pySAML2

  1. Bug #931672
  2. Comment #8

Comment 8 for bug 931672

Revision history for this message
MaLa (marco-malavolti) wrote :

    Yes sure! Here you are:

    idp_metadata.xml:

    <?xml version="1.0" encoding="UTF-8"?>
    <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" entityID="https://idp.xxx.it/idp/shibboleth">

        <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">

            <Extensions>
                <shibmd:Scope regexp="false">unimo.it</shibmd:Scope>
            </Extensions>

            <KeyDescriptor>
                <ds:KeyInfo>
                    <ds:X509Data>
                        <ds:X509Certificate>
    MIIDLDCCAhSgAwIBAgIVAMByuzNVg9NccgI7pZbhZo1Hb5zGMA0GCSqGSIb3DQEB
    BQUAMBsxGTAXBgNVBAMTEGlkcC5sYWIudW5pbW8uaXQwHhcNMTExMDE3MTcyMzQw
    WhcNMzExMDE3MTcyMzQwWjAbMRkwFwYDVQQDExBpZHAubGFiLnVuaW1vLml0MIIB
    IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgz/7W1lCjc/KQDgTOWZB4Eq3
    8L/UCT80P6BNTVm5r4Iz9uIdKnLgVbalqqi/U7IpSMVzGb8fHoe6w98HACC2f34p
    dx4dA+kHQgUnVuwrCn4Xfe9uj26LCriRmNhfclSHN9fye5KKYsyie7K+1xU81AM/
    abRAhN8QFCdY/04Awhlu6wpZ1fnpjVTuT0vJfDmEQJGzLklmUNgraxOymdIwut3c
    uo6/c6BFoGrZP7wZAZtUEImTTAUvNSW1dtrbVgO4eWT3vFh2YTIc7kga6gEc9e/e
    m/hX387IjhRc2qOSacnjVvb8XroL5VoOA/3G9UUrrvqgop08aZav0W5xNKPArwID
    AQABo2cwZTBEBgNVHREEPTA7ghBpZHAubGFiLnVuaW1vLml0hidodHRwczovL2lk
    cC5sYWIudW5pbW8uaXQvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFDhLVKR/ord0
    hSCe2fo50gxY8yt0MA0GCSqGSIb3DQEBBQUAA4IBAQBaZhEcEMqM5YoE3fA5RuUY
    861MJ9CufJQf4x7wX+OHCn38y/wjslb75bX1fkAXAINfuCCLfpWLxRx1pwZmqwYp
    bbSX9phTe55pBwia4gWFYSEPzXrjzTFXwja+DpaGIxft4ueqkyxYIW9YKgRCQIBq
    C2uvovllJeLQmZ2qJF45wm67v4uFZzV+PI58nlyEdlyyjbFPJ3WomgiE5sGDJx2q
    ZN1w5d4lsJ/IrC6bZBHf5Ax/MsVTcRin+rI0V1qDVROvxt1JjcyIZyqj+1TuVLKK
    08sIFCHmvai0BwLpipr4xwzBUSJOVqfCbwIhgkhfxkby38wE7C0mGYQpO8YMGqs3

                        </ds:X509Certificate>
                    </ds:X509Data>
                </ds:KeyInfo>
            </KeyDescriptor>

            <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.xxx.it:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>

            <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.xxx.it:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>

            <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
            <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>

            <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.xxx.it/idp/profile/Shibboleth/SSO"/>

            <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.xxx.it/idp/profile/SAML2/POST/SSO"/>

            <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.xxx.it/idp/profile/SAML2/POST-SimpleSign/SSO"/>

            <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.xxx.it/idp/profile/SAML2/Redirect/SSO"/>
        </IDPSSODescriptor>

        <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">

            <Extensions>
                <shibmd:Scope regexp="false">unimo.it</shibmd:Scope>
            </Extensions>

            <KeyDescriptor>
                <ds:KeyInfo>
                    <ds:X509Data>
                        <ds:X509Certificate>
    MIIDLDCCAhSgAwIBAgIVAMByuzNVg9NccgI7pZbhZo1Hb5zGMA0GCSqGSIb3DQEB
    BQUAMBsxGTAXBgNVBAMTEGlkcC5sYWIudW5pbW8uaXQwHhcNMTExMDE3MTcyMzQw
    WhcNMzExMDE3MTcyMzQwWjAbMRkwFwYDVQQDExBpZHAubGFiLnVuaW1vLml0MIIB
    IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgz/7W1lCjc/KQDgTOWZB4Eq3
    8L/UCT80P6BNTVm5r4Iz9uIdKnLgVbalqqi/U7IpSMVzGb8fHoe6w98HACC2f34p
    dx4dA+kHQgUnVuwrCn4Xfe9uj26LCriRmNhfclSHN9fye5KKYsyie7K+1xU81AM/
    abRAhN8QFCdY/04Awhlu6wpZ1fnpjVTuT0vJfDmEQJGzLklmUNgraxOymdIwut3c
    uo6/c6BFoGrZP7wZAZtUEImTTAUvNSW1dtrbVgO4eWT3vFh2YTIc7kga6gEc9e/e
    m/hX387IjhRc2qOSacnjVvb8XroL5VoOA/3G9UUrrvqgop08aZav0W5xNKPArwID
    AQABo2cwZTBEBgNVHREEPTA7ghBpZHAubGFiLnVuaW1vLml0hidodHRwczovL2lk
    cC5sYWIudW5pbW8uaXQvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFDhLVKR/ord0
    hSCe2fo50gxY8yt0MA0GCSqGSIb3DQEBBQUAA4IBAQBaZhEcEMqM5YoE3fA5RuUY
    861MJ9CufJQf4x7wX+OHCn38y/wjslb75bX1fkAXAINfuCCLfpWLxRx1pwZmqwYp
    bbSX9phTe55pBwia4gWFYSEPzXrjzTFXwja+DpaGIxft4ueqkyxYIW9YKgRCQIBq
    C2uvovllJeLQmZ2qJF45wm67v4uFZzV+PI58nlyEdlyyjbFPJ3WomgiE5sGDJx2q
    ZN1w5d4lsJ/IrC6bZBHf5Ax/MsVTcRin+rI0V1qDVROvxt1JjcyIZyqj+1TuVLKK
    08sIFCHmvai0BwLpipr4xwzBUSJOVqfCbwIhgkhfxkby38wE7C0mGYQpO8YMGqs3

                        </ds:X509Certificate>
                    </ds:X509Data>
                </ds:KeyInfo>
            </KeyDescriptor>

            <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.xxx.it:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>

            <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.xxx.it:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>

            <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
            <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>

        </AttributeAuthorityDescriptor>

    </EntityDescriptor>