Changes between Version 2 and Version 3 of HealthyRoads

Timestamp:

01/21/14 14:21:43 (11 years ago)

Author:

dabantz@…

Comment:

--

HealthyRoads

@@ -1 +1 @@
 == [[https://iam.alaska.edu/|IAM]] / [[https://iam.alaska.edu/projects|Projects]] / [[https://iam.alaska.edu/shib|Shibboleth]] / [[ServiceCandidates|Service Candidates]] / !HealthyRoads (Wellness benefit) ==
 
-Create the unique attributes required for this vendor, UniqueMemberID and !MemberSuffix.  Note they are encoded with a format of "basic" rather than the usual "uri."
+1. Import !HealthyRoads SP metadata.  Metadata for test provided via email from vendor; awaiting production metadata as of 2014-01-21.
+
+{{{
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://www.healthyroadstest.com/saml/UniversityOfAlaska">
+  <md:SPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <md:KeyDescriptor use="signing">
+      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+        <X509Data>
+          <X509Certificate>...</X509Certificate>
+        </X509Data>
+      </KeyInfo>
+    </md:KeyDescriptor>
+    <md:KeyDescriptor use="encryption">
+      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+        <X509Data>
+          <X509Certificate>...</X509Certificate>
+        </X509Data>
+      </KeyInfo>
+      <md:EncryptionMethod xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
+    </md:KeyDescriptor>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.healthyroadstest.com/saml/UniversityOfAlaska/saml20serviceproviderlogout.aspx" />
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.healthyroadstest.com/saml/UniversityOfAlaska/saml20serviceproviderlogout.aspx" />
+    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
+    <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.healthyroadstest.com/saml/UniversityOfAlaska/saml20serviceproviderlogin.aspx" />
+    <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.healthyroadstest.com/saml/UniversityOfAlaska/saml20serviceproviderlogin.aspx" />
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.healthyroadstest.com/saml/UniversityOfAlaska/saml20serviceproviderlogin.aspx" index="0" isDefault="true" />
+    <md:AttributeConsumingService isDefault="true" index="0">
+      <md:ServiceName xml:lang="en">ASH SAML Service Provider Portal</md:ServiceName>
+      <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" Name="UniqueMemberID" isRequired="True" />
+      <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" Name="MemberSuffix" isRequired="True" />
+      <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" Name="Email" isRequired="False" />
+    </md:AttributeConsumingService>
+  </md:SPSSODescriptor>
+  <md:Organization>
+    <md:OrganizationName xml:lang="en">ASH Companies</md:OrganizationName>
+    <md:OrganizationDisplayName xml:lang="en">ASH Companies</md:OrganizationDisplayName>
+    <md:OrganizationURL xml:lang="en" />
+  </md:Organization>
+  <md:ContactPerson contactType="technical">
+    <md:Company>ASH Companies</md:Company>
+    <md:GivenName />
+    <md:SurName />
+    <md:EmailAddress />
+    <md:TelephoneNumber />
+  </md:ContactPerson>
+</md:EntityDescriptor>
+}}}
+2. Create the unique attributes required for this vendor, UniqueMemberID and !MemberSuffix.  Note they are encoded with a format of "basic" rather than the usual "uri."
 
 {{{
@@ -43 +90 @@
 
 
-Attribute Release (for benefits-eligible employees).  This releases the custom attributes for this vendor, that is, UniqueMemberID and !MemberSuffix.  
+3. Attribute Release (for benefits-eligible employees).  This releases the custom attributes for this vendor, that is, UniqueMemberID and !MemberSuffix.  
+
 {{{
 </AttributeFilterPolicy>