9ee7c05d33c8bc45c630b535965815e270e2d7f6
[java-idp.git] / resources / metadata / idp-metadata.xml
1 <EntityDescriptor entityID="$IDP_ENTITY_ID$"
2                   xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
3                   xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
4                   xmlns:shibmd="urn:mace:shibboleth:metadata:1.0"
5                   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
6
7     <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
8
9         <Extensions>
10             <shibmd:Scope regexp="false">$IDP_SCOPE$</shibmd:Scope>
11         </Extensions>
12
13         <KeyDescriptor>
14             <ds:KeyInfo>
15                 <ds:X509Data>
16                     <ds:X509Certificate>
17 $IDP_CERTIFICATE$
18                     </ds:X509Certificate>
19                 </ds:X509Data>
20             </ds:KeyInfo>
21
22         </KeyDescriptor>
23         
24         <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
25                                    Location="https://$IDP_HOSTNAME$:8443/idp/profile/SAML1/SOAP/ArtifactResolution" 
26                                    index="1"/>
27
28         <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
29                                    Location="https://$IDP_HOSTNAME$:8443/idp/profile/SAML2/SOAP/ArtifactResolution" 
30                                    index="2"/>
31                                    
32         <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
33         <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
34
35         <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" 
36                              Location="https://$IDP_HOSTNAME$/idp/profile/Shibboleth/SSO" />
37
38         
39         <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" 
40                              Location="https://$IDP_HOSTNAME$/idp/profile/SAML2/POST/SSO" />
41
42         <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" 
43                              Location="https://$IDP_HOSTNAME$/idp/profile/SAML2/POST-SimpleSign/SSO" />
44         
45         <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" 
46                              Location="https://$IDP_HOSTNAME$/idp/profile/SAML2/Redirect/SSO" />
47     </IDPSSODescriptor>
48
49     <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
50
51         <Extensions>
52             <shibmd:Scope regexp="false">$IDP_SCOPE$</shibmd:Scope>
53         </Extensions>
54
55         <KeyDescriptor>
56             <ds:KeyInfo>
57                 <ds:X509Data>
58
59                     <ds:X509Certificate>
60 $IDP_CERTIFICATE$
61                     </ds:X509Certificate>
62                 </ds:X509Data>
63             </ds:KeyInfo>
64         </KeyDescriptor>
65
66         <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" 
67                           Location="https://$IDP_HOSTNAME$:8443/idp/profile/SAML1/SOAP/AttributeQuery" />
68         
69         <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
70                           Location="https://$IDP_HOSTNAME$:8443/idp/profile/SAML2/SOAP/AttributeQuery" />
71         
72         <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
73         <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>    
74     </AttributeAuthorityDescriptor>
75     
76 </EntityDescriptor>