[picketlink-commits] Picketlink SVN: r683 - in federation/trunk/picketlink-fed-core/src: main/java/org/picketlink/identity/federation/core/parsers/saml/metadata and 3 other directories.
picketlink-commits at lists.jboss.org
picketlink-commits at lists.jboss.org
Mon Jan 31 11:55:43 EST 2011
Author: anil.saldhana at jboss.com
Date: 2011-01-31 11:55:42 -0500 (Mon, 31 Jan 2011)
New Revision: 683
Added:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntitiesDescriptorParser.java
federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/metadata/SAMLMetadataParsingUnitTestCase.java
federation/trunk/picketlink-fed-core/src/test/resources/saml2/metadata/seam-entities.xml
Modified:
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java
federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
Log:
additional metadata parsing
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java 2011-01-31 16:16:32 UTC (rev 682)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/SAMLParser.java 2011-01-31 16:55:42 UTC (rev 683)
@@ -29,6 +29,7 @@
import org.picketlink.identity.federation.core.exceptions.ParsingException;
import org.picketlink.identity.federation.core.parsers.AbstractParser;
import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
+import org.picketlink.identity.federation.core.parsers.saml.metadata.SAMLEntitiesDescriptorParser;
import org.picketlink.identity.federation.core.parsers.saml.metadata.SAMLEntityDescriptorParser;
import org.picketlink.identity.federation.core.parsers.saml.xacml.SAMLXACMLRequestParser;
import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
@@ -111,6 +112,11 @@
SAMLEntityDescriptorParser entityDescriptorParser = new SAMLEntityDescriptorParser();
return entityDescriptorParser.parse( xmlEventReader );
}
+ else if( JBossSAMLConstants.ENTITIES_DESCRIPTOR.get().equals( localPart ))
+ {
+ SAMLEntitiesDescriptorParser entityDescriptorParser = new SAMLEntitiesDescriptorParser();
+ return entityDescriptorParser.parse( xmlEventReader );
+ }
else if( JBossSAMLURIConstants.ASSERTION_NSURI.get().equals(nsURI) )
{
SAMLAssertionParser assertionParser = new SAMLAssertionParser();
Added: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntitiesDescriptorParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntitiesDescriptorParser.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntitiesDescriptorParser.java 2011-01-31 16:55:42 UTC (rev 683)
@@ -0,0 +1,85 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.identity.federation.core.parsers.saml.metadata;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLEventReader;
+import javax.xml.stream.events.EndElement;
+import javax.xml.stream.events.StartElement;
+import javax.xml.stream.events.XMLEvent;
+
+import org.picketlink.identity.federation.core.exceptions.ParsingException;
+import org.picketlink.identity.federation.core.parsers.ParserNamespaceSupport;
+import org.picketlink.identity.federation.core.parsers.util.StaxParserUtil;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
+import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
+import org.picketlink.identity.federation.newmodel.saml.v2.metadata.EntitiesDescriptorType;
+
+/**
+ * Parse the SAML Entities Descriptor
+ * @author Anil.Saldhana at redhat.com
+ * @since Jan 31, 2011
+ */
+public class SAMLEntitiesDescriptorParser implements ParserNamespaceSupport
+{
+ private String EDT = JBossSAMLConstants.ENTITIES_DESCRIPTOR.get();
+
+ public Object parse( XMLEventReader xmlEventReader ) throws ParsingException
+ {
+ StartElement startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ StaxParserUtil.validate(startElement, EDT );
+
+ EntitiesDescriptorType entitiesDescriptorType = new EntitiesDescriptorType();
+
+ //Get the Child Elements
+ while( xmlEventReader.hasNext() )
+ {
+ XMLEvent xmlEvent = StaxParserUtil.peek(xmlEventReader);
+ if( xmlEvent instanceof EndElement )
+ {
+ StaxParserUtil.validate( (EndElement)xmlEvent , EDT );
+ StaxParserUtil.getNextEndElement(xmlEventReader);
+ break;
+ }
+ startElement = (StartElement) xmlEvent;
+ String localPart = startElement.getName().getLocalPart();
+
+ if( JBossSAMLConstants.ENTITY_DESCRIPTOR.get().equals( localPart ))
+ {
+ SAMLEntityDescriptorParser entityParser = new SAMLEntityDescriptorParser();
+ entitiesDescriptorType.addEntityDescriptor( entityParser.parse(xmlEventReader));
+ }
+ else
+ throw new RuntimeException( "Unknown " + localPart );
+ }
+ return entitiesDescriptorType;
+ }
+
+ public boolean supports( QName qname )
+ {
+ String nsURI = qname.getNamespaceURI();
+ String localPart = qname.getLocalPart();
+
+ return nsURI.equals( JBossSAMLURIConstants.ASSERTION_NSURI.get() )
+ && localPart.equals( EDT );
+ }
+}
\ No newline at end of file
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java 2011-01-31 16:16:32 UTC (rev 682)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/parsers/saml/metadata/SAMLEntityDescriptorParser.java 2011-01-31 16:55:42 UTC (rev 683)
@@ -46,6 +46,7 @@
import org.picketlink.identity.federation.newmodel.saml.v2.metadata.IDPSSODescriptorType;
import org.picketlink.identity.federation.newmodel.saml.v2.metadata.IndexedEndpointType;
import org.picketlink.identity.federation.newmodel.saml.v2.metadata.KeyDescriptorType;
+import org.picketlink.identity.federation.newmodel.saml.v2.metadata.KeyTypes;
import org.picketlink.identity.federation.newmodel.saml.v2.metadata.LocalizedNameType;
import org.picketlink.identity.federation.newmodel.saml.v2.metadata.LocalizedURIType;
import org.picketlink.identity.federation.newmodel.saml.v2.metadata.OrganizationType;
@@ -173,6 +174,16 @@
idpSSODescriptor.addArtifactResolutionService(endpoint);
}
+ else if( JBossSAMLConstants.ASSERTION_ID_REQUEST_SERVICE.get().equals( localPart ))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ EndpointType endpoint = getEndpointType(startElement);
+
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate( endElement, JBossSAMLConstants.ASSERTION_ID_REQUEST_SERVICE.get() );
+
+ idpSSODescriptor.addAssertionIDRequestService( endpoint );
+ }
else if( JBossSAMLConstants.SINGLE_LOGOUT_SERVICE.get().equals( localPart ))
{
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
@@ -193,6 +204,26 @@
idpSSODescriptor.addSingleSignOnService( endpoint );
}
+ else if( JBossSAMLConstants.MANAGE_NAMEID_SERVICE.get().equals( localPart ))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ EndpointType endpoint = getEndpointType(startElement);
+
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate( endElement, JBossSAMLConstants.MANAGE_NAMEID_SERVICE.get() );
+
+ idpSSODescriptor.addManageNameIDService( endpoint );
+ }
+ else if( JBossSAMLConstants.NAMEID_MAPPING_SERVICE.get().equals( localPart ))
+ {
+ startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
+ EndpointType endpoint = getEndpointType(startElement);
+
+ EndElement endElement = StaxParserUtil.getNextEndElement(xmlEventReader);
+ StaxParserUtil.validate( endElement, JBossSAMLConstants.NAMEID_MAPPING_SERVICE.get() );
+
+ idpSSODescriptor.addNameIDMappingService( endpoint );
+ }
else if (JBossSAMLConstants.NAMEID_FORMAT.get().equalsIgnoreCase( localPart ))
{
startElement = StaxParserUtil.getNextStartElement(xmlEventReader);
@@ -203,7 +234,16 @@
AttributeType attribute = SAMLParserUtil.parseAttribute(xmlEventReader);
idpSSODescriptor.addAttribute(attribute);
}
- else
+ else if (JBossSAMLConstants.KEY_DESCRIPTOR.get().equalsIgnoreCase( localPart ))
+ {
+ KeyDescriptorType keyDescriptor = new KeyDescriptorType();
+ String use = StaxParserUtil.getAttributeValue(startElement, "use" );
+ keyDescriptor.setUse( KeyTypes.fromValue(use) );
+
+ Element key = StaxParserUtil.getDOMElement(xmlEventReader);
+ keyDescriptor.setKeyInfo(key);
+ }
+ else
throw new RuntimeException( "Unknown " + localPart );
}
return idpSSODescriptor;
Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2011-01-31 16:16:32 UTC (rev 682)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/constants/JBossSAMLConstants.java 2011-01-31 16:55:42 UTC (rev 683)
@@ -33,6 +33,7 @@
ARTIFACT_RESOLUTION_SERVICE( "ArtifactResolutionService" ),
ASSERTION( "Assertion" ),
ASSERTION_CONSUMER_SERVICE_URL( "AssertionConsumerServiceURL" ),
+ ASSERTION_ID_REQUEST_SERVICE( "AssertionIDRequestService" ),
ATTRIBUTE( "Attribute" ),
ATTRIBUTE_AUTHORITY_DESCRIPTOR( "AttributeAuthorityDescriptor" ),
ATTRIBUTE_SERVICE( "AttributeService" ),
@@ -56,6 +57,7 @@
ENCRYPTED_ASSERTION( "EncryptedAssertion" ),
ENTITY_ID( "entityID" ),
ENTITY_DESCRIPTOR( "EntityDescriptor" ),
+ ENTITIES_DESCRIPTOR( "EntitiesDescriptor" ),
FORMAT( "Format" ),
FRIENDLY_NAME( "FriendlyName" ),
ID( "ID" ),
@@ -73,12 +75,14 @@
LOCATION( "Location" ),
LOGOUT_REQUEST( "LogoutRequest" ),
LOGOUT_RESPONSE( "LogoutResponse" ),
+ MANAGE_NAMEID_SERVICE( "ManageNameIDService" ),
METADATA_MIME("application/samlmetadata+xml"),
METHOD( "Method" ),
NAME( "Name" ),
NAME_FORMAT( "NameFormat" ),
NAMEID( "NameID" ),
NAMEID_FORMAT( "NameIDFormat" ),
+ NAMEID_MAPPING_SERVICE( "NameIDMappingService" ),
NAMEID_POLICY( "NameIDPolicy" ),
NAME_QUALIFIER( "NameQualifier" ),
NOT_BEFORE( "NotBefore" ),
Added: federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/metadata/SAMLMetadataParsingUnitTestCase.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/metadata/SAMLMetadataParsingUnitTestCase.java (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/java/org/picketlink/test/identity/federation/core/saml/v2/metadata/SAMLMetadataParsingUnitTestCase.java 2011-01-31 16:55:42 UTC (rev 683)
@@ -0,0 +1,54 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.test.identity.federation.core.saml.v2.metadata;
+
+import static org.junit.Assert.assertNotNull;
+
+import java.io.InputStream;
+
+import junit.framework.Assert;
+
+import org.junit.Test;
+import org.picketlink.identity.federation.core.parsers.saml.SAMLParser;
+import org.picketlink.identity.federation.newmodel.saml.v2.metadata.EntitiesDescriptorType;
+
+/**
+ * Unit test the SAML metadata parsing
+ * @author Anil.Saldhana at redhat.com
+ * @since Jan 31, 2011
+ */
+public class SAMLMetadataParsingUnitTestCase
+{
+ @Test
+ public void testEntitiesDescriptor() throws Exception
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ InputStream is =
+ tcl.getResourceAsStream("saml2/metadata/seam-entities.xml");
+ assertNotNull("Inputstream not null", is);
+
+ SAMLParser parser = new SAMLParser();
+ EntitiesDescriptorType entities = (EntitiesDescriptorType) parser.parse(is);
+ Assert.assertNotNull(entities);
+ Assert.assertEquals( 2, entities.getEntityDescriptor().size() );
+ }
+}
\ No newline at end of file
Added: federation/trunk/picketlink-fed-core/src/test/resources/saml2/metadata/seam-entities.xml
===================================================================
--- federation/trunk/picketlink-fed-core/src/test/resources/saml2/metadata/seam-entities.xml (rev 0)
+++ federation/trunk/picketlink-fed-core/src/test/resources/saml2/metadata/seam-entities.xml 2011-01-31 16:55:42 UTC (rev 683)
@@ -0,0 +1,154 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<EntitiesDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd">
+ <EntityDescriptor entityID="http://localhost:8888/opensso">
+ <IDPSSODescriptor WantAuthnRequestsSigned="false"
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+ MIICQDCCAakCBEeNB0swDQYJKoZIhvcNAQEEBQAwZzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNh
+ bGlmb3JuaWExFDASBgNVBAcTC1NhbnRhIENsYXJhMQwwCgYDVQQKEwNTdW4xEDAOBgNVBAsTB09w
+ ZW5TU08xDTALBgNVBAMTBHRlc3QwHhcNMDgwMTE1MTkxOTM5WhcNMTgwMTEyMTkxOTM5WjBnMQsw
+ CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEUMBIGA1UEBxMLU2FudGEgQ2xhcmExDDAK
+ BgNVBAoTA1N1bjEQMA4GA1UECxMHT3BlblNTTzENMAsGA1UEAxMEdGVzdDCBnzANBgkqhkiG9w0B
+ AQEFAAOBjQAwgYkCgYEArSQc/U75GB2AtKhbGS5piiLkmJzqEsp64rDxbMJ+xDrye0EN/q1U5Of+
+ RkDsaN/igkAvV1cuXEgTL6RlafFPcUX7QxDhZBhsYF9pbwtMzi4A4su9hnxIhURebGEmxKW9qJNY
+ Js0Vo5+IgjxuEWnjnnVgHTs1+mq5QYTA7E6ZyL8CAwEAATANBgkqhkiG9w0BAQQFAAOBgQB3Pw/U
+ QzPKTPTYi9upbFXlrAKMwtFf2OW4yvGWWvlcwcNSZJmTJ8ARvVYOMEVNbsT4OFcfu2/PeYoAdiDA
+ cGy/F2Zuj8XJJpuQRSE6PtQqBuDEHjjmOQJ0rV/r8mO1ZCtHRhpZ5zYRjhRC9eCbjx9VrFax0JDC
+ /FfwWigmrW0Y0Q==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService index="0"
+ isDefault="true" Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="http://localhost:8888/opensso/ArtifactResolver/metaAlias/idp" />
+ <SingleLogoutService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="http://localhost:8888/opensso/IDPSloRedirect/metaAlias/idp"
+ ResponseLocation="http://localhost:8888/opensso/IDPSloRedirect/metaAlias/idp" />
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://localhost:8888/opensso/IDPSloPOST/metaAlias/idp"
+ ResponseLocation="http://localhost:8888/opensso/IDPSloPOST/metaAlias/idp" />
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="http://localhost:8888/opensso/IDPSloSoap/metaAlias/idp" />
+ <ManageNameIDService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="http://localhost:8888/opensso/IDPMniRedirect/metaAlias/idp"
+ ResponseLocation="http://localhost:8888/opensso/IDPMniRedirect/metaAlias/idp" />
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://localhost:8888/opensso/IDPMniPOST/metaAlias/idp"
+ ResponseLocation="http://localhost:8888/opensso/IDPMniPOST/metaAlias/idp" />
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="http://localhost:8888/opensso/IDPMniSoap/metaAlias/idp" />
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</NameIDFormat>
+ <NameIDFormat>
+ urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos</NameIDFormat>
+ <NameIDFormat>
+ urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName</NameIDFormat>
+ <SingleSignOnService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="http://localhost:8888/opensso/SSORedirect/metaAlias/idp" />
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://localhost:8888/opensso/SSOPOST/metaAlias/idp" />
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="http://localhost:8888/opensso/SSOSoap/metaAlias/idp" />
+ <NameIDMappingService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="http://localhost:8888/opensso/NIMSoap/metaAlias/idp" />
+ <AssertionIDRequestService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="http://localhost:8888/opensso/AIDReqSoap/IDPRole/metaAlias/idp" />
+ <AssertionIDRequestService Binding="urn:oasis:names:tc:SAML:2.0:bindings:URI"
+ Location="http://localhost:8888/opensso/AIDReqUri/IDPRole/metaAlias/idp" />
+ </IDPSSODescriptor>
+ </EntityDescriptor>
+ <EntityDescriptor entityID="http://idp.ssocircle.com"
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
+ <IDPSSODescriptor WantAuthnRequestsSigned="false"
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+ MIIB8TCCAVqgAwIBAgIFAIxwZnIwDQYJKoZIhvcNAQEEBQAwLjELMAkGA1UEBhMCREUxEjAQBgNV
+ BAoTCVNTT0NpcmNsZTELMAkGA1UEAxMCQ0EwHhcNMDkwMjIyMTUwNDI0WhcNMTEwNTIyMTUwNDI0
+ WjBLMQswCQYDVQQGEwJERTESMBAGA1UEChMJU1NPQ2lyY2xlMQwwCgYDVQQLEwNpZHAxGjAYBgNV
+ BAMTEWlkcC5zc29jaXJjbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbzDRkudC/
+ aC2gMqRVVaLdPJJEwpFB4o71fR5bnNd2ocnnNzJ/W9CoCargzKx+EJ4Nm3vWmX/IZRCFvrvy9C78
+ fP1cmt6Sa091K9luaMAyWn7oC8h/YBXH7rB42tdvWLY4Kl9VJy6UCclvasyrfKx+SR4KU6zCsM62
+ 2Kvp5wW67QIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAGyaydfJHDkm77C39gq9bBb7OqK8OXEUTbIM
+ p8PDJZzIf9QkpkE7gHGcWctRKi7fNdONulc5kn2K2nbvCGrbWsWQvr/DA0bjkBrK8OeWpRhLe7fl
+ +JUgsErMcDIzRTmjNpZzUZp+WESRHV1j3SIcfY4tJM2uMt4Sc/afVnl5P6wL</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+
+ </KeyDescriptor>
+ <KeyDescriptor use="encryption">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+ MIIB8TCCAVqgAwIBAgIFAIxwZnIwDQYJKoZIhvcNAQEEBQAwLjELMAkGA1UEBhMCREUxEjAQBgNV
+ BAoTCVNTT0NpcmNsZTELMAkGA1UEAxMCQ0EwHhcNMDkwMjIyMTUwNDI0WhcNMTEwNTIyMTUwNDI0
+ WjBLMQswCQYDVQQGEwJERTESMBAGA1UEChMJU1NPQ2lyY2xlMQwwCgYDVQQLEwNpZHAxGjAYBgNV
+ BAMTEWlkcC5zc29jaXJjbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbzDRkudC/
+ aC2gMqRVVaLdPJJEwpFB4o71fR5bnNd2ocnnNzJ/W9CoCargzKx+EJ4Nm3vWmX/IZRCFvrvy9C78
+ fP1cmt6Sa091K9luaMAyWn7oC8h/YBXH7rB42tdvWLY4Kl9VJy6UCclvasyrfKx+SR4KU6zCsM62
+ 2Kvp5wW67QIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAGyaydfJHDkm77C39gq9bBb7OqK8OXEUTbIM
+ p8PDJZzIf9QkpkE7gHGcWctRKi7fNdONulc5kn2K2nbvCGrbWsWQvr/DA0bjkBrK8OeWpRhLe7fl
+ +JUgsErMcDIzRTmjNpZzUZp+WESRHV1j3SIcfY4tJM2uMt4Sc/afVnl5P6wL</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc">
+
+ <xenc:KeySize xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">128</xenc:KeySize>
+ </EncryptionMethod>
+ </KeyDescriptor>
+ <ArtifactResolutionService index="0"
+ isDefault="true" Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://idp.ssocircle.com:443/sso/ArtifactResolver/metaAlias/ssocircle" />
+ <SingleLogoutService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="https://idp.ssocircle.com:443/sso/IDPSloRedirect/metaAlias/ssocircle"
+ ResponseLocation="https://idp.ssocircle.com:443/sso/IDPSloRedirect/metaAlias/ssocircle" />
+ <!--
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="https://idp.ssocircle.com:443/sso/IDPSloPost/metaAlias/ssocircle"
+ ResponseLocation="https://idp.ssocircle.com:443/sso/IDPSloPost/metaAlias/ssocircle" />
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://idp.ssocircle.com:443/sso/IDPSloSoap/metaAlias/ssocircle" />
+ -->
+ <ManageNameIDService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="https://idp.ssocircle.com:443/sso/IDPMniRedirect/metaAlias/ssocircle"
+ ResponseLocation="https://idp.ssocircle.com:443/sso/IDPMniRedirect/metaAlias/ssocircle" />
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="https://idp.ssocircle.com:443/sso/IDPMniPOSTmetaAlias/ssocircle"
+ ResponseLocation="https://idp.ssocircle.com:443/sso/IDPMniPOST/metaAlias/ssocircle" />
+
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://idp.ssocircle.com:443/sso/IDPMniSoap/metaAlias/ssocircle" />
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+ <SingleSignOnService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="https://idp.ssocircle.com:443/sso/SSORedirect/metaAlias/ssocircle" />
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="https://idp.ssocircle.com:443/sso/SSOPOST/metaAlias/ssocircle" />
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://idp.ssocircle.com:443/sso/SSOSoap/metaAlias/ssocircle" />
+ <NameIDMappingService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="https://idp.ssocircle.com:443/sso/NIMSoap/metaAlias/ssocircle" />
+ </IDPSSODescriptor>
+ </EntityDescriptor>
+
+</EntitiesDescriptor>
\ No newline at end of file
More information about the picketlink-commits
mailing list