[keycloak-user] Import External IDP Config

Henk Laracker Henk.Laracker at planonsoftware.com
Fri Jun 12 02:37:55 EDT 2015


Hi,

This is the metadata file which give a feedback that everything is ok, but nothing is read:

<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" ID="_17f4835f-df3b-41eb-bf98-4321cdab2bf6" entityID="http://bla.com/trust">
   <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
      <ds:SignedInfo>
         <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
         <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
         <ds:Reference URI="#_17f4835f-df3b-41eb-bf98-4321cdab2bf6">
            <ds:Transforms>
               <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
               <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
            </ds:Transforms>
            <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
            <ds:DigestValue>mErB5PiBx2+KMZYu8prJSZxSy6o4FeJc/OZUuckhie0=</ds:DigestValue>
         </ds:Reference>
      </ds:SignedInfo>
      <ds:SignatureValue>iUfHqj48oYZA+sy+mogIJG3ooSl4l/XBE1NCnnSYzqxHgftNXqLBMcgldnIIiDwwGXyKAHN5d7aFk3FbURwQ1/1V4LlaUrh8Ppm82/DXTJDLrLyyj1zk/5FBsSRW8gW3roB0+LCAE+xzr4qKWiCtVroIPwTP1wyGwdpfiF+RUd9EnRdPmRDb3hYV3/77tXBfsbDv0bz5EPzbAmsXaufndjpnuDluz5kddJyjdjX/77MCpTdBR2oLWx6/lxH2ZGEJf/MtyMB58TnmPLFQ5sHW9S2KkO3ODGbpy1+rw5/sYe5TFYYWGhIu7+uHGuhl94k4x/i1N1ch9Zs02Ou1V6CmOg==</ds:SignatureValue>
      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
         <X509Data>
            <X509Certificate>MIIC5jCCAc6gAwIBAgIQXn1r5kqQao9JlOksbxZDXjANBgkqhkiG9w0BAQsFADAvMS0wKwYDVQQDEyRBREZTIFNpZ25pbmcgLSBhZGZzLmRpcmVjdGVuZXJneS5jb20wHhcNMTUwMTIzMjIwNDM0WhcNMTYwMTIzMjIwNDM0WjAvMS0wKwYDVQQDEyRBREZTIFNpZ25pbmcgLSBhZGZzLmRpcmVjdGVuZXJneS5jb20wggEiLA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDilI+XZfNZ/b2pQWeqDLVyXEIn+6BL3KcAv/R0tRtC2mlnQFpf3uHxF8sd3kdHcexB/ugihNvVdZJExlnkKCoL8kvNFGeDc0T9vOItd2A/Hm1WCRtqc+cZ/z9uPwqZxnRTjEfCn+X/mbCrG4VQbeMsGy/UKib5WUUuXpnjOaaZmfIoTMeJ0vMj9GBZUGBJu56bbiWOK/mYsXy8Xb2uNf7uXvFmWcAIriZMhHgML6KhDHeqhu3QAwrXEbp4co5+FSNaaelUHhrDxz/0yc9Lxmuf+OnKJu/CYcdAQPzaFvn33ceJE/yJDe2lYFocSx0930lM5Q/SWMMGT+OvQZVsDaLTAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAKe6zgWy6jIOFCCyTtA/9NFaJP54GnSOhRpbApK+PvPDUBjRUj5hpWMKg9O964HofAorO5KZOsiPMfKI5dAfLzAgts0n0ji41UMGbnpTKJ3N9pWTsTG1s+sTOA63mmIRms+So/y/JsA3YWa+Apx9EvB/GkOrT9vRIbCz31bMAY9ohwMyhfYv7i5qLjWYnbF19ioLHvO527nfr8XcsSNYJLkHt3VMWX2Q1OfjgWN/XFkBY/Moj0J/PUkXDii928RAfylLD3JZdeuhw5kQBOvWFh8BiVQpvaETZcGeUzit6O1072kDfq+UGOMSUB9DOQde2/4nExr6Qr6XW9vp3JetmPU=</X509Certificate>
         </X509Data>
      </KeyInfo>
   </ds:Signature>
   <RoleDescriptor xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="bla.com">
      <KeyDescriptor use="encryption">
         <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
            <X509Data>
               <X509Certificate>MIIC7DCCAdSgAwIBAgIQdtaCBGq5JZlHSOqPMWkKjjANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDEydBREZTIEVuY3J5cHRpb24gLSBhZGZzLmRpcmVjdGVuZXJneS5jb20wHhcNMTUwMTIzMjIwNDI2WhcNMTYwMTIzMjIwNDI2WjAyMTAwLgYDVQQDEydBREZTIEVuY3J5cHRpb24gLSBhZGZzLmSpcmVjdGVuZXJneS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKq1rfU0BsBW8cEPxpla6sWZhEA7AvTPFiNUJ8B1Ih3O01A6dq7mGycTHdxG+m3ZIUcCmihExjxrGRT4pd9f78uJCCHxm+gBfq8gHgA2gml/jtxeRRc4h8cl3qgBdTdpyEN6dFLbGYRgNo1JIDSJzSrNbmNggoKpzuWLMBjJ2AHfnG6hAzJWtvM2phf88WbWoxYAQmm1Fq3Usy6WgYFg+Iz1Z4XEgAB35bG4nmqROU4U3djmR4DxZup4zbKi422t32tFy8MU/VEshiREKB22BcxNHTXi1YHXNtCQixMcOvK21w/Ha1o8AypZ9yBBj3cfwTJ9NLO4Xf9+Mf9FeA6BgZAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAKJHmw9MjdjXYf9q4Szo76xDfZC1jV+MXPizPEKzujjF5V90u6WWWbmR4ye9zT6nuMfFP7fNbm46A9yhuUiqeXpLQP80rC7d5XJeEhIhogLRH6xJXKOF5XVbN0RGi7ARTHsEzjyuZWs2N2ibPU55gLTlGTr/aW7jbs5UWEXG2ymM4SmiAUQbG8bRXNI6bQYe7Db2XEZ4H2D8TUMcHn0LtTF+dhpQTOep9Yf8/6Qdci/6FptSfi4nNPPKzvGfBu9uVaeCl/aGI3LA8QYIPbdIfUoJge5ym04j9sUVW7fkyWY8WkmQPZHntjeTYkBH4nLUH/OkLCa1KC6a3K67cp3j6AE=</X509Certificate>
            </X509Data>
         </KeyInfo>
      </KeyDescriptor>
      <fed:ClaimTypesRequested>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
            <auth:DisplayName>E-Mail Address</auth:DisplayName>
            <auth:Description>The e-mail address of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
            <auth:DisplayName>Given Name</auth:DisplayName>
            <auth:Description>The given name of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
            <auth:DisplayName>Name</auth:DisplayName>
            <auth:Description>The unique name of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
            <auth:DisplayName>UPN</auth:DisplayName>
            <auth:Description>The user principal name (UPN) of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
            <auth:DisplayName>Common Name</auth:DisplayName>
            <auth:Description>The common name of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
            <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
            <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or ADFS 1.0</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
            <auth:DisplayName>Group</auth:DisplayName>
            <auth:Description>A group that the user is a member of</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
            <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
            <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or ADFS 1.0</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
            <auth:DisplayName>Role</auth:DisplayName>
            <auth:Description>A role that the user has</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
            <auth:DisplayName>Surname</auth:DisplayName>
            <auth:Description>The surname of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
            <auth:DisplayName>PPID</auth:DisplayName>
            <auth:Description>The private identifier of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
            <auth:DisplayName>Name ID</auth:DisplayName>
            <auth:Description>The SAML name identifier of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
            <auth:DisplayName>Authentication time stamp</auth:DisplayName>
            <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
            <auth:DisplayName>Authentication method</auth:DisplayName>
            <auth:Description>The method used to authenticate the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
            <auth:DisplayName>Deny only group SID</auth:DisplayName>
            <auth:Description>The deny-only group SID of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
            <auth:DisplayName>Deny only primary SID</auth:DisplayName>
            <auth:Description>The deny-only primary SID of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
            <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
            <auth:Description>The deny-only primary group SID of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
            <auth:DisplayName>Group SID</auth:DisplayName>
            <auth:Description>The group SID of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
            <auth:DisplayName>Primary group SID</auth:DisplayName>
            <auth:Description>The primary group SID of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
            <auth:DisplayName>Primary SID</auth:DisplayName>
            <auth:Description>The primary SID of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
            <auth:DisplayName>Windows account name</auth:DisplayName>
            <auth:Description>The domain account name of the user in the form of &lt;domain&gt;\&lt;user&gt;</auth:Description>
         </auth:ClaimType>
      </fed:ClaimTypesRequested>
      <fed:TargetScopes>
         <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
            <Address>https://bla.com/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
         </EndpointReference>
         <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
            <Address>https://bla.com/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256</Address>
         </EndpointReference>
         <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
            <Address>https://bla.com/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256</Address>
         </EndpointReference>
         <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
            <Address>https://bla.com/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256</Address>
         </EndpointReference>
         <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
            <Address>https://bla.com/adfs/ls/</Address>
         </EndpointReference>
         <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
            <Address>http://bla.com/adfs/services/trust</Address>
         </EndpointReference>
      </fed:TargetScopes>
      <fed:ApplicationServiceEndpoint>
         <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
            <Address>https://bla.com/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
         </EndpointReference>
      </fed:ApplicationServiceEndpoint>
      <fed:PassiveRequestorEndpoint>
         <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
            <Address>https://bla.com/adfs/ls/</Address>
         </EndpointReference>
      </fed:PassiveRequestorEndpoint>
   </RoleDescriptor>
   <RoleDescriptor xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="fed:SecurityTokenServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="bla.com">
      <KeyDescriptor use="signing">
         <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
            <X509Data>
               <X509Certificate>MIIC5jCCAc6gAwIBAgIQXn1r5kqQao9JlOksbxZDXjANBgkqhkiG9w0BAQsFADAvMS0wKwYDVQQDEyRBREZTIFNpZ25pbmcgLSBhZGZzLmRpcmVjdGVuZXJneS5jb20wHhcNMTUwMTIzMjIwNDM0WhcNMTYwMTIzMjIwNDM0WjAvMS0wKwYDVQQDEyRBREZTIFNpZ25pbmcgLSBhZGZzLmRpcmVjdGVuZXJneS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDilI+XZfNZ/b2pQWeqDLVyXEIn+6BL3KcAv/R0tRtC2mlnQFpf3uHxF8sd3kdHcexB/ugihNvVdZJExlnkKCoL8kvNFGeDc0T9vOItd2A/Hm1WCRtqc+cZ/z9uPwqZxnRTjEfCn+X/mbCrG4VQbeMsGy/UKib5WUUuXpnjOaaZmfIoTMeJ0vLj9GBZUGBJu56bbiWOK/mYsXy8Xb2uNf7uXvFmWcAIriZMhHgML6KhDHeqhu3QAwrXEbp4co5+FSNaaelUHhrDxz/0yc9Lxmuf+OnKJu/CYcdAQPzaFvn33ceJE/yJDe2lYFocSx0930lM5Q/SWMMGT+OvQZVsDaLTAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAKe6zgWy6jIOFCCyTtA/9NFaJP54GnSOhRpbApK+PvPDUBjRUj5hpWMKg9O964HofAorO5VZOsiPMfKI5dAfLzAgts0n0ji41UMGbnpTKJ3N9pWTsTG1s+sTOA63mmIRms+So/y/JsA3YWa+Apx9EvB/GkOrT9vRIbCz31bMAY6ohwMyhfYv7i5qLjWYnbF19ioLHvO527nfr8XcsSNYJLkHt3VMWX2Q1OfjgWN/XFkBY/Moj0J/PUkXDii928RAfylLD3JZdeuhw5kQBOvWFh8BiVQpvaETZcGeUzit6O1072kDfq+UGOMSUB9DOQde2/4nExr6Qr6XW9vp3JetmPU=</X509Certificate>
            </X509Data>
         </KeyInfo>
      </KeyDescriptor>
      <fed:TokenTypesOffered>
         <fed:TokenType Uri="urn:oasis:names:tc:SAML:2.0:assertion" />
         <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion" />
      </fed:TokenTypesOffered>
      <fed:ClaimTypesOffered>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
            <auth:DisplayName>E-Mail Address</auth:DisplayName>
            <auth:Description>The e-mail address of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
            <auth:DisplayName>Given Name</auth:DisplayName>
            <auth:Description>The given name of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
            <auth:DisplayName>Name</auth:DisplayName>
            <auth:Description>The unique name of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
            <auth:DisplayName>UPN</auth:DisplayName>
            <auth:Description>The user principal name (UPN) of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
            <auth:DisplayName>Common Name</auth:DisplayName>
            <auth:Description>The common name of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
            <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
            <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or ADFS 1.0</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
            <auth:DisplayName>Group</auth:DisplayName>
            <auth:Description>A group that the user is a member of</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
            <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
            <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or ADFS 1.0</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
            <auth:DisplayName>Role</auth:DisplayName>
            <auth:Description>A role that the user has</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
            <auth:DisplayName>Surname</auth:DisplayName>
            <auth:Description>The surname of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
            <auth:DisplayName>PPID</auth:DisplayName>
            <auth:Description>The private identifier of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
            <auth:DisplayName>Name ID</auth:DisplayName>
            <auth:Description>The SAML name identifier of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
            <auth:DisplayName>Authentication time stamp</auth:DisplayName>
            <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
            <auth:DisplayName>Authentication method</auth:DisplayName>
            <auth:Description>The method used to authenticate the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
            <auth:DisplayName>Deny only group SID</auth:DisplayName>
            <auth:Description>The deny-only group SID of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
            <auth:DisplayName>Deny only primary SID</auth:DisplayName>
            <auth:Description>The deny-only primary SID of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
            <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
            <auth:Description>The deny-only primary group SID of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
            <auth:DisplayName>Group SID</auth:DisplayName>
            <auth:Description>The group SID of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
            <auth:DisplayName>Primary group SID</auth:DisplayName>
            <auth:Description>The primary group SID of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
            <auth:DisplayName>Primary SID</auth:DisplayName>
            <auth:Description>The primary SID of the user</auth:Description>
         </auth:ClaimType>
         <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
            <auth:DisplayName>Windows account name</auth:DisplayName>
            <auth:Description>The domain account name of the user in the form of &lt;domain&gt;\&lt;user&gt;</auth:Description>
         </auth:ClaimType>
      </fed:ClaimTypesOffered>
      <fed:SecurityTokenServiceEndpoint>
         <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
            <Address>https://bla.com/adfs/services/trust/2005/certificatemixed</Address>
            <Metadata>
               <Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
                  <wsx:MetadataSection xmlns="" Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex">
                     <wsx:MetadataReference>
                        <Address xmlns="http://www.w3.org/2005/08/addressing">https://bla.com/adfs/services/trust/mex</Address>
                     </wsx:MetadataReference>
                  </wsx:MetadataSection>
               </Metadata>
            </Metadata>
         </EndpointReference>
      </fed:SecurityTokenServiceEndpoint>
      <fed:PassiveRequestorEndpoint>
         <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
            <Address>https://bla.com/adfs/ls/</Address>
         </EndpointReference>
      </fed:PassiveRequestorEndpoint>
   </RoleDescriptor>
   <SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
      <KeyDescriptor use="encryption">
         <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
            <X509Data>
               <X509Certificate>MIIC7DCCAdSgAwIBAgIQdtaCBGq5JZlHSOqPMWkKjjANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDEydBREZTIEVuY3J5cHRpb24gLSBhZGZzLmRpcmVjdGVuZXJneS5jb20wHhcNMTUwMTIzMjIwNDI2WhcNMTYwMTIzMjIwNDI2WjAyMTAwLgYDVQQDEydBREZTIEVuY3J5cHRpb24gLSBhZGZzLmRpcmVjdGVuZXJneS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKq1rfU0BsBW8cEPxpla6sWZhEA7AvTPFiNUJ8B1Ii3O01A6dq7mGycTHdxG+m3ZIUcCmihExjxrGRT4pd9f78uJCCHxm+gBfq8gHgA2gml/jtxeRRc4h8cl3qgBdTdpyEN6dFLbGYRgNo1JIDSJzSrNbmNggoKpzuWLMBjJ2AHfnG6hAzJWtvM2phf88WbWoxYAQmm1Fq3Usy6WgYFg+Iz1Z4XEgAB35bG4nmqROU4U3djmR4DxZup4zbKi422t32tFy8MU/VEshiREKB22BcxNHTXi1YHXNtCQixMcOvK21w/Ha1o8AypZ8yBBj3cfwTJ9NLO4Xf9+Mf9FeA6BgZAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAKJHmw9MjdjXYf9q4Szo76xDfZC1jV+MXPizPEKzujjF5V90u6WWWbmR4ye9zT6nuMfFP7fNbm46A9yhuUiqeXpLQP80rC7d5XJeEhIhogLRH6xJXKOF5XVbN0RGi7ARTHsFzjyuZWs2N2ibPU55gLTlGTr/aW7jbs5UWEXG2ymM4SmiAUQbG8bRXNI6bQYe7Db2XEZ4H2D8TUMcHn0LtTF+dhpQTOep9Yf8/6Qdci/6FptSfi4nNPPKzvGfBu9uVaeCl/aGI3LA8QYIPbdIfUoJge5ym04j9sUVW7fkyWY8WkmQPZHntjeTYkBH4nLUH/OkLCa1KC6a3K67cp3j6AE=</X509Certificate>
            </X509Data>
         </KeyInfo>
      </KeyDescriptor>
      <KeyDescriptor use="signing">
         <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
            <X509Data>
               <X509Certificate>MIIC5jCCAc6gAwIBAgIQXn1r5kqQao9JlOksbxZDXjANBgkqhkiG9w0BAQsFADAvMS0wKwYDVQQDEyRBREZTIFNpZ25pbmcgLSBhZGZzLmRpcmVjdGVuZXJneS5jb20wHhcNMTUwMTIzMjIwNDM0WhcNMTYwMTIzMjIwNDM0WjAvMS0wKwYDVQQDEyRBREZTIFNpZ25pbmcgLSBhZGZzLmRpcmVjdGVuYXJneS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDilI+XZfNZ/b2pQWeqDLVyXEIn+6BL3KcAv/R0tRtC2mlnQFpf3uHxF8sd3kdHcexB/ugihNvVdZJExlnkKCoL8kvNFGeDc0T9vOItd2A/Hm1WCRtqc+cZ/z9uPwqZxnRTjEfCn+X/mbCrG4VQbeMsGy/UKib5WUUuXpnjOaaZmfIoTMeJ0vMj9GBZUGBJu56bbiWOK/mYsXy8Xb2uNf7uXvFmWcAIriZMhHgML6KhDHeqhu3QAwrXEbp4co5+FSNaaelUHhrDxz/0yc9Lxmuf+OnKJu/CYcdAQPzaFvn33ceJE/yJDe2lYFocSx0930lM5Q/SWMMGT+OvQZVsDaLTAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAKe6zgWy6jIOFCCyTtA/9NFaJP54GnSOhRpbApK+PvPDUBjRUj5hpVMKg9O964HofAorO5VZOsiPMfKI5dAfLzAgts0n0ji41UMGbnpTKJ3N9pWTsTG1s+sTOA63mmIRms+So/y/JsA3YWa+Apx9EvB/GkOrT9vRIbCz31bMAY9ohwMyhfYv7i5qLjWYnbF19ioLHvO527nfr8XcsSNYJLkHt3VMWX2Q1OfjgWN/XFkBY/Moj0J/PUkXDii928RAfylLD3JZdeuhw5kQBOvWFh8BiVQpvaETZcGeUzit6O1072kDfq+UGOMSUB9DOQde2/4nExr6Qr6XW9vp3JetmPU=</X509Certificate>
            </X509Data>
         </KeyInfo>
      </KeyDescriptor>
      <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://bla.com/adfs/ls/" />
      <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://bla.com/adfs/ls/" />
      <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
      <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
      <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
      <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://bla.com/adfs/ls/" index="0" isDefault="true" />
      <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://bla.com/adfs/ls/" index="1" />
      <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://bla.com/adfs/ls/" index="2" />
   </SPSSODescriptor>
   <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
      <KeyDescriptor use="encryption">
         <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
            <X509Data>
               <X509Certificate>MIIC7DCCAdSgAwIBAgIQdtaCBGq5JZlHSOqPMWkKjjANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDEydBREZTIEVuY3J5cHRpb24gLSBhZGZzLmRpcmVjdGVuZXJneS5jb20wHhcNMTUwMTIzMjIwNDI2WhcNMTYwMTIzMjIwNDI2WjAyMTAwLgYDVQQDEydBREZTIEVuY3J5cHRpb24gLSBhZGZzLlRpcmVjdGVuZXJneS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKq1rfU0BsBW8cEPxpla6sWZhEA7AvTPFiNUJ8B1Ih3O01A6dq7mGycTHdxG+m3ZIUcCmihExjxrGRT4pd9f78uJCCHxm+gBfq8gHgA2gml/jtxeRRc4h8cl3qgBdTdpyEN6dFLbGYRgNo1JIDSJzSrNbmNggoKpzuWLMBjJ2AHfnG6hAzJWtvM2phf88WbWoxYAQmm1Fq3Usy6WgYFg+Iz1Z4XEgAB35bG4nmqROU4U3djmR4DxZup4zbKi422t32tFy8MU/VEshiREKB22BcxNHTXi1YHXNtCQixMcOvK21w/Ha1o8AypZ8yBBj3cfwTJ9NLO4Xf9+Mf9FeA6BgZAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAKJHmw9MjdjXYf9q4Szo76xDfZC1jV+MXPizPEKzujjF5V90u6WWWbmR4ye9zT6nuMfFP7fNbm46A9yhuUiqeXpLQP80rC7d5XJeEhIhogLRH6xJXKOF5XVbN0RGi7ARTHsEzjyuZWs2N2ibPU55gLTlGTr/aW7jbs5UWEXG2ymM4SmiAUQbG8bRXNI6bQYe7Db2XEZ4H2D8TUMcHn0LtTF+dhpQTOep9Yf8/6Qdci/6FptSfi4nNPPKzvGfBu9uVaeCl/aGI3LA8QYIPbdIfUoJge5ym04j9sUVW7fkyWY8WkmQPZHntjeTYkBH4nLUH/OkLCa1KC6a3K67cp3j6AE=</X509Certificate>
            </X509Data>
         </KeyInfo>
      </KeyDescriptor>
      <KeyDescriptor use="signing">
         <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
            <X509Data>
               <X509Certificate>MIIC5jCCAc6gAwIBAgIQXn1r5kqQao9JlOksbxZDXjANBgkqhkiG9w0BAQsFADAvMS0wKwYDVQQDEyRBREZTIFNpZ25pbmcgLSBhZGZzLmRpcmVjdGVuZXJneS5jb20wHhcNMTUwMTIzMjIwNDM0WhcNMTYwMTIzMjIwNDM0WjAvMS0wKwYDVQQDEyRBREZTIFNpZ25pbmcgLSBhZGZzLmRpcmVjdGVuZXJneS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDilI+XZfNZ/b2pQWeqDLVyXEIn+6BL3KcAv/R0tRtC2mlnQFpf3uHxF8sd3kdHcexB/ugihNvVeZJExlnkKCoL8kvNFGeDc0T9vOItd2A/Hm1WCRtqc+cZ/z9uPwqZxnRTjEfCn+X/mbCrG4VQbeMsGy/UKib5WUUuXpnjOaaZmfIoTMeJ0vMj9GBZUGBJu56bbiWOK/mYsXy8Xb2uNf7uXvFmWcAIriZMhHgML6KhDHeqhu3QAwrXEbp4co5+FSNaaelUHhrDxz/0yc9Lxmuf+OnKJu/CYcdAQPzaFvn33ceJE/yJDe2lYFocSx0930lM5Q/SWMMGT+OvQZVsDaLTAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAKe6zgWy6jIOFCCyTtA/9NFaJP54GnSOhRpbApK+PvPDUBjRUj5hpWMKg9O964HofAorO5VZOsiPMfKI5dAfLzAgts0n0ji41UMGbnpTKJ3N9pWTsTG1s+sTOA63mmIRms+So/y/JsA3YWa+Apx9EvB/GkOrT9vRIbCz31bMAY9ohwMyhfYv7i5qLjWYnbF19ioLHvO527nfr8XcsSNYJLkHt3VMWX2Q1OfjgWN/XFkBY/Moj0J/PUkXDii928RAfylLD3JZdeuhw5kQBOvWFh8BiVQpvaETZcGeUzit6O1072kDfq+UGOMSUB9DOQde2/4nExr6Qr6XW9vp3JetmPU=</X509Certificate>
            </X509Data>
         </KeyInfo>
      </KeyDescriptor>
      <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://bla.com/adfs/ls/" />
      <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://bla.com/adfs/ls/" />
      <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
      <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
      <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
      <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://bla.com/adfs/ls/" />
      <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://bla.com/adfs/ls/" />
      <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address" />
      <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name" />
      <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name" />
      <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN" />
      <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name" />
      <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address" />
      <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group" />
      <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN" />
      <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role" />
      <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname" />
      <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID" />
      <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID" />
      <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp" />
      <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method" />
      <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID" />
      <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID" />
      <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID" />
      <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID" />
      <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID" />
      <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID" />
      <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name" />
   </IDPSSODescriptor>
</EntityDescriptor>

Met vriendelijke groet / Yours sincerely / Mit freundlichen Grüßen / Très cordialement,

Henk Laracker

From: Raghu Prabhala <prabhalar at yahoo.com<mailto:prabhalar at yahoo.com>>
Reply-To: Raghu Prabhala <prabhalar at yahoo.com<mailto:prabhalar at yahoo.com>>
Date: Monday 8 June 2015 23:31
To: Henk Laracker <henk.laracker at planonsoftware.com<mailto:henk.laracker at planonsoftware.com>>, "keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>" <keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>>
Subject: Re: [keycloak-user] Import External IDP Config

Even I had similar issue earlier. Cleaning the browser cache and importing the config files addressed it You can give it a try.



________________________________
From: Henk Laracker <Henk.Laracker at planonsoftware.com<mailto:Henk.Laracker at planonsoftware.com>>
To: "keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>" <keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>>
Sent: Monday, June 8, 2015 9:51 AM
Subject: [keycloak-user] Import External IDP Config

Hi,

>From two different customers I received a idp config xml file. Both files I can import without a error, but nothing is filled in the fields. From security reasons I can not send the files. What is input you need to solve this problem? Is it possible to change the log level of the keycloak server. We are running it on openshift (private)

Met vriendelijke groet / Yours sincerely / Mit freundlichen Grüßen / Très cordialement,

Henk Laracker


_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150612/635553d4/attachment-0001.html 


More information about the keycloak-user mailing list