Changes between Version 6 and Version 7 of ParkWeb


Ignore:
Timestamp:
04/14/14 10:28:14 (10 years ago)
Author:
dabantz@…
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • ParkWeb

    v6 v7  
    3030 
    3131}}} 
    32 IdP's Metadata for Parking SP (see [[https://iam.alaska.edu/shib/wiki/SetupSpRelyParty|Setup SP Relying Party]] for step-by-step): 
     32IdP's Metadata for Parking SP; new version generated 2014-04-10 after upgrade to remove Heartbleed vulnerability (see [[https://iam.alaska.edu/shib/wiki/SetupSpRelyParty|Setup SP Relying Party]] for step-by-step): 
    3333{{{ 
    3434 
    35 <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_ed7f613611a15bfb34b76ae5a813150e11901be1" entityID="https://uafparkweb.uaf.edu/shibboleth"> 
     35<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_9b44cf80b14741916dafecc7c218e350580cee33" entityID="https://uafparkweb.apps.ad.alaska.edu/shibboleth"> 
     36 
     37  <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"> 
     38    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> 
     39    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> 
     40    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> 
     41    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> 
     42    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> 
     43    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> 
     44    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> 
     45    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> 
     46    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> 
     47    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> 
     48    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> 
     49    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> 
     50    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> 
     51    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> 
     52    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> 
     53    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> 
     54  </md:Extensions> 
    3655 
    3756  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol"> 
    3857    <md:Extensions> 
    39       <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://uafparkweb.uaf.edu/Shibboleth.sso/Login"/> 
    40       <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://uafparkweb.uaf.edu/Shibboleth.sso/Login" index="1"/> 
     58      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://uafparkweb.apps.ad.alaska.edu/Shibboleth.sso/Login"/> 
     59      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://uafparkweb.apps.ad.alaska.edu/Shibboleth.sso/Login" index="1"/> 
    4160    </md:Extensions> 
    4261    <md:KeyDescriptor> 
    4362      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> 
    44         <ds:KeyName>uafparkweb.uaf.edu</ds:KeyName> 
     63        <ds:KeyName>uafparkweb.apps.ad.alaska.edu</ds:KeyName> 
    4564        <ds:X509Data> 
    46           <ds:X509SubjectName>CN=uafparkweb.uaf.edu</ds:X509SubjectName> 
    47           <ds:X509Certificate>MIIC/TCCAeWgAwIBAgIJAMzgCKAmDy6JMA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNV 
    48 BAMTEnVhZnBhcmt3ZWIudWFmLmVkdTAeFw0xMTEyMTIyMDIyMTZaFw0yMTEyMDky 
    49 MDIyMTZaMB0xGzAZBgNVBAMTEnVhZnBhcmt3ZWIudWFmLmVkdTCCASIwDQYJKoZI 
    50 hvcNAQEBBQADggEPADCCAQoCggEBANAddwJUwr3mEz4TbFgGNUiWnHWYSXQjdAqp 
    51 9OyXbHfqzaXgNRiKRKsL1TagTRHl/b0JUw7m+pcFuHIzzXugu5EVgljvJOzFUPbG 
    52 uLJN6/zOj50/u/QZY/P1qQntBXkDDVpU4iqFLuuuVYLFc/YMq3KB7v+xITni3zKR 
    53 XnNqTHMNbwPzWlSQfWFYFdMbkyBCNBnbyU/uZhj+12R2W8qGYwiEH9mciDVcyuft 
    54 P0/5KY795G0ereV5/mc9WqRx2emEmNRNN55AsfUTDjCS9HuFtIuSd3w+hu0na48k 
    55 bRRl97C0RD41Q47J6jg7yNdsO4zFrzR0GlPGBmAa1KWIpYn7f4cCAwEAAaNAMD4w 
    56 HQYDVR0RBBYwFIISdWFmcGFya3dlYi51YWYuZWR1MB0GA1UdDgQWBBTOs32S8rss 
    57 rzDVr5oV5Rv+PO+5oTANBgkqhkiG9w0BAQUFAAOCAQEAVvX8NJrB+yrBMmk9+X7Q 
    58 FwOeTLNyHQZn19x39u/gTIS9iZICVXn+c1FO4AwR7mRuCHK+RTyH/+en14FE6V1b 
    59 yGWglaZwqflBUkDVvPApssxSjIPRheM0FhS93UBi8g2jYb4Z5q1UVwNJkeNAuIiU 
    60 PXIG/k2dP3cSLA2WSiZ65nK7aoF2CmDoiqDGhafeNBrz5i77G1p/2bJYGuNzH601 
    61 oieY39x+0Vl6Gc0kISjLXVaRNnQGS8Ot12ximuq9mYSGSVTxUFK8hhPv79SnPn0D 
    62 aBOcxTTieo3P1KJHierIsR8OHJUlBCqXcR6UJrPiM+CYZqlwbZUXKihWZDppNKy/ 
    63 IA== 
     65          <ds:X509SubjectName>CN=uafparkweb.apps.ad.alaska.edu</ds:X509SubjectName> 
     66          <ds:X509Certificate>MIIDHjCCAgagAwIBAgIJAMQ5NVSwH8zJMA0GCSqGSIb3DQEBBQUAMCgxJjAkBgNV 
     67BAMTHXVhZnBhcmt3ZWIuYXBwcy5hZC5hbGFza2EuZWR1MB4XDTE0MDQxMDE3NDEw 
     68NloXDTI0MDQwNzE3NDEwNlowKDEmMCQGA1UEAxMddWFmcGFya3dlYi5hcHBzLmFk 
     69LmFsYXNrYS5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAV1x/ 
     70b5bopn2tsAeUwAaA4jN7G+WS4kUW3rUG9e0RN1z81io7JCbulryvc8BMfZ+RJ95S 
     71U7yHn5RRkldE25iICMB975vTNyJlHsrdRm+ulMTCpOx9d33fYKbGPXoBMInZqesl 
     72jjmaQ+brR0YcbVX3mxibmlRUGzxzecayYlzEbajEEsVXkuU9ClqZ2JoEJGSG0JOi 
     73g/ScFYJEVS/W+mo83dq66WnfOsAEzSz08nkPwf75HtHPAvBDrfNprLWKvM7QrCHw 
     74TRKSj8y2QlD2OXfbSb2/JHCUN0JBFzkTpusJEenNCgRP6f+n15gigN3bOGz9WNT5 
     75nC8yiuxGjOTyVGv1AgMBAAGjSzBJMCgGA1UdEQQhMB+CHXVhZnBhcmt3ZWIuYXBw 
     76cy5hZC5hbGFza2EuZWR1MB0GA1UdDgQWBBR1PQkQhF23yFzauV+m3txYqnfUYzAN 
     77BgkqhkiG9w0BAQUFAAOCAQEAZD8cqgeKId//XcLHq8ryC5rMUg6xMmwv/C/bIDWj 
     783Dosi9j+zePk97nu09etTzoIOwyzROUZJyZFvF96qXvgiEQodmBIMuUaYbws8yWj 
     79qWzO+6C2N1Jn6IsqRtSO5SEtlHWGT4cizyMM1scDNg4i4cf0UxC0dZn+NBFiCUkw 
     80y3RLpot9r4ff9P7PePxqrFaBzQoTF9d58u/HFwc/t7ETvYulI6voPVFE/P9YKFb9 
     81pqHbsGFjQqUtzjmDM1hPUZ/wr5OXMKQBtnUrJuGUR0gFh8+5jKwz05x47etqlZ8k 
     82JSs7+w5fZ0QRLjJ69mRzg5cX5JRRtGucve+LDy88FGMIsA== 
    6483</ds:X509Certificate> 
    6584        </ds:X509Data> 
    6685      </ds:KeyInfo> 
     86      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> 
     87      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> 
     88      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> 
     89      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> 
     90      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> 
     91      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> 
     92      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> 
     93      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/> 
     94      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> 
    6795    </md:KeyDescriptor> 
    68     <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://uafparkweb.uaf.edu/Shibboleth.sso/Artifact/SOAP" index="0"/> 
    69     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://uafparkweb.uaf.edu/Shibboleth.sso/SLO/SOAP"/> 
    70     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://uafparkweb.uaf.edu/Shibboleth.sso/SLO/Redirect"/> 
    71     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://uafparkweb.uaf.edu/Shibboleth.sso/SLO/POST"/> 
    72     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://uafparkweb.uaf.edu/Shibboleth.sso/SLO/Artifact"/> 
    73     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://uafparkweb.uaf.edu/Shibboleth.sso/SAML2/POST" index="0"/> 
    74     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://uafparkweb.uaf.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="1"/> 
    75     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://uafparkweb.uaf.edu/Shibboleth.sso/SAML2/Artifact" index="2"/> 
    76     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://uafparkweb.uaf.edu/Shibboleth.sso/SAML2/ECP" index="3"/> 
    77     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://uafparkweb.uaf.edu/Shibboleth.sso/SAML/POST" index="4"/> 
    78     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://uafparkweb.uaf.edu/Shibboleth.sso/SAML/Artifact" index="5"/> 
     96    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://uafparkweb.apps.ad.alaska.edu/Shibboleth.sso/Artifact/SOAP" index="1"/> 
     97    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://uafparkweb.apps.ad.alaska.edu/Shibboleth.sso/SLO/SOAP"/> 
     98    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://uafparkweb.apps.ad.alaska.edu/Shibboleth.sso/SLO/Redirect"/> 
     99    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://uafparkweb.apps.ad.alaska.edu/Shibboleth.sso/SLO/POST"/> 
     100    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://uafparkweb.apps.ad.alaska.edu/Shibboleth.sso/SLO/Artifact"/> 
     101    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://uafparkweb.apps.ad.alaska.edu/Shibboleth.sso/SAML2/POST" index="1"/> 
     102    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://uafparkweb.apps.ad.alaska.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/> 
     103    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://uafparkweb.apps.ad.alaska.edu/Shibboleth.sso/SAML2/Artifact" index="3"/> 
     104    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://uafparkweb.apps.ad.alaska.edu/Shibboleth.sso/SAML2/ECP" index="4"/> 
     105    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://uafparkweb.apps.ad.alaska.edu/Shibboleth.sso/SAML/POST" index="5"/> 
     106    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://uafparkweb.apps.ad.alaska.edu/Shibboleth.sso/SAML/Artifact" index="6"/> 
    79107  </md:SPSSODescriptor> 
    80  
    81108</md:EntityDescriptor> 
    82109}}}