ADFS identitetsudbyder metadata
Her er det metadata, som SimpleSAMLphp har genereret. Du kan sende det til dem du stoler i forbindelse med oprettelsen af en føderation.
Du kan få metadata-xml her:
https://saml.hivos.org/simplesaml/module.php/adfs/idp/metadata.php
Metadata
I SAML 2.0 metadata xml-format:
<?xml version="1.0"?> <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" entityID="urn:federation:saml.hivos.org:idp"> <md:RoleDescriptor xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" protocolSupportEnumeration="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:SecurityTokenServiceType"> <md:KeyDescriptor use="signing"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>MIIF9zCCA9+gAwIBAgIJAJUBLHaUBJ/8MA0GCSqGSIb3DQEBCwUAMIGRMQswCQYDVQQGEwJOTDEVMBMGA1UECAwMWnVpZC1Ib2xsYW5kMREwDwYDVQQHDAhEZW4gSGFhZzEOMAwGA1UECgwFSGl2b3MxDDAKBgNVBAsMA0lDVDEXMBUGA1UEAwwOc2FtbC5oaXZvcy5vcmcxITAfBgkqhkiG9w0BCQEWEmhlbHBkZXNrQGhpdm9zLm9yZzAeFw0xNzAzMDMwOTQ1MDRaFw0yNzAzMDMwOTQ1MDRaMIGRMQswCQYDVQQGEwJOTDEVMBMGA1UECAwMWnVpZC1Ib2xsYW5kMREwDwYDVQQHDAhEZW4gSGFhZzEOMAwGA1UECgwFSGl2b3MxDDAKBgNVBAsMA0lDVDEXMBUGA1UEAwwOc2FtbC5oaXZvcy5vcmcxITAfBgkqhkiG9w0BCQEWEmhlbHBkZXNrQGhpdm9zLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMl2IH41Eximbopm+JdeePuCd6jByUMjQsDB5Rv+XbjTEHEDbBSZSE+Hhc33dp2n+GudiNxab2NbKsosNGx4F4c2j5S3pU7gqCl/Gp3MXxpbC4XdY30/MuxIu1J1sHITzlEmLZ4CHR7KfpRNLYo3i0DnHVhDjgrvGBH4aGDbo2w22wg/uTrEp6dVtnqschcBwtJGl2B+r1FYFVmA5YB55rvwTZ7Dw9eVayMOJsWwFETH9C+BwY3lAMII5e/5hnT5EpxC9U8KIX2ZBm6vcllPKTUcH1h/2IzgD/0+aKK34bqtmuR1qlcYHqOMspysGLKzcwmXIWeF53Jb4YaeNe/HGvMVFLO42ja0R2mMDM5uo3frg4WckcHqUapN3r3PC6qmY3Ki6xxlsI4W/zEgNuLMLZksWJOs2/uik+JppwFWJwomqg3dKeZoJi0CJJhPRVBalu+oMNJTCSBQx3Vi6YMuVnYkuZ5e4XFa9z1LDZQtFo0f1GVfSoEUPdp1vYO7oeLQPl9n1kh4O6G4/ZnZswykpKeE43uDRIUKNXzmLET8DG8OWTxxNGDNOExczDURO3XR1yDHXkgHSSvQN2kVWr/OSqUqLsIRbRJ6WlSeb0klhrc3iAakN4lGgVR8E+BRu4hPxSuh4LmAavI+rP5W4DtgHmDph5jxySedwfZfSNDb7yNxAgMBAAGjUDBOMB0GA1UdDgQWBBTD7IDpPIq8HDNfcc90GX5XlJCAVjAfBgNVHSMEGDAWgBTD7IDpPIq8HDNfcc90GX5XlJCAVjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQC8b72JvsSW6w6FxBQ3vjyv0US31nZdBbRSnduSuU/QpEE1AjHjtcC/ItM8UjCiCm1HZlmG5RTQSCB+x+jok7WKSB9TxUQy2eMc2RonyNOhRs4rBjK1A/XGq/fQAfAO0KsWOmLnNjDCuzh2o5IxJYcEGK1LWUFrd3A1fjCzmWuQH+3uLw3HRnj0HRXXnKxknAF1acdSfR9ArlOzFndmbVIOIaLhT/LJ9jP4auhTDK+ug+jWNhpBecFFfLi223b9moEGilRInKmj2h1Qky7pNwJqDOt1LlyZ77HR8OXBF/AhXFItjOAFUHRsOv4Oo3BKCrXH4aJbSuGteawfTHDUfZFs6fhxsvIi+JkRti063i4l2Q8Upc0uQIDbhz8syqkTMvRUh06QBeOuNw+GbDVv8C/eDENH7a4FaWDQuKW0yr0/n3Bh0o+PoqCyCeBPD/naLmEP1ZLdjb4LAu5+GlWpWHvzGdLOxkIa+Mx1TWVhv+PqF+k1Kam823iWvpyKPc09tRrz/zqul30RAFO+m5NeKZh3s1Sn0+PAxSXrNvj6Jl07UGdwxUwZX7VLlhpRKm3Weah7weM32ageXFqzRqF/sVuWiewWP/xP4fQfYnqjUT0FGHDUpsreDPyAH77w8G2A1+yf+DtDoakxNo+IruPkcW7zrAkeyRPrGujgjzGVgfBdXA==</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:KeyDescriptor use="encryption"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>MIIF9zCCA9+gAwIBAgIJAJUBLHaUBJ/8MA0GCSqGSIb3DQEBCwUAMIGRMQswCQYDVQQGEwJOTDEVMBMGA1UECAwMWnVpZC1Ib2xsYW5kMREwDwYDVQQHDAhEZW4gSGFhZzEOMAwGA1UECgwFSGl2b3MxDDAKBgNVBAsMA0lDVDEXMBUGA1UEAwwOc2FtbC5oaXZvcy5vcmcxITAfBgkqhkiG9w0BCQEWEmhlbHBkZXNrQGhpdm9zLm9yZzAeFw0xNzAzMDMwOTQ1MDRaFw0yNzAzMDMwOTQ1MDRaMIGRMQswCQYDVQQGEwJOTDEVMBMGA1UECAwMWnVpZC1Ib2xsYW5kMREwDwYDVQQHDAhEZW4gSGFhZzEOMAwGA1UECgwFSGl2b3MxDDAKBgNVBAsMA0lDVDEXMBUGA1UEAwwOc2FtbC5oaXZvcy5vcmcxITAfBgkqhkiG9w0BCQEWEmhlbHBkZXNrQGhpdm9zLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMl2IH41Eximbopm+JdeePuCd6jByUMjQsDB5Rv+XbjTEHEDbBSZSE+Hhc33dp2n+GudiNxab2NbKsosNGx4F4c2j5S3pU7gqCl/Gp3MXxpbC4XdY30/MuxIu1J1sHITzlEmLZ4CHR7KfpRNLYo3i0DnHVhDjgrvGBH4aGDbo2w22wg/uTrEp6dVtnqschcBwtJGl2B+r1FYFVmA5YB55rvwTZ7Dw9eVayMOJsWwFETH9C+BwY3lAMII5e/5hnT5EpxC9U8KIX2ZBm6vcllPKTUcH1h/2IzgD/0+aKK34bqtmuR1qlcYHqOMspysGLKzcwmXIWeF53Jb4YaeNe/HGvMVFLO42ja0R2mMDM5uo3frg4WckcHqUapN3r3PC6qmY3Ki6xxlsI4W/zEgNuLMLZksWJOs2/uik+JppwFWJwomqg3dKeZoJi0CJJhPRVBalu+oMNJTCSBQx3Vi6YMuVnYkuZ5e4XFa9z1LDZQtFo0f1GVfSoEUPdp1vYO7oeLQPl9n1kh4O6G4/ZnZswykpKeE43uDRIUKNXzmLET8DG8OWTxxNGDNOExczDURO3XR1yDHXkgHSSvQN2kVWr/OSqUqLsIRbRJ6WlSeb0klhrc3iAakN4lGgVR8E+BRu4hPxSuh4LmAavI+rP5W4DtgHmDph5jxySedwfZfSNDb7yNxAgMBAAGjUDBOMB0GA1UdDgQWBBTD7IDpPIq8HDNfcc90GX5XlJCAVjAfBgNVHSMEGDAWgBTD7IDpPIq8HDNfcc90GX5XlJCAVjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQC8b72JvsSW6w6FxBQ3vjyv0US31nZdBbRSnduSuU/QpEE1AjHjtcC/ItM8UjCiCm1HZlmG5RTQSCB+x+jok7WKSB9TxUQy2eMc2RonyNOhRs4rBjK1A/XGq/fQAfAO0KsWOmLnNjDCuzh2o5IxJYcEGK1LWUFrd3A1fjCzmWuQH+3uLw3HRnj0HRXXnKxknAF1acdSfR9ArlOzFndmbVIOIaLhT/LJ9jP4auhTDK+ug+jWNhpBecFFfLi223b9moEGilRInKmj2h1Qky7pNwJqDOt1LlyZ77HR8OXBF/AhXFItjOAFUHRsOv4Oo3BKCrXH4aJbSuGteawfTHDUfZFs6fhxsvIi+JkRti063i4l2Q8Upc0uQIDbhz8syqkTMvRUh06QBeOuNw+GbDVv8C/eDENH7a4FaWDQuKW0yr0/n3Bh0o+PoqCyCeBPD/naLmEP1ZLdjb4LAu5+GlWpWHvzGdLOxkIa+Mx1TWVhv+PqF+k1Kam823iWvpyKPc09tRrz/zqul30RAFO+m5NeKZh3s1Sn0+PAxSXrNvj6Jl07UGdwxUwZX7VLlhpRKm3Weah7weM32ageXFqzRqF/sVuWiewWP/xP4fQfYnqjUT0FGHDUpsreDPyAH77w8G2A1+yf+DtDoakxNo+IruPkcW7zrAkeyRPrGujgjzGVgfBdXA==</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <fed:TokenTypesOffered> <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion"/> </fed:TokenTypesOffered> <SecurityTokenServiceEndpoint> <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> <Address>https://saml.hivos.org/simplesaml/module.php/adfs/idp/prp.php</Address> </EndpointReference> </SecurityTokenServiceEndpoint> <fed:PassiveRequestorEndpoint> <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> <Address>https://saml.hivos.org/simplesaml/module.php/adfs/idp/prp.php</Address> </EndpointReference> </fed:PassiveRequestorEndpoint> </md:RoleDescriptor> <md:ContactPerson contactType="technical"> <md:GivenName>Hivos</md:GivenName> <md:SurName>ICT</md:SurName> <md:EmailAddress>admin@hivos.org</md:EmailAddress> </md:ContactPerson> </md:EntityDescriptor>
I SimpleSAMLphp flat-file format - brug dette hvis du også bruger SimpleSAMLphp i den anden ende;
$metadata['urn:federation:saml.hivos.org:idp'] = array ( 'metadata-set' => 'adfs-idp-remote', 'entityid' => 'urn:federation:saml.hivos.org:idp', 'SingleSignOnService' => array ( 0 => array ( 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'Location' => 'https://saml.hivos.org/simplesaml/module.php/adfs/idp/prp.php', ), ), 'SingleLogoutService' => array ( 0 => array ( 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'Location' => 'https://saml.hivos.org/simplesaml/module.php/adfs/idp/prp.php', ), ), 'certData' => 'MIIF9zCCA9+gAwIBAgIJAJUBLHaUBJ/8MA0GCSqGSIb3DQEBCwUAMIGRMQswCQYDVQQGEwJOTDEVMBMGA1UECAwMWnVpZC1Ib2xsYW5kMREwDwYDVQQHDAhEZW4gSGFhZzEOMAwGA1UECgwFSGl2b3MxDDAKBgNVBAsMA0lDVDEXMBUGA1UEAwwOc2FtbC5oaXZvcy5vcmcxITAfBgkqhkiG9w0BCQEWEmhlbHBkZXNrQGhpdm9zLm9yZzAeFw0xNzAzMDMwOTQ1MDRaFw0yNzAzMDMwOTQ1MDRaMIGRMQswCQYDVQQGEwJOTDEVMBMGA1UECAwMWnVpZC1Ib2xsYW5kMREwDwYDVQQHDAhEZW4gSGFhZzEOMAwGA1UECgwFSGl2b3MxDDAKBgNVBAsMA0lDVDEXMBUGA1UEAwwOc2FtbC5oaXZvcy5vcmcxITAfBgkqhkiG9w0BCQEWEmhlbHBkZXNrQGhpdm9zLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMl2IH41Eximbopm+JdeePuCd6jByUMjQsDB5Rv+XbjTEHEDbBSZSE+Hhc33dp2n+GudiNxab2NbKsosNGx4F4c2j5S3pU7gqCl/Gp3MXxpbC4XdY30/MuxIu1J1sHITzlEmLZ4CHR7KfpRNLYo3i0DnHVhDjgrvGBH4aGDbo2w22wg/uTrEp6dVtnqschcBwtJGl2B+r1FYFVmA5YB55rvwTZ7Dw9eVayMOJsWwFETH9C+BwY3lAMII5e/5hnT5EpxC9U8KIX2ZBm6vcllPKTUcH1h/2IzgD/0+aKK34bqtmuR1qlcYHqOMspysGLKzcwmXIWeF53Jb4YaeNe/HGvMVFLO42ja0R2mMDM5uo3frg4WckcHqUapN3r3PC6qmY3Ki6xxlsI4W/zEgNuLMLZksWJOs2/uik+JppwFWJwomqg3dKeZoJi0CJJhPRVBalu+oMNJTCSBQx3Vi6YMuVnYkuZ5e4XFa9z1LDZQtFo0f1GVfSoEUPdp1vYO7oeLQPl9n1kh4O6G4/ZnZswykpKeE43uDRIUKNXzmLET8DG8OWTxxNGDNOExczDURO3XR1yDHXkgHSSvQN2kVWr/OSqUqLsIRbRJ6WlSeb0klhrc3iAakN4lGgVR8E+BRu4hPxSuh4LmAavI+rP5W4DtgHmDph5jxySedwfZfSNDb7yNxAgMBAAGjUDBOMB0GA1UdDgQWBBTD7IDpPIq8HDNfcc90GX5XlJCAVjAfBgNVHSMEGDAWgBTD7IDpPIq8HDNfcc90GX5XlJCAVjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQC8b72JvsSW6w6FxBQ3vjyv0US31nZdBbRSnduSuU/QpEE1AjHjtcC/ItM8UjCiCm1HZlmG5RTQSCB+x+jok7WKSB9TxUQy2eMc2RonyNOhRs4rBjK1A/XGq/fQAfAO0KsWOmLnNjDCuzh2o5IxJYcEGK1LWUFrd3A1fjCzmWuQH+3uLw3HRnj0HRXXnKxknAF1acdSfR9ArlOzFndmbVIOIaLhT/LJ9jP4auhTDK+ug+jWNhpBecFFfLi223b9moEGilRInKmj2h1Qky7pNwJqDOt1LlyZ77HR8OXBF/AhXFItjOAFUHRsOv4Oo3BKCrXH4aJbSuGteawfTHDUfZFs6fhxsvIi+JkRti063i4l2Q8Upc0uQIDbhz8syqkTMvRUh06QBeOuNw+GbDVv8C/eDENH7a4FaWDQuKW0yr0/n3Bh0o+PoqCyCeBPD/naLmEP1ZLdjb4LAu5+GlWpWHvzGdLOxkIa+Mx1TWVhv+PqF+k1Kam823iWvpyKPc09tRrz/zqul30RAFO+m5NeKZh3s1Sn0+PAxSXrNvj6Jl07UGdwxUwZX7VLlhpRKm3Weah7weM32ageXFqzRqF/sVuWiewWP/xP4fQfYnqjUT0FGHDUpsreDPyAH77w8G2A1+yf+DtDoakxNo+IruPkcW7zrAkeyRPrGujgjzGVgfBdXA==', 'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient', );
Certifikater
Download X509 certifikaterne som PEM-indkodet filer.