src/conf/ExampleMetadata.xml

   1 <?xml version="1.0" encoding="UTF-8"?>
   2
   3 <!-- A single-entity "Federation". An IdP and SP in example.org.
   4          Endpoints are hosted on a single server named shibboleth.example.org
   5          and have a URL like: "http://shibboleth.example.org:8080/shibboleth/SSO"
   6
   7          Notes:
   8          This file must agree with IdP.xml and SP.xml.
   9          The Endpoint URLs must agree with Servlet mappings in web.xml
  10             [in the project source, web.xml is webAppConfig/IdP-SP.xml]
  11 -->
  12
  13 <!--  A single Entity Federation (a Group with one member) -->
  14 <EntitiesDescriptor
  15     xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
  16     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  17     xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:metadata ../schemas/sstc-saml-schema-metadata-2.0.xsd urn:mace:shibboleth:metadata:1.0 ../schemas/shibboleth-metadata-1.0.xsd"
  18     Name="urn:mace:inqueue"
  19     validUntil="2010-01-01T00:00:00Z">
  20
  21         <!-- Then Entity, an organization named example.org  -->
  22         <EntityDescriptor entityID="urn:mace:inqueue:example.org">
  23
  24             <!-- The login function of the IdP, previously called the "Handle Server"
  25                  Accepts a local logon and generates an Authentication Assertion.
  26             -->
  27                 <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
  28                         <Extensions>
  29                         <shib:Scope xmlns:shib="urn:mace:shibboleth:metadata:1.0">example.org</shib:Scope>
  30                         </Extensions>
  31                         <KeyDescriptor use="signing">
  32                             <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  33                                 <ds:KeyName>shibboleth.example.org</ds:KeyName>
  34                             </ds:KeyInfo>
  35                         </KeyDescriptor>
  36                         <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
  37                         <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest"
  38                             Location="http://shibboleth.example.org:8080/shibboleth/SSO"/>
  39                 </IDPSSODescriptor>
  40
  41                 <!-- The Attribute Authority responds to an Attribute Request -->
  42                 <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
  43                         <Extensions>
  44                         <shib:Scope xmlns:shib="urn:mace:shibboleth:metadata:1.0">example.org</shib:Scope>
  45                         </Extensions>
  46                         <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
  47                             Location="http://shibboleth.example.org:8080/shibboleth/AA"/>
  48                         <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
  49                 </AttributeAuthorityDescriptor>
  50
  51                 <!-- A recipient of Assertions in the SP.
  52                          There may be many such recipients, as the Assertions can be
  53                          configured to go to /shibboleth or to each Resource context directory.
  54                 -->
  55                 <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
  56                         <KeyDescriptor>
  57                             <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  58                                 <ds:KeyName>shibboleth.example.org</ds:KeyName>
  59                             </ds:KeyInfo>
  60                         </KeyDescriptor>
  61                         <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
  62                     <AssertionConsumerService index="0"
  63                         Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"
  64                         Location="http://shibboleth.example.org:8080/shibboleth/Shibboleth.shire"/>
  65                 </SPSSODescriptor>
  66
  67                 <!-- Oranization data. In this example it is meaningless. -->
  68                 <Organization>
  69                     <OrganizationName xml:lang="en">Example Entity</OrganizationName>
  70                     <OrganizationDisplayName xml:lang="en">Example Entity</OrganizationDisplayName>
  71                     <OrganizationURL xml:lang="en">http://www.example.org</OrganizationURL>
  72                 </Organization>
  73                 <ContactPerson contactType="technical">
  74                     <SurName>Example Support</SurName>
  75                     <EmailAddress>supportguy@mail.example.org</EmailAddress>
  76                 </ContactPerson>
  77
  78         </EntityDescriptor>
  79
  80 </EntitiesDescriptor>