Metadados SAML 2.0 SP
De seguida pode encontrar os metadados gerados pelo SimpleSAMLphp. Pode enviar este documento de metadados aos seus parceiros para configurar uma federação.
Pode obter os metadados em XML num URL dedicado:
https://test.scoutid.se/simplesaml/module.php/saml/sp/metadata.php/default-sp
Metadados
Metadados no formato XML SAML 2.0
<?xml version="1.0" encoding="UTF-8"?> <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://test.scoutid.se/simplesaml/module.php/saml/sp/metadata.php/default-sp" ID="_e809e5ff194486c5f44db0b90d3d3ec3b6b5ac89f99e65ae983e45e731fda336"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> <ds:Reference URI="#_e809e5ff194486c5f44db0b90d3d3ec3b6b5ac89f99e65ae983e45e731fda336"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>VnZL8i+Xd6b08PUjEd7UEsVEls6ablrQUuTDTIXT2Q4=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>imr8fgfYDJru3EnbE6H7drudxAXcGLDQm//HMOpHphWSHeWGj35q+t7MKSNF3M551W+k+KDJDzljRryT8ISoPTkKgFXbRCL2/zEbMyh3xr6/7m6WZF/Farl6d/N90kuAcUVcdUkn2wvNscm3LmZMIDFx0mQOhtO7sn5M6yxI97ZZDEgjcN1aXBbYLBvG59jKMsxWgXeQwXzpkyA7o0q3PiSCWAMvxRInRQltGfg1qXBeqk2T5JIOG+BZkpIGFLJJoAMjA/w1nHtkj5ugNcbz2rVPOWdHMyKjEDpvvGBECIXss3kw0j7mxlKF6cv06qqUP+E3xXcLpA9nO6e5F8Gx/w==</ds:SignatureValue> <ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIFUTCCBDmgAwIBAgIQP0bqtM+1bnkNt5lUZIuJXDANBgkqhkiG9w0BAQsFADCBkDELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxNjA0BgNVBAMTLUNPTU9ETyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTAeFw0xODAyMTUwMDAwMDBaFw0yMTAyMTQyMzU5NTlaMFMxITAfBgNVBAsTGERvbWFpbiBDb250cm9sIFZhbGlkYXRlZDEUMBIGA1UECxMLUG9zaXRpdmVTU0wxGDAWBgNVBAMTD3Rlc3Quc2NvdXRpZC5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMAFnLHrgB6Y3TJE2B25uuN+btaHlHAMi98j1TTer3yXW7lirlw+tfBMObkM/ofHa8EFBDbcCNIr8bgs9ey3z7Qc6/1xMhcCMzn6h3hZALp0MIcSuNk4HERihPFt1sd6bxC1Gn081BU+TssxtkOyuzwIgv7uWweMWnPjQI8LUCCWf5mqwtwqXB8F6639ZN0Zx8KDn84wCRlshCHbgMBbe5uZJHsLR+2r5cDDfqJ7PT4IfK5HBVWFEHWXSNaVECOezQJZ4uwJ8W7459k2oYH81ruk1DrH6dl/L2ItEbOlX0vpildpmBun9BFmVjHj86omzA5ahtGTYqgJcOGvS4ft2lUCAwEAAaOCAeEwggHdMB8GA1UdIwQYMBaAFJCvajqUWgvYkOoSVnPfQ7Q6KNrnMB0GA1UdDgQWBBTDunXoOqjIbkUNZuqFNpUwKG3r+zAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwTwYDVR0gBEgwRjA6BgsrBgEEAbIxAQICBzArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzAIBgZngQwBAgEwVAYDVR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBhQYIKwYBBQUHAQEEeTB3ME8GCCsGAQUFBzAChkNodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wLwYDVR0RBCgwJoIPdGVzdC5zY291dGlkLnNlghN3d3cudGVzdC5zY291dGlkLnNlMA0GCSqGSIb3DQEBCwUAA4IBAQBjq+FQdDCZI2c5AyX6dlRX20Yr1XEgcl9slcK+w8GKakVfNf4gsqDhumytW+r9nL7lGdEHniZ3Eo2FwTgwOSMq6VXVF6/OG5+JWBGWSutrz3Uvp++JfmvJEIo6Fy3RQyyXku+RxoUu7rIIfCuTH8TfM2YS2TTSXtYoU0ka3UmvW0vbOqmiRjllD07EjWhOpXFcw/2BpSfzOjE2HGD5L4ur3JSW27nYz+NmKuHFM5jCpMAgkT7GzycCqplCMNgRuWMUnnBTryaAyHffisQO634wH0Ms92EC8nnUoXQM2TjsuRT4PxBP+UlojPXD2aHZzDiB3QksroQj44GgMtwOw6/m</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature> <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol"> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test.scoutid.se/simplesaml/module.php/saml/sp/saml2-logout.php/default-sp"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test.scoutid.se/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp" index="0"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://test.scoutid.se/simplesaml/module.php/saml/sp/saml1-acs.php/default-sp" index="1"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://test.scoutid.se/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp" index="2"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://test.scoutid.se/simplesaml/module.php/saml/sp/saml1-acs.php/default-sp/artifact" index="3"/> </md:SPSSODescriptor> <md:ContactPerson contactType="technical"> <md:GivenName>Administrator</md:GivenName> <md:EmailAddress>mailto:info@scoutid.se</md:EmailAddress> </md:ContactPerson> </md:EntityDescriptor>
Metadados no formato ficheiro de configuração do SimpleSAMLphp. Use esta alternativa se usar uma entidade SimpleSAMLphp no outro extremo:
$metadata['https://test.scoutid.se/simplesaml/module.php/saml/sp/metadata.php/default-sp'] = [ 'SingleLogoutService' => [ [ 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'Location' => 'https://test.scoutid.se/simplesaml/module.php/saml/sp/saml2-logout.php/default-sp', ], ], 'AssertionConsumerService' => [ [ 'index' => 0, 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST', 'Location' => 'https://test.scoutid.se/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp', ], [ 'index' => 1, 'Binding' => 'urn:oasis:names:tc:SAML:1.0:profiles:browser-post', 'Location' => 'https://test.scoutid.se/simplesaml/module.php/saml/sp/saml1-acs.php/default-sp', ], [ 'index' => 2, 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact', 'Location' => 'https://test.scoutid.se/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp', ], [ 'index' => 3, 'Binding' => 'urn:oasis:names:tc:SAML:1.0:profiles:artifact-01', 'Location' => 'https://test.scoutid.se/simplesaml/module.php/saml/sp/saml1-acs.php/default-sp/artifact', ], ], 'contacts' => [ [ 'emailAddress' => 'info@scoutid.se', 'contactType' => 'technical', 'givenName' => 'Administrator', ], ], ];