Update metadata and example key references
[java-idp.git] / src / conf / ExampleMetadata.xml
1 <?xml version="1.0" encoding="UTF-8"?>
2
3 <!-- A single-entity "Federation". An IdP and SP in example.org.
4          Endpoints are hosted on a single server named shibboleth.example.org
5          and have a URL like: "http://shibboleth.example.org:8080/shibboleth/SSO"
6          
7          Notes:
8          This file must agree with IdP.xml and SP.xml.
9          The Endpoint URLs must agree with Servlet mappings in web.xml
10             [in the project source, web.xml is webAppConfig/IdP-SP.xml]
11 -->
12
13 <!--  A single Entity Federation (a Group with one member) -->
14 <EntitiesDescriptor
15     xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
16     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
17     xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:metadata ../schemas/sstc-saml-schema-metadata-2.0.xsd urn:mace:shibboleth:metadata:1.0 ../schemas/shibboleth-metadata-1.0.xsd"
18     Name="urn:mace:inqueue"
19     validUntil="2010-01-01T00:00:00Z">
20
21         <!-- Then Entity, an organization named example.org  -->
22         <EntityDescriptor entityID="urn:mace:inqueue:example.org">
23
24             <!-- The login function of the IdP, previously called the "Handle Server" 
25                  Accepts a local logon and generates an Authentication Assertion.
26             -->
27                 <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
28                         <Extensions>
29                         <shib:Scope xmlns:shib="urn:mace:shibboleth:metadata:1.0">example.org</shib:Scope>
30                         </Extensions>
31                         <KeyDescriptor use="signing">
32                             <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
33                                 <ds:KeyName>shibboleth.example.org</ds:KeyName>
34                             </ds:KeyInfo>
35                         </KeyDescriptor>
36                         <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
37                         <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest"
38                             Location="http://shibboleth.example.org:8080/shibboleth/SSO"/>
39                 </IDPSSODescriptor>
40                 
41                 <!-- The Attribute Authority responds to an Attribute Request -->
42                 <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
43                         <Extensions>
44                         <shib:Scope xmlns:shib="urn:mace:shibboleth:metadata:1.0">example.org</shib:Scope>
45                         </Extensions>
46                         <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
47                             Location="http://shibboleth.example.org:8080/shibboleth/AA"/>
48                         <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
49                 </AttributeAuthorityDescriptor>
50                 
51                 <!-- A recipient of Assertions in the SP.
52                          There may be many such recipients, as the Assertions can be
53                          configured to go to /shibboleth or to each Resource context directory.  
54                 -->
55                 <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
56                         <KeyDescriptor>
57                             <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
58                                 <ds:KeyName>shibboleth.example.org</ds:KeyName>
59                             </ds:KeyInfo>
60                         </KeyDescriptor>
61                         <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
62                     <AssertionConsumerService index="0"
63                         Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"
64                         Location="http://shibboleth.example.org:8080/shibboleth/Shibboleth.shire"/>
65                 </SPSSODescriptor>
66                 
67                 <!-- Oranization data. In this example it is meaningless. -->
68                 <Organization>
69                     <OrganizationName xml:lang="en">Example Entity</OrganizationName>
70                     <OrganizationDisplayName xml:lang="en">Example Entity</OrganizationDisplayName>
71                     <OrganizationURL xml:lang="en">http://www.example.org</OrganizationURL>
72                 </Organization>
73                 <ContactPerson contactType="technical">
74                     <SurName>Example Support</SurName>
75                     <EmailAddress>supportguy@mail.example.org</EmailAddress>
76                 </ContactPerson>
77                 
78         </EntityDescriptor>
79
80 </EntitiesDescriptor>