SAML 2.0 SP metaandmed

SAML 2.0 SP metaandmed

Need on SimpleSAMLphp poolt sulle genereeritud metaandmed. Võid saata need metaandmed usaldatavatele partneritele usaldatava föderatsiooni loomiseks.

Metaandmete XML-i on võimalik saada spetsiaalselt aadressilt:

https://auth.ut.ee/idp/module.php/saml/sp/metadata.php/ut-azure

Metaandmed

SAML 2.0 metaandmete XML-vormingus:

<?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="spn:41c12888-76e8-4a9c-8e92-8d82d37a7936">
  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://auth.ut.ee/idp/module.php/saml/sp/saml2-logout.php/ut-azure"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://auth.ut.ee/idp/module.php/saml/sp/saml2-acs.php/ut-azure" index="0"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://auth.ut.ee/idp/module.php/saml/sp/saml1-acs.php/ut-azure" index="1"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://auth.ut.ee/idp/module.php/saml/sp/saml2-acs.php/ut-azure" index="2"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://auth.ut.ee/idp/module.php/saml/sp/saml1-acs.php/ut-azure/artifact" index="3"/>
  </md:SPSSODescriptor>
  <md:ContactPerson contactType="technical">
    <md:GivenName>UT</md:GivenName>
    <md:SurName>Admin</md:SurName>
    <md:EmailAddress>mailto:devops@ut.ee</md:EmailAddress>
  </md:ContactPerson>
</md:EntityDescriptor>

SimpleSAMLphp formaadis: kasuta seda siis, kui ka teine pool kasutab SimpleSAMLphp-d:

$metadata['spn:41c12888-76e8-4a9c-8e92-8d82d37a7936'] = [
    'SingleLogoutService' => [
        [
            'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
            'Location' => 'https://auth.ut.ee/idp/module.php/saml/sp/saml2-logout.php/ut-azure',
        ],
    ],
    'AssertionConsumerService' => [
        [
            'index' => 0,
            'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
            'Location' => 'https://auth.ut.ee/idp/module.php/saml/sp/saml2-acs.php/ut-azure',
        ],
        [
            'index' => 1,
            'Binding' => 'urn:oasis:names:tc:SAML:1.0:profiles:browser-post',
            'Location' => 'https://auth.ut.ee/idp/module.php/saml/sp/saml1-acs.php/ut-azure',
        ],
        [
            'index' => 2,
            'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact',
            'Location' => 'https://auth.ut.ee/idp/module.php/saml/sp/saml2-acs.php/ut-azure',
        ],
        [
            'index' => 3,
            'Binding' => 'urn:oasis:names:tc:SAML:1.0:profiles:artifact-01',
            'Location' => 'https://auth.ut.ee/idp/module.php/saml/sp/saml1-acs.php/ut-azure/artifact',
        ],
    ],
    'contacts' => [
        [
            'emailAddress' => 'devops@ut.ee',
            'contactType' => 'technical',
            'givenName' => 'UT',
            'surName' => 'Admin',
        ],
    ],
];
Abi