Metadati SAML 2.0 IdP

Questi sono i metadati che SimpleSAMLphp ha generato e che possono essere inviati ai partner fidati per creare una federazione tra siti.

Si possono ottenere i metadati in XML dall'URL dedicata:

https://dcloud-dcv-idp.svpod.dc-01.com/simplesaml/saml2/idp/metadata.php

Metadati

Metadati SAML 2.0 in formato XML:

<?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="dcloud-dcv-idp.svpod.dc-01.com">
  <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    <md:KeyDescriptor use="signing">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
          <ds:X509Certificate>MIIFJTCCA42gAwIBAgIJAKVQCYcLdydQMA0GCSqGSIb3DQEBCwUAMIGHMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTERMA8GA1UEBwwIU2FuIEpvc2UxFjAUBgNVBAoMDUNpc2NvIFN5c3RlbXMxDzANBgNVBAsMBmRjbG91ZDEnMCUGA1UEAwweZGNsb3VkLWRjdi1pZHAuc3Zwb2QuZGMtMDEuY29tMB4XDTE5MTIwOTE1Mjk1NloXDTI5MTIwODE1Mjk1NlowgYcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhTYW4gSm9zZTEWMBQGA1UECgwNQ2lzY28gU3lzdGVtczEPMA0GA1UECwwGZGNsb3VkMScwJQYDVQQDDB5kY2xvdWQtZGN2LWlkcC5zdnBvZC5kYy0wMS5jb20wggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDYt6IO2VLbHUnF4tWOVa3rfuzCf+htuC4zdwHdm8DmbrbU7oz14q+Ta/zRFyavVvcgdPfnYPLIIpIJ9FuYCCUy/ArWxch073MI1oSe1Z3vF3+AXrbwiv+0fUXQBSYw6fqs4pBOLXw8IuU3rE7R0NjNGVF7clDjWVPKEpCgZxtP8xAgPmKtRJIsFeV9ek6JEbJxLLqwd49Nyu28xXH2lZl+BTmw9XXkGIe/DF+k3MjAPGOEc4bdgYy/g3VvX4u/GFtKo+jUp0AA6V76y1WUHIb9V3w2eIGxG7I/m9sW4qHgcVteFpB9YNgXjcDSBR8JhXZLaquxIwKSaK61H/VYA+C8NIaWhmb4hGeyOaCsjlKaEJnt6t5jIPPPK3/u9FGAo4x44ISfF7rb81hPAljis2ypyrKKdvemCgvrQ8AKQ8DL/tmScbCCk+ZWY0Q9IiWN5NDvEklH7LI0dczdMcxeCNicFybnXQKxKZQq4jgIDQY2AK6j1JtoPHqHMBzCOQEe9WcCAwEAAaOBkTCBjjCBiwYDVR0RBIGDMIGAgh5kY2xvdWQtZGN2LWlkcC5zdnBvZC5kYy0wMi5jb22CHmRjbG91ZC1kY3YtaWRwLnN2cG9kLmRjLTAzLmNvbYIeZGNsb3VkLWRjdi1pZHAuc3Zwb2QuZGMtMDUuY29tgh5kY2xvdWQtZGN2LWlkcC5zdnBvZC5kYy0wOC5jb20wDQYJKoZIhvcNAQELBQADggGBAIrtTlQ1zWPdmjCmicnJXs32khiKYiHkPrkcz9x469hKqvo7dAfHID0GHJlPSdVkkXRLWiyRO1jPGKHW+rljMAoPOeWpV3KkWkTwVSLna2FWRJRGmyyPmW/yds1kF5dgwdjSrdlOfbeFdItUFgbB/gilUXfdHxZo/T5bl+jJHy38xewmyq9jbnn4wySqpgU3WppJtu94JRwxIG2qAq1Mq/tJWsCfnSZ2sc6wsKrT9yiDDP2ybB1GqZaRtTcXM9jZzcFo78d5E9T+lZGTkgEYjXOuZ2/5Q0U1DxB1sn1srk2zUmgBAwDOJyDfm1MhdKSAtmG+90/HynC6WYquuQayfPAmRHynhyHBsZH7ooSGVsCMgou+c8P0s4vzWg0WDU2mPIPVCAPWZBjmPr4N+DxlRRk7KsMxA/hJqmgVQhxkipZyUT5oc2gGpTs3G08b9SGCewcLpiM70PAKK38Unhpbev0iCeYMw2UFl0heIEusFsyrU95liUqhH8xvGfWQDFtYOw==</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:KeyDescriptor use="encryption">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
          <ds:X509Certificate>MIIFJTCCA42gAwIBAgIJAKVQCYcLdydQMA0GCSqGSIb3DQEBCwUAMIGHMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTERMA8GA1UEBwwIU2FuIEpvc2UxFjAUBgNVBAoMDUNpc2NvIFN5c3RlbXMxDzANBgNVBAsMBmRjbG91ZDEnMCUGA1UEAwweZGNsb3VkLWRjdi1pZHAuc3Zwb2QuZGMtMDEuY29tMB4XDTE5MTIwOTE1Mjk1NloXDTI5MTIwODE1Mjk1NlowgYcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhTYW4gSm9zZTEWMBQGA1UECgwNQ2lzY28gU3lzdGVtczEPMA0GA1UECwwGZGNsb3VkMScwJQYDVQQDDB5kY2xvdWQtZGN2LWlkcC5zdnBvZC5kYy0wMS5jb20wggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDYt6IO2VLbHUnF4tWOVa3rfuzCf+htuC4zdwHdm8DmbrbU7oz14q+Ta/zRFyavVvcgdPfnYPLIIpIJ9FuYCCUy/ArWxch073MI1oSe1Z3vF3+AXrbwiv+0fUXQBSYw6fqs4pBOLXw8IuU3rE7R0NjNGVF7clDjWVPKEpCgZxtP8xAgPmKtRJIsFeV9ek6JEbJxLLqwd49Nyu28xXH2lZl+BTmw9XXkGIe/DF+k3MjAPGOEc4bdgYy/g3VvX4u/GFtKo+jUp0AA6V76y1WUHIb9V3w2eIGxG7I/m9sW4qHgcVteFpB9YNgXjcDSBR8JhXZLaquxIwKSaK61H/VYA+C8NIaWhmb4hGeyOaCsjlKaEJnt6t5jIPPPK3/u9FGAo4x44ISfF7rb81hPAljis2ypyrKKdvemCgvrQ8AKQ8DL/tmScbCCk+ZWY0Q9IiWN5NDvEklH7LI0dczdMcxeCNicFybnXQKxKZQq4jgIDQY2AK6j1JtoPHqHMBzCOQEe9WcCAwEAAaOBkTCBjjCBiwYDVR0RBIGDMIGAgh5kY2xvdWQtZGN2LWlkcC5zdnBvZC5kYy0wMi5jb22CHmRjbG91ZC1kY3YtaWRwLnN2cG9kLmRjLTAzLmNvbYIeZGNsb3VkLWRjdi1pZHAuc3Zwb2QuZGMtMDUuY29tgh5kY2xvdWQtZGN2LWlkcC5zdnBvZC5kYy0wOC5jb20wDQYJKoZIhvcNAQELBQADggGBAIrtTlQ1zWPdmjCmicnJXs32khiKYiHkPrkcz9x469hKqvo7dAfHID0GHJlPSdVkkXRLWiyRO1jPGKHW+rljMAoPOeWpV3KkWkTwVSLna2FWRJRGmyyPmW/yds1kF5dgwdjSrdlOfbeFdItUFgbB/gilUXfdHxZo/T5bl+jJHy38xewmyq9jbnn4wySqpgU3WppJtu94JRwxIG2qAq1Mq/tJWsCfnSZ2sc6wsKrT9yiDDP2ybB1GqZaRtTcXM9jZzcFo78d5E9T+lZGTkgEYjXOuZ2/5Q0U1DxB1sn1srk2zUmgBAwDOJyDfm1MhdKSAtmG+90/HynC6WYquuQayfPAmRHynhyHBsZH7ooSGVsCMgou+c8P0s4vzWg0WDU2mPIPVCAPWZBjmPr4N+DxlRRk7KsMxA/hJqmgVQhxkipZyUT5oc2gGpTs3G08b9SGCewcLpiM70PAKK38Unhpbev0iCeYMw2UFl0heIEusFsyrU95liUqhH8xvGfWQDFtYOw==</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://dcloud-dcv-idp.svpod.dc-01.com/simplesaml/saml2/idp/SingleLogoutService.php"/>
    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
    <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://dcloud-dcv-idp.svpod.dc-01.com/simplesaml/saml2/idp/SSOService.php"/>
  </md:IDPSSODescriptor>
  <md:ContactPerson contactType="technical">
    <md:GivenName>Administrator</md:GivenName>
    <md:EmailAddress>dschuema@cisco.com</md:EmailAddress>
  </md:ContactPerson>
</md:EntityDescriptor>

In formato flat per SimpleSAMLphp - da utilizzare se dall'altra parte c'è un'entità che utilizza SimpleSAMLphp

$metadata['dcloud-dcv-idp.svpod.dc-01.com'] = array (
  'metadata-set' => 'saml20-idp-remote',
  'entityid' => 'dcloud-dcv-idp.svpod.dc-01.com',
  'SingleSignOnService' => 
  array (
    0 => 
    array (
      'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
      'Location' => 'https://dcloud-dcv-idp.svpod.dc-01.com/simplesaml/saml2/idp/SSOService.php',
    ),
  ),
  'SingleLogoutService' => 
  array (
    0 => 
    array (
      'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
      'Location' => 'https://dcloud-dcv-idp.svpod.dc-01.com/simplesaml/saml2/idp/SingleLogoutService.php',
    ),
  ),
  'certData' => 'MIIFJTCCA42gAwIBAgIJAKVQCYcLdydQMA0GCSqGSIb3DQEBCwUAMIGHMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTERMA8GA1UEBwwIU2FuIEpvc2UxFjAUBgNVBAoMDUNpc2NvIFN5c3RlbXMxDzANBgNVBAsMBmRjbG91ZDEnMCUGA1UEAwweZGNsb3VkLWRjdi1pZHAuc3Zwb2QuZGMtMDEuY29tMB4XDTE5MTIwOTE1Mjk1NloXDTI5MTIwODE1Mjk1NlowgYcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhTYW4gSm9zZTEWMBQGA1UECgwNQ2lzY28gU3lzdGVtczEPMA0GA1UECwwGZGNsb3VkMScwJQYDVQQDDB5kY2xvdWQtZGN2LWlkcC5zdnBvZC5kYy0wMS5jb20wggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDYt6IO2VLbHUnF4tWOVa3rfuzCf+htuC4zdwHdm8DmbrbU7oz14q+Ta/zRFyavVvcgdPfnYPLIIpIJ9FuYCCUy/ArWxch073MI1oSe1Z3vF3+AXrbwiv+0fUXQBSYw6fqs4pBOLXw8IuU3rE7R0NjNGVF7clDjWVPKEpCgZxtP8xAgPmKtRJIsFeV9ek6JEbJxLLqwd49Nyu28xXH2lZl+BTmw9XXkGIe/DF+k3MjAPGOEc4bdgYy/g3VvX4u/GFtKo+jUp0AA6V76y1WUHIb9V3w2eIGxG7I/m9sW4qHgcVteFpB9YNgXjcDSBR8JhXZLaquxIwKSaK61H/VYA+C8NIaWhmb4hGeyOaCsjlKaEJnt6t5jIPPPK3/u9FGAo4x44ISfF7rb81hPAljis2ypyrKKdvemCgvrQ8AKQ8DL/tmScbCCk+ZWY0Q9IiWN5NDvEklH7LI0dczdMcxeCNicFybnXQKxKZQq4jgIDQY2AK6j1JtoPHqHMBzCOQEe9WcCAwEAAaOBkTCBjjCBiwYDVR0RBIGDMIGAgh5kY2xvdWQtZGN2LWlkcC5zdnBvZC5kYy0wMi5jb22CHmRjbG91ZC1kY3YtaWRwLnN2cG9kLmRjLTAzLmNvbYIeZGNsb3VkLWRjdi1pZHAuc3Zwb2QuZGMtMDUuY29tgh5kY2xvdWQtZGN2LWlkcC5zdnBvZC5kYy0wOC5jb20wDQYJKoZIhvcNAQELBQADggGBAIrtTlQ1zWPdmjCmicnJXs32khiKYiHkPrkcz9x469hKqvo7dAfHID0GHJlPSdVkkXRLWiyRO1jPGKHW+rljMAoPOeWpV3KkWkTwVSLna2FWRJRGmyyPmW/yds1kF5dgwdjSrdlOfbeFdItUFgbB/gilUXfdHxZo/T5bl+jJHy38xewmyq9jbnn4wySqpgU3WppJtu94JRwxIG2qAq1Mq/tJWsCfnSZ2sc6wsKrT9yiDDP2ybB1GqZaRtTcXM9jZzcFo78d5E9T+lZGTkgEYjXOuZ2/5Q0U1DxB1sn1srk2zUmgBAwDOJyDfm1MhdKSAtmG+90/HynC6WYquuQayfPAmRHynhyHBsZH7ooSGVsCMgou+c8P0s4vzWg0WDU2mPIPVCAPWZBjmPr4N+DxlRRk7KsMxA/hJqmgVQhxkipZyUT5oc2gGpTs3G08b9SGCewcLpiM70PAKK38Unhpbev0iCeYMw2UFl0heIEusFsyrU95liUqhH8xvGfWQDFtYOw==',
  'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
  'contacts' => 
  array (
    0 => 
    array (
      'emailAddress' => 'dschuema@cisco.com',
      'contactType' => 'technical',
      'givenName' => 'Administrator',
    ),
  ),
);

Certificati

Scarica i certificati X509 come file PEM-encoded

idp.crt