SAML 2.0 SPメタデータ
ここは SimpleSAMLphp が生成したメタデータがあります。あなたは信頼するパートナーにこのメタデータを送信し信頼された連携を構築出来ます。
https://sso.udima.es/simplesamlphp/module.php/saml/sp/metadata.php/ejemplo-sp
メタデータ
SAML 2.0 用のメタデータXMLフォーマット:
<?xml version="1.0"?> <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://skinner.cef.es" ID="_917432ef3c52d52b317b28af50cbc2f35dfe6540314e81c263eb8ab20978a08a"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> <ds:Reference URI="#_917432ef3c52d52b317b28af50cbc2f35dfe6540314e81c263eb8ab20978a08a"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>aHwbxypFPeFSjTLKJFEqraG+pvbclGcguFDSiJmSUAE=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>T3T5rAuPen7gkPqn6ADcBGPV88+s9LYLXjnfh8Xcd79OO+JUx8OOrycNdTpcIhs1kQcnWfuDAP9lGPWmhB641ScpCWOUBOPlyExF0Srgv9tsj50s0W0fgjvjIkdSCnO2NN4faCNLMvEhqx4IJuxKGil7MFJ5MEKslUmTSLgLeQqkE5bVmFJSA597Ck6z1wQnO5c1bwLAx539LCHF1VMXRITq1kDyMllBz6ChjXuBTPjSqQ1sQ5j/gV9zVeUH8dtrL7tr1u6yCm1RdYZVIoXKrdrrPLP9CvBQQARqiJN2QefTWwDlFMLLAgQ4bQpS5rygowNU1jKJ67S0OH3RaZgyAwnB8bVdWNeQE4awyLOBFMJ+GzIdsMXEgK5VWKjElpa683nA4/ZCVcvyCv0i9kOLqDYt4DR7ZZ2zgidhTygnsFk2XtdOVCIRMXz98+7c33PCydfAgIXXS5DO7QvDevTS2ZFoQGXHiraNzbQL1sFCVrG6WCbF4+gyGTJpMWuFIf5FPdn7XlnngRutStjP+Vv9YWHcoKNJpaY45qeZsGBlsOaDxmHexa0FUJPkMYnrwu569AX3xInQEvTjvfoMXS8DQKImIJIj5O7hJCpjBEmcKlG1cqeURJajY2TMPIvJr1AVjG0PU1HyOoV/xWN4tHY4p+8YMNonzgvQWkmtov8AhCg=</ds:SignatureValue> <ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIF4DCCA8igAwIBAgIJAIbGl62QGOSTMA0GCSqGSIb3DQEBCwUAMIGEMRMwEQYKCZImiZPyLGQBGRYDc3NvMRUwEwYKCZImiZPyLGQBGRYFdWRpbWExEjAQBgoJkiaJk/IsZAEZFgJlczEOMAwGA1UECgwFVWRpbWExGzAZBgNVBAsMEkNlcnRpZmljYWRvcyBVZGltYTEVMBMGA1UEAwwMc3NoLnVkaW1hLmVzMB4XDTE4MDQyMzEwNDQzMFoXDTI4MDQyMDEwNDQzMFowgYQxEzARBgoJkiaJk/IsZAEZFgNzc28xFTATBgoJkiaJk/IsZAEZFgV1ZGltYTESMBAGCgmSJomT8ixkARkWAmVzMQ4wDAYDVQQKDAVVZGltYTEbMBkGA1UECwwSQ2VydGlmaWNhZG9zIFVkaW1hMRUwEwYDVQQDDAxzc2gudWRpbWEuZXMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDEpTEJHkft/vXcn/aCyluLWELJ0z5r9S1q4urI0i5vEvgeGNQgX2S0I0WVBeNcwNEYYNTzjVzrmy5Sta5th75/JTGsz4dR1+6PBVU6DjkDtXNCw+7ZyS8juSCYdqavvpyg81RK5xsX82l8aIXRavi8JB51V9DlR/98aFLZ2WFiogxeTmLnM14kXbjaGxWv7TcEtdHkCi1jn9s27HVjTSkEjKcfJq3J4k/ejnp4KoUsP2d7JVHqKFTVpET9TwHmnmyTB5ZGimq32t+6F0cqjM9F0xTWgGkST444dqpiQaDLSAO6pwYDxgITaFnDBWOof0SkQ9SeyKT3MoKugMLytjRkD5rXBkAoNEOZQZLAQTqOYaI7UHCYqkljxmQ1ZRKS3JCTgMvRhVBij+UTd0OfjvDvWocs3kSY6D11dbC0cD+KibbOeHgxt3m+dnjn4g+z7qIB/bbezQkCV6ocpUI8dtMsM0tdrwNs+rjNt5G1S9bozeYWsmlX1PKV11ndWWtj49PvGjuVpti95rAfCPnpcRl5+YidmDEqPEKYhC5e+e5IfL/G7omwWojh7wg4SlP5hqyDE4RkgpCPhDlEs3maatLSflwvwMQwc1kvT8PldbSUsEBd1srcOTCwNhXv0RjzkPJPP5OnBo+ZyWRXdCGZ9nioDlWyo92uB2/pfAiKK1mYjwIDAQABo1MwUTAdBgNVHQ4EFgQUwOLdaBtHgqOrEfysa6dTxT2xoQcwHwYDVR0jBBgwFoAUwOLdaBtHgqOrEfysa6dTxT2xoQcwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAwAVivUyekVl9/AkdhPg3kuvUWwShretqgI5iA+YEJASvl1xKbTfCol+JYtXiXQOzmpL8988FNnhrA2+C4VfoU1gbudS0ZAvtME1/qGgwMEvxXZNqPF5sv06iOdrjQ/LngpdD0GcFIkkUfDEaidurTwbaR/7dbLoHTeiWEwFHh5Ksn9Lvk4FiMoMjev1/g2cHqJYtbtPDWR7QgBvBD3WjTqvWzw7ySW3hnMG1Po0Y8G6vAGFSeZWpMC10ebY/rptqscnDlUgPtj27ZLUuaZuT4uyTjbVetH3UGHzIN7vt1Z/xSbg0VXVE+u/zvT2vZsDKoaJLgh8N9X8yJzrD6Idlzd0nx08uTdNju9wMr57jZx+Y5SbyIqtBB6VeZe1jFiJRTIyePJM29kpXRgoF5M3UenJ04G0rIaiMHlq3Cy0LDqvv6t2FQE7rRw04Yn+eoWl6wrSYo6tzX818mOO3nhrrac3vg1iPl6kvwGtUteB8/RBQaVzFRe4ef/ITegdYEOa74HvaSdoWSVIlgit2DDGUChcwqtNQGjc37NkYN6aggqFzy4Vm3jpe05rKyyX7jCsWJrRFIZmxqVVS6ETko9/NrHe0cq5V8RzG/pRogmlCaFyHsTa1EmZR7cjgscRs9wzdcyUwfCnskg0x6KuJA96ryHTIpGHXs3ZQK0PK3fMv52M=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature> <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol"> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sso.udima.es/simplesamlphp/module.php/saml/sp/saml2-logout.php/ejemplo-sp"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sso.udima.es/simplesamlphp/module.php/saml/sp/saml2-acs.php/ejemplo-sp" index="0"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sso.udima.es/simplesamlphp/module.php/saml/sp/saml1-acs.php/ejemplo-sp" index="1"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sso.udima.es/simplesamlphp/module.php/saml/sp/saml2-acs.php/ejemplo-sp" index="2"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://sso.udima.es/simplesamlphp/module.php/saml/sp/saml1-acs.php/ejemplo-sp/artifact" index="3"/> </md:SPSSODescriptor> <md:ContactPerson contactType="technical"> <md:GivenName>Servicios</md:GivenName> <md:SurName>Informáticos</md:SurName> <md:EmailAddress>mailto:informatica@udima.es</md:EmailAddress> </md:ContactPerson> </md:EntityDescriptor>
SimpleSAMLphp のファイルフォーマット - 片側でも SimpleSAMLphpエンティティを使用する場合にこれを使用します:
$metadata['http://skinner.cef.es'] = [ 'SingleLogoutService' => [ [ 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'Location' => 'https://sso.udima.es/simplesamlphp/module.php/saml/sp/saml2-logout.php/ejemplo-sp', ], ], 'AssertionConsumerService' => [ [ 'index' => 0, 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST', 'Location' => 'https://sso.udima.es/simplesamlphp/module.php/saml/sp/saml2-acs.php/ejemplo-sp', ], [ 'index' => 1, 'Binding' => 'urn:oasis:names:tc:SAML:1.0:profiles:browser-post', 'Location' => 'https://sso.udima.es/simplesamlphp/module.php/saml/sp/saml1-acs.php/ejemplo-sp', ], [ 'index' => 2, 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact', 'Location' => 'https://sso.udima.es/simplesamlphp/module.php/saml/sp/saml2-acs.php/ejemplo-sp', ], [ 'index' => 3, 'Binding' => 'urn:oasis:names:tc:SAML:1.0:profiles:artifact-01', 'Location' => 'https://sso.udima.es/simplesamlphp/module.php/saml/sp/saml1-acs.php/ejemplo-sp/artifact', ], ], 'contacts' => [ [ 'emailAddress' => 'informatica@udima.es', 'contactType' => 'technical', 'givenName' => 'Servicios', 'surName' => 'Informáticos', ], ], ];