This is a starter set of metadata for the example system used within the
InQueue test federation. The InQueue deployment guide describes how to use
metadatatool or siterefresh to pick up the most current signed files.
- Ordinarily a single EntityDescriptor would contain IdP/AA or SP information,
- but not both. The sample site for InQueue just happens to contain both.
-->
<!-- Each IdP or SP is given an EntityDescriptor with its unique providerId/entityID. -->
<ds:KeyName>wayf.internet2.edu</ds:KeyName>
</ds:KeyInfo>
</KeyDescriptor>
+
+ <!-- This tells SPs where/how to resolve SAML 1.x artifacts into SAML assertions. -->
+ <ArtifactResolutionService index="1"
+ Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
+ Location="https://wayf.internet2.edu:8443/shibboleth-idp/Artifact"/>
<!-- This tells SPs that you support only the Shib handle format. -->
<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
<!-- This tells SPs how and where to request authentication. -->
<SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest"
- Location="https://wayf.internet2.edu/shibboleth-1.2/HS"/>
+ Location="https://wayf.internet2.edu/shibboleth-idp/SSO"/>
</IDPSSODescriptor>
<!-- Most Shib IdPs also support SAML attribute queries, so this role is also included. -->
<!-- This tells SPs how and where to send queries. -->
<AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
- Location="https://wayf.internet2.edu/shibboleth-1.2/AA"/>
+ Location="https://wayf.internet2.edu:8443/shibboleth-idp/AA"/>
<!-- This tells SPs that you support only the Shib handle format. -->
<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
</AttributeAuthorityDescriptor>
-
+
<!-- A Shib SP contains this element with protocol support as shown. -->
<SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
is how the IdP validates the location and also figures out which
SAML profile to use.
-->
- <AssertionConsumerService index="0"
- Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"
- Location="https://wayf.internet2.edu/Shibboleth.shire"/>
+ <AssertionConsumerService index="1"
+ Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"
+ Location="https://wayf.internet2.edu/Shibboleth.sso/SAML/POST"/>
+ <AssertionConsumerService index="2"
+ Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01"
+ Location="https://wayf.internet2.edu/Shibboleth.sso/SAML/Artifact"/>
</SPSSODescriptor>
- <!-- This is just information about the entity in human terms. -->
- <Organization>
- <OrganizationName xml:lang="en">Example State University</OrganizationName>
- <OrganizationDisplayName xml:lang="en">Example State University</OrganizationDisplayName>
- <OrganizationURL xml:lang="en">http://shibboleth.internet2.edu/</OrganizationURL>
- </Organization>
- <ContactPerson contactType="technical">
- <SurName>InQueue Support</SurName>
- <EmailAddress>inqueue-support@internet2.edu</EmailAddress>
- </ContactPerson>
-
</EntityDescriptor>
</EntitiesDescriptor>
projects / java-idp.git / commitdiff