEAYDVQQIDAlTdG9ja2hvbG0xEjAQBgNVBAcMCVN0b2NraG9sbTEMMAoGA1UECgwDSUlTMQwwCgYDVQQLDANGZWQxHTAbBgNVBAMMFHNhbWxpZHAubXlkb21haW4ubG9jMB4XDTE1MDgwNDExNDMzNloXDTIwMDgwMzExNDMzNlowcDELMAkGA1UEBhMCU0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2tob2xtMQwwCgYDVQQKDANJSVMxDDAKBgNVBAsMA0ZlZDEdMBsGA1UEAwwUc2FtbGlkcC5teWRvbWFpbi5sb2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT1HIQFaO7i5Zxt/Nf6kyHzy7gDXXaxLO++E7cjbMnaWUg/5dsWU0oBLpme+1m+7DybQQsIg9+yjqkJkS22z/2go3MB9PBnxmiaplhAYjWN7oBGpo1R1dwofYQZnLo/iBH0rT+odzv8RvxkhLtGASpNR/b5MIwrnIpWLXgcSybAHNQPi/9peW5eNIq26AHF7QwxgUOHnSazNPCWkSjTye00uFHx8xHYQ7Fjq2pifzhTrDABZgtc3ws/bxOwxz2XnbLWAYhivUCSXCtNErLO68yO0X2NILtUJpJJ6JD+yRFjjBp6KFFwcsEIOHnJ7TW+jk+gAYFrRLRZb9Xp/yjO+JFAgMBAAGjUDBOMB0GA1UdDgQWBBTDeQkkzM7pXo6WQmW74xYTvPf5GDAfBgNVHSMEGDAWgBTDeQkkzM7pXo6WQmW74xYTvPf5GDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBawGnUJabQ/V9UG6/+tCZwKCge4qZKVQ67feu4NAIiQKrcnuuQb0U0g/CrwrJ2TTwHzRVJscf5KW9bWhK4Xuwm2Pq+ySTExHputJW8VaAYZ5J5G7K4M7H4zjCRJwdDSSNI3Jv4+Bs/sOi5jcLQ7wk0oCjQkiARFbB6On22WeAun618AHBTVgn0TsP2JasJyJJomrP6IqVF2Ox6/NB0GEr1gRAv5Apzvxvgra72JN9DcPjgsceJrRpTa8BBAglj87SFPq9khCrv1mnu2PQU0KM7aw35IjvgOdAXnBVmMX+S1UvB6UkT6L2T8PbjAR4Y3k8B4lbJxPVfk807TmA07bYF</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:KeyDescriptor use="encryption"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>MIIDszCCApugAwIBAgIJAP7RfQ50pS1JMA0GCSqGSIb3DQEBCwUAMHAxCzAJBgNVBAYTAlNFMRIwEAYDVQQIDAlTdG9ja2hvbG0xEjAQBgNVBAcMCVN0b2NraG9sbTEMMAoGA1UECgwDSUlTMQwwCgYDVQQLDANGZWQxHTAbBgNVBAMMFHNhbWxpZHAubXlkb21haW4ubG9jMB4XDTE1MDgwNDExNDMzNloXDTIwMDgwMzExNDMzNlowcDELMAkGA1UEBhMCU0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2tob2xtMQwwCgYDVQQKDANJSVMxDDAKBgNVBAsMA0ZlZDEdMBsGA1UEAwwUc2FtbGlkcC5teWRvbWFpbi5sb2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT1HIQFaO7i5Zxt/Nf6kyHzy7gDXXaxLO++E7cjbMnaWUg/5dsWU0oBLpme+1m+7DybQQsIg9+yjqkJkS22z/2go3MB9PBnxmiaplhAYjWN7oBGpo1R1dwofYQZnLo/iBH0rT+odzv8RvxkhLtGASpNR/b5MIwrnIpWLXgcSybAHNQPi/9peW5eNIq26AHF7QwxgUOHnSazNPCWkSjTye00uFHx8xHYQ7Fjq2pifzhTrDABZgtc3ws/bxOwxz2XnbLWAYhivUCSXCtNErLO68yO0X2NILtUJpJJ6JD+yRFjjBp6KFFwcsEIOHnJ7TW+jk+gAYFrRLRZb9Xp/yjO+JFAgMBAAGjUDBOMB0GA1UdDgQWBBTDeQkkzM7pXo6WQmW74xYTvPf5GDAfBgNVHSMEGDAWgBTDeQkkzM7pXo6WQmW74xYTvPf5GDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBawGnUJabQ/V9UG6/+tCZwKCge4qZKVQ67feu4NAIiQKrcnuuQb0U0g/CrwrJ2TTwHzRVJscf5KW9bWhK4Xuwm2Pq+ySTExHputJW8VaAYZ5J5G7K4M7H4zjCRJwdDSSNI3Jv4+Bs/sOi5jcLQ7wk0oCjQkiARFbB6On22WeAun618AHBTVgn0TsP2JasJyJJomrP6IqVF2Ox6/NB0GEr1gRAv5Apzvxvgra72JN9DcPjgsceJrRpTa8BBAglj87SFPq9khCrv1mnu2PQU0KM7aw35IjvgOdAXnBVmMX+S1UvB6UkT6L2T8PbjAR4Y3k8B4lbJxPVfk807TmA07bYF</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://myhost.example.com/simplesaml/saml2/idp/SingleLogoutService.php"/> <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat> <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat> <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://myhost.example.com/simplesaml/saml2/idp/SSOService.php"/> </md:IDPSSODescriptor> <md:Organization> <md:OrganizationName xml:lang="en">Example organization</md:OrganizationName> <md:OrganizationName xml:lang="sv">Exempel organisation</md:OrganizationName> <md:OrganizationDisplayName xml:lang="en">Example organization</md:OrganizationDisplayName> <md:OrganizationDisplayName xml:lang="sv">Exempel organisation</md:OrganizationDisplayName> <md:OrganizationURL xml:lang="en">www.example.com</md:OrganizationURL> <md:OrganizationURL xml:lang="sv">www.example.com</md:OrganizationURL> </md:Organization> <md:ContactPerson contactType="technical" xml:lang="sv"> <md:GivenName>Kalle</md:GivenName> <md:SurName>Andersson</md:SurName> <md:EmailAddress>kalle.andersson@example.com</md:EmailAddress> <md:TelephoneNumber>+468123456</md:TelephoneNumber> </md:ContactPerson> <md:ContactPerson contactType="technical" xml:lang="en"> <md:GivenName>Kalle</md:GivenName> <md:SurName>Andersson</md:SurName> <md:EmailAddress>kalle.andersson@example.com</md:EmailAddress> <md:TelephoneNumber>+468123456</md:TelephoneNumber> </md:ContactPerson> <md:ContactPerson contactType="support" xml:lang="sv"> <md:GivenName>Kalle</md:GivenName> <md:SurName>Andersson</md:SurName> <md:EmailAddress>kalle.andersson@example.com</md:EmailAddress> <md:TelephoneNumber>+468123456</md:TelephoneNumber> </md:ContactPerson> <md:ContactPerson contactType="support" xml:lang="en"> <md:GivenName>Kalle</md:GivenName> <md:SurName>Andersson</md:SurName> <md:EmailAddress>kalle.andersson@example.com</md:EmailAddress> <md:TelephoneNumber>+468123456</md:TelephoneNumber> </md:ContactPerson> </md:EntityDescriptor> |