SAML 2.0 IdP metaandmed
Need on SimpleSAMLphp poolt sulle genereeritud metaandmed. Võid saata need metaandmed usaldatavatele partneritele usaldatava föderatsiooni loomiseks.
Metaandmete XML-i on võimalik saada spetsiaalselt aadressilt:
https://saml.hivos.org/simplesaml/saml2/idp/metadata.php
Metaandmed
SAML 2.0 metaandmete XML-vormingus:
<?xml version="1.0"?> <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://saml.hivos.org/simplesaml/saml2/idp/metadata.php"> <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <md:KeyDescriptor use="signing"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>MIIF9zCCA9+gAwIBAgIJAJUBLHaUBJ/8MA0GCSqGSIb3DQEBCwUAMIGRMQswCQYDVQQGEwJOTDEVMBMGA1UECAwMWnVpZC1Ib2xsYW5kMREwDwYDVQQHDAhEZW4gSGFhZzEOMAwGA1UECgwFSGl2b3MxDDAKBgNVBAsMA0lDVDEXMBUGA1UEAwwOc2FtbC5oaXZvcy5vcmcxITAfBgkqhkiG9w0BCQEWEmhlbHBkZXNrQGhpdm9zLm9yZzAeFw0xNzAzMDMwOTQ1MDRaFw0yNzAzMDMwOTQ1MDRaMIGRMQswCQYDVQQGEwJOTDEVMBMGA1UECAwMWnVpZC1Ib2xsYW5kMREwDwYDVQQHDAhEZW4gSGFhZzEOMAwGA1UECgwFSGl2b3MxDDAKBgNVBAsMA0lDVDEXMBUGA1UEAwwOc2FtbC5oaXZvcy5vcmcxITAfBgkqhkiG9w0BCQEWEmhlbHBkZXNrQGhpdm9zLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMl2IH41Eximbopm+JdeePuCd6jByUMjQsDB5Rv+XbjTEHEDbBSZSE+Hhc33dp2n+GudiNxab2NbKsosNGx4F4c2j5S3pU7gqCl/Gp3MXxpbC4XdY30/MuxIu1J1sHITzlEmLZ4CHR7KfpRNLYo3i0DnHVhDjgrvGBH4aGDbo2w22wg/uTrEp6dVtnqschcBwtJGl2B+r1FYFVmA5YB55rvwTZ7Dw9eVayMOJsWwFETH9C+BwY3lAMII5e/5hnT5EpxC9U8KIX2ZBm6vcllPKTUcH1h/2IzgD/0+aKK34bqtmuR1qlcYHqOMspysGLKzcwmXIWeF53Jb4YaeNe/HGvMVFLO42ja0R2mMDM5uo3frg4WckcHqUapN3r3PC6qmY3Ki6xxlsI4W/zEgNuLMLZksWJOs2/uik+JppwFWJwomqg3dKeZoJi0CJJhPRVBalu+oMNJTCSBQx3Vi6YMuVnYkuZ5e4XFa9z1LDZQtFo0f1GVfSoEUPdp1vYO7oeLQPl9n1kh4O6G4/ZnZswykpKeE43uDRIUKNXzmLET8DG8OWTxxNGDNOExczDURO3XR1yDHXkgHSSvQN2kVWr/OSqUqLsIRbRJ6WlSeb0klhrc3iAakN4lGgVR8E+BRu4hPxSuh4LmAavI+rP5W4DtgHmDph5jxySedwfZfSNDb7yNxAgMBAAGjUDBOMB0GA1UdDgQWBBTD7IDpPIq8HDNfcc90GX5XlJCAVjAfBgNVHSMEGDAWgBTD7IDpPIq8HDNfcc90GX5XlJCAVjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQC8b72JvsSW6w6FxBQ3vjyv0US31nZdBbRSnduSuU/QpEE1AjHjtcC/ItM8UjCiCm1HZlmG5RTQSCB+x+jok7WKSB9TxUQy2eMc2RonyNOhRs4rBjK1A/XGq/fQAfAO0KsWOmLnNjDCuzh2o5IxJYcEGK1LWUFrd3A1fjCzmWuQH+3uLw3HRnj0HRXXnKxknAF1acdSfR9ArlOzFndmbVIOIaLhT/LJ9jP4auhTDK+ug+jWNhpBecFFfLi223b9moEGilRInKmj2h1Qky7pNwJqDOt1LlyZ77HR8OXBF/AhXFItjOAFUHRsOv4Oo3BKCrXH4aJbSuGteawfTHDUfZFs6fhxsvIi+JkRti063i4l2Q8Upc0uQIDbhz8syqkTMvRUh06QBeOuNw+GbDVv8C/eDENH7a4FaWDQuKW0yr0/n3Bh0o+PoqCyCeBPD/naLmEP1ZLdjb4LAu5+GlWpWHvzGdLOxkIa+Mx1TWVhv+PqF+k1Kam823iWvpyKPc09tRrz/zqul30RAFO+m5NeKZh3s1Sn0+PAxSXrNvj6Jl07UGdwxUwZX7VLlhpRKm3Weah7weM32ageXFqzRqF/sVuWiewWP/xP4fQfYnqjUT0FGHDUpsreDPyAH77w8G2A1+yf+DtDoakxNo+IruPkcW7zrAkeyRPrGujgjzGVgfBdXA==</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:KeyDescriptor use="encryption"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>MIIF9zCCA9+gAwIBAgIJAJUBLHaUBJ/8MA0GCSqGSIb3DQEBCwUAMIGRMQswCQYDVQQGEwJOTDEVMBMGA1UECAwMWnVpZC1Ib2xsYW5kMREwDwYDVQQHDAhEZW4gSGFhZzEOMAwGA1UECgwFSGl2b3MxDDAKBgNVBAsMA0lDVDEXMBUGA1UEAwwOc2FtbC5oaXZvcy5vcmcxITAfBgkqhkiG9w0BCQEWEmhlbHBkZXNrQGhpdm9zLm9yZzAeFw0xNzAzMDMwOTQ1MDRaFw0yNzAzMDMwOTQ1MDRaMIGRMQswCQYDVQQGEwJOTDEVMBMGA1UECAwMWnVpZC1Ib2xsYW5kMREwDwYDVQQHDAhEZW4gSGFhZzEOMAwGA1UECgwFSGl2b3MxDDAKBgNVBAsMA0lDVDEXMBUGA1UEAwwOc2FtbC5oaXZvcy5vcmcxITAfBgkqhkiG9w0BCQEWEmhlbHBkZXNrQGhpdm9zLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMl2IH41Eximbopm+JdeePuCd6jByUMjQsDB5Rv+XbjTEHEDbBSZSE+Hhc33dp2n+GudiNxab2NbKsosNGx4F4c2j5S3pU7gqCl/Gp3MXxpbC4XdY30/MuxIu1J1sHITzlEmLZ4CHR7KfpRNLYo3i0DnHVhDjgrvGBH4aGDbo2w22wg/uTrEp6dVtnqschcBwtJGl2B+r1FYFVmA5YB55rvwTZ7Dw9eVayMOJsWwFETH9C+BwY3lAMII5e/5hnT5EpxC9U8KIX2ZBm6vcllPKTUcH1h/2IzgD/0+aKK34bqtmuR1qlcYHqOMspysGLKzcwmXIWeF53Jb4YaeNe/HGvMVFLO42ja0R2mMDM5uo3frg4WckcHqUapN3r3PC6qmY3Ki6xxlsI4W/zEgNuLMLZksWJOs2/uik+JppwFWJwomqg3dKeZoJi0CJJhPRVBalu+oMNJTCSBQx3Vi6YMuVnYkuZ5e4XFa9z1LDZQtFo0f1GVfSoEUPdp1vYO7oeLQPl9n1kh4O6G4/ZnZswykpKeE43uDRIUKNXzmLET8DG8OWTxxNGDNOExczDURO3XR1yDHXkgHSSvQN2kVWr/OSqUqLsIRbRJ6WlSeb0klhrc3iAakN4lGgVR8E+BRu4hPxSuh4LmAavI+rP5W4DtgHmDph5jxySedwfZfSNDb7yNxAgMBAAGjUDBOMB0GA1UdDgQWBBTD7IDpPIq8HDNfcc90GX5XlJCAVjAfBgNVHSMEGDAWgBTD7IDpPIq8HDNfcc90GX5XlJCAVjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQC8b72JvsSW6w6FxBQ3vjyv0US31nZdBbRSnduSuU/QpEE1AjHjtcC/ItM8UjCiCm1HZlmG5RTQSCB+x+jok7WKSB9TxUQy2eMc2RonyNOhRs4rBjK1A/XGq/fQAfAO0KsWOmLnNjDCuzh2o5IxJYcEGK1LWUFrd3A1fjCzmWuQH+3uLw3HRnj0HRXXnKxknAF1acdSfR9ArlOzFndmbVIOIaLhT/LJ9jP4auhTDK+ug+jWNhpBecFFfLi223b9moEGilRInKmj2h1Qky7pNwJqDOt1LlyZ77HR8OXBF/AhXFItjOAFUHRsOv4Oo3BKCrXH4aJbSuGteawfTHDUfZFs6fhxsvIi+JkRti063i4l2Q8Upc0uQIDbhz8syqkTMvRUh06QBeOuNw+GbDVv8C/eDENH7a4FaWDQuKW0yr0/n3Bh0o+PoqCyCeBPD/naLmEP1ZLdjb4LAu5+GlWpWHvzGdLOxkIa+Mx1TWVhv+PqF+k1Kam823iWvpyKPc09tRrz/zqul30RAFO+m5NeKZh3s1Sn0+PAxSXrNvj6Jl07UGdwxUwZX7VLlhpRKm3Weah7weM32ageXFqzRqF/sVuWiewWP/xP4fQfYnqjUT0FGHDUpsreDPyAH77w8G2A1+yf+DtDoakxNo+IruPkcW7zrAkeyRPrGujgjzGVgfBdXA==</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://saml.hivos.org/simplesaml/saml2/idp/SingleLogoutService.php"/> <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat> <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://saml.hivos.org/simplesaml/saml2/idp/SSOService.php"/> </md:IDPSSODescriptor> <md:ContactPerson contactType="technical"> <md:GivenName>Hivos</md:GivenName> <md:SurName>ICT</md:SurName> <md:EmailAddress>admin@hivos.org</md:EmailAddress> </md:ContactPerson> </md:EntityDescriptor>
SimpleSAMLphp formaadis: kasuta seda siis, kui ka teine pool kasutab SimpleSAMLphp-d:
$metadata['https://saml.hivos.org/simplesaml/saml2/idp/metadata.php'] = array ( 'metadata-set' => 'saml20-idp-remote', 'entityid' => 'https://saml.hivos.org/simplesaml/saml2/idp/metadata.php', 'SingleSignOnService' => array ( 0 => array ( 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'Location' => 'https://saml.hivos.org/simplesaml/saml2/idp/SSOService.php', ), ), 'SingleLogoutService' => array ( 0 => array ( 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'Location' => 'https://saml.hivos.org/simplesaml/saml2/idp/SingleLogoutService.php', ), ), 'certData' => 'MIIF9zCCA9+gAwIBAgIJAJUBLHaUBJ/8MA0GCSqGSIb3DQEBCwUAMIGRMQswCQYDVQQGEwJOTDEVMBMGA1UECAwMWnVpZC1Ib2xsYW5kMREwDwYDVQQHDAhEZW4gSGFhZzEOMAwGA1UECgwFSGl2b3MxDDAKBgNVBAsMA0lDVDEXMBUGA1UEAwwOc2FtbC5oaXZvcy5vcmcxITAfBgkqhkiG9w0BCQEWEmhlbHBkZXNrQGhpdm9zLm9yZzAeFw0xNzAzMDMwOTQ1MDRaFw0yNzAzMDMwOTQ1MDRaMIGRMQswCQYDVQQGEwJOTDEVMBMGA1UECAwMWnVpZC1Ib2xsYW5kMREwDwYDVQQHDAhEZW4gSGFhZzEOMAwGA1UECgwFSGl2b3MxDDAKBgNVBAsMA0lDVDEXMBUGA1UEAwwOc2FtbC5oaXZvcy5vcmcxITAfBgkqhkiG9w0BCQEWEmhlbHBkZXNrQGhpdm9zLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMl2IH41Eximbopm+JdeePuCd6jByUMjQsDB5Rv+XbjTEHEDbBSZSE+Hhc33dp2n+GudiNxab2NbKsosNGx4F4c2j5S3pU7gqCl/Gp3MXxpbC4XdY30/MuxIu1J1sHITzlEmLZ4CHR7KfpRNLYo3i0DnHVhDjgrvGBH4aGDbo2w22wg/uTrEp6dVtnqschcBwtJGl2B+r1FYFVmA5YB55rvwTZ7Dw9eVayMOJsWwFETH9C+BwY3lAMII5e/5hnT5EpxC9U8KIX2ZBm6vcllPKTUcH1h/2IzgD/0+aKK34bqtmuR1qlcYHqOMspysGLKzcwmXIWeF53Jb4YaeNe/HGvMVFLO42ja0R2mMDM5uo3frg4WckcHqUapN3r3PC6qmY3Ki6xxlsI4W/zEgNuLMLZksWJOs2/uik+JppwFWJwomqg3dKeZoJi0CJJhPRVBalu+oMNJTCSBQx3Vi6YMuVnYkuZ5e4XFa9z1LDZQtFo0f1GVfSoEUPdp1vYO7oeLQPl9n1kh4O6G4/ZnZswykpKeE43uDRIUKNXzmLET8DG8OWTxxNGDNOExczDURO3XR1yDHXkgHSSvQN2kVWr/OSqUqLsIRbRJ6WlSeb0klhrc3iAakN4lGgVR8E+BRu4hPxSuh4LmAavI+rP5W4DtgHmDph5jxySedwfZfSNDb7yNxAgMBAAGjUDBOMB0GA1UdDgQWBBTD7IDpPIq8HDNfcc90GX5XlJCAVjAfBgNVHSMEGDAWgBTD7IDpPIq8HDNfcc90GX5XlJCAVjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQC8b72JvsSW6w6FxBQ3vjyv0US31nZdBbRSnduSuU/QpEE1AjHjtcC/ItM8UjCiCm1HZlmG5RTQSCB+x+jok7WKSB9TxUQy2eMc2RonyNOhRs4rBjK1A/XGq/fQAfAO0KsWOmLnNjDCuzh2o5IxJYcEGK1LWUFrd3A1fjCzmWuQH+3uLw3HRnj0HRXXnKxknAF1acdSfR9ArlOzFndmbVIOIaLhT/LJ9jP4auhTDK+ug+jWNhpBecFFfLi223b9moEGilRInKmj2h1Qky7pNwJqDOt1LlyZ77HR8OXBF/AhXFItjOAFUHRsOv4Oo3BKCrXH4aJbSuGteawfTHDUfZFs6fhxsvIi+JkRti063i4l2Q8Upc0uQIDbhz8syqkTMvRUh06QBeOuNw+GbDVv8C/eDENH7a4FaWDQuKW0yr0/n3Bh0o+PoqCyCeBPD/naLmEP1ZLdjb4LAu5+GlWpWHvzGdLOxkIa+Mx1TWVhv+PqF+k1Kam823iWvpyKPc09tRrz/zqul30RAFO+m5NeKZh3s1Sn0+PAxSXrNvj6Jl07UGdwxUwZX7VLlhpRKm3Weah7weM32ageXFqzRqF/sVuWiewWP/xP4fQfYnqjUT0FGHDUpsreDPyAH77w8G2A1+yf+DtDoakxNo+IruPkcW7zrAkeyRPrGujgjzGVgfBdXA==', 'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient', 'contacts' => array ( 0 => array ( 'emailAddress' => 'admin@hivos.org', 'contactType' => 'technical', 'givenName' => 'Hivos', 'surName' => 'ICT', ), ), );
Sertifikaadid
Lae alla X509 sertifikaadid PEM kodeeringus failidena.