Metadati SAML 2.0 IdP

Questi sono i metadati che SimpleSAMLphp ha generato e che possono essere inviati ai partner fidati per creare una federazione tra siti.

Si possono ottenere i metadati in XML dall'URL dedicata:

https://idp.netcomposite.net/simplesaml/saml2/idp/metadata.php

Metadati

Metadati SAML 2.0 in formato XML:

<?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://idp.netcomposite.net/simplesaml/saml2/idp/metadata.php">
  <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    <md:KeyDescriptor use="signing">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
          <ds:X509Certificate>MIIFAjCCA+qgAwIBAgISBs2EryJzpxdgT/R+6XCQSe/cMA0GCSqGSIb3DQEBCwUAMDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQDEwNSMTIwHhcNMjYwNDMwMjMyMTM1WhcNMjYwNzI5MjMyMTM0WjAfMR0wGwYDVQQDExRpZHAubmV0Y29tcG9zaXRlLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM3zW1rx1nH3xEwwDyuaR773vyxo2O+C3qJGBPYCjN56qX8zrlgTNII3fwngvT/j05JlMOm0VilGkqYN1nWaDkqJV0mKBHYuTHAY+JE09d/MTlZtwd/Yz1xcxzss2u+39i5mDBGnVYFvHcyU3dU4SU+fzseRxLPuaB0WVyCufVmHCG1ZhTNT7hNTgl+uTfpArxRIYyinPlkdKSn2ZpRyoDMtF+jMIptBelQwhY3/ixcGpz0IN8y6g10rAGgcOQhd+eEapw47JRXGT+X//Dfr9kc6l4VJ9EB5RhXDoT7z+KTv/97UgfwCasiU/K7ikRqBZKK9cp8iiFnlUDk2E3D3r4sCAwEAAaOCAiIwggIeMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBS/3wqRgt0AkuNJM4/rP52RO96tPjAfBgNVHSMEGDAWgBQAtSnyLY5vMeibTK14Pvrc6QzR0jAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAKGF2h0dHA6Ly9yMTIuaS5sZW5jci5vcmcvMB8GA1UdEQQYMBaCFGlkcC5uZXRjb21wb3NpdGUubmV0MBMGA1UdIAQMMAowCAYGZ4EMAQIBMC4GA1UdHwQnMCUwI6AhoB+GHWh0dHA6Ly9yMTIuYy5sZW5jci5vcmcvOTMuY3JsMIIBDAYKKwYBBAHWeQIEAgSB/QSB+gD4AHYAyKPEf8ezrbk1awE/anoSbeM6TkOlxkb5l605dZkdz5oAAAGd4OgvjgAABAMARzBFAiBfmp83WPDJi7M/XL09wyCfs2kBySWs8x8bq3y1XrpQwgIhALFwJJ+zPUp4nqIfqToMZlV90/4n3m5lRMlqFwGIGXKVAH4ARq+GPTs+5Z+ld96oJF02sNntIqIj9GF3QSKUUu6VUF8AAAGd4OgwOgAIAAAFAAVZ378EAwBHMEUCIQDaappZBM0vQXLrZRuSgYZtnK1+WWtQkkimb/rag/qXbgIgZKeyT7zC+tGO0VQiovWRWHEmscE/SEgdMimiifEp1rAwDQYJKoZIhvcNAQELBQADggEBAB4tmyvphmYnwjPki03cgwaAJXQnr9RYbNVSYNJEuuxljqQh6CRmiZKnStMlbapQZWkPq/jWoCXkSHtmz3jChSAawj1baPipDF3yfGKiIOCBJOeF2i8yPuODZqePF75ByGwDkU70nBSW+92su+D6klVpEqzjCkXb/tbVLt5JQDdCzG3NtZjtBTL1LABm9x49behbyOveTpEpYweWmmkcMxto47tlnxsMCRPD/u3GAj0tXz76AdeMw9RUdH87VFWaUCsHH5Tfe0WFCSjwJF+edpCHNpC9T7kkS9mWfTH6mLP+aCpezPZFAcxY0gDliraPvagd6ZAv0REVGNWan4oL+Ss=</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:KeyDescriptor use="encryption">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
          <ds:X509Certificate>MIIFAjCCA+qgAwIBAgISBs2EryJzpxdgT/R+6XCQSe/cMA0GCSqGSIb3DQEBCwUAMDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQDEwNSMTIwHhcNMjYwNDMwMjMyMTM1WhcNMjYwNzI5MjMyMTM0WjAfMR0wGwYDVQQDExRpZHAubmV0Y29tcG9zaXRlLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM3zW1rx1nH3xEwwDyuaR773vyxo2O+C3qJGBPYCjN56qX8zrlgTNII3fwngvT/j05JlMOm0VilGkqYN1nWaDkqJV0mKBHYuTHAY+JE09d/MTlZtwd/Yz1xcxzss2u+39i5mDBGnVYFvHcyU3dU4SU+fzseRxLPuaB0WVyCufVmHCG1ZhTNT7hNTgl+uTfpArxRIYyinPlkdKSn2ZpRyoDMtF+jMIptBelQwhY3/ixcGpz0IN8y6g10rAGgcOQhd+eEapw47JRXGT+X//Dfr9kc6l4VJ9EB5RhXDoT7z+KTv/97UgfwCasiU/K7ikRqBZKK9cp8iiFnlUDk2E3D3r4sCAwEAAaOCAiIwggIeMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBS/3wqRgt0AkuNJM4/rP52RO96tPjAfBgNVHSMEGDAWgBQAtSnyLY5vMeibTK14Pvrc6QzR0jAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAKGF2h0dHA6Ly9yMTIuaS5sZW5jci5vcmcvMB8GA1UdEQQYMBaCFGlkcC5uZXRjb21wb3NpdGUubmV0MBMGA1UdIAQMMAowCAYGZ4EMAQIBMC4GA1UdHwQnMCUwI6AhoB+GHWh0dHA6Ly9yMTIuYy5sZW5jci5vcmcvOTMuY3JsMIIBDAYKKwYBBAHWeQIEAgSB/QSB+gD4AHYAyKPEf8ezrbk1awE/anoSbeM6TkOlxkb5l605dZkdz5oAAAGd4OgvjgAABAMARzBFAiBfmp83WPDJi7M/XL09wyCfs2kBySWs8x8bq3y1XrpQwgIhALFwJJ+zPUp4nqIfqToMZlV90/4n3m5lRMlqFwGIGXKVAH4ARq+GPTs+5Z+ld96oJF02sNntIqIj9GF3QSKUUu6VUF8AAAGd4OgwOgAIAAAFAAVZ378EAwBHMEUCIQDaappZBM0vQXLrZRuSgYZtnK1+WWtQkkimb/rag/qXbgIgZKeyT7zC+tGO0VQiovWRWHEmscE/SEgdMimiifEp1rAwDQYJKoZIhvcNAQELBQADggEBAB4tmyvphmYnwjPki03cgwaAJXQnr9RYbNVSYNJEuuxljqQh6CRmiZKnStMlbapQZWkPq/jWoCXkSHtmz3jChSAawj1baPipDF3yfGKiIOCBJOeF2i8yPuODZqePF75ByGwDkU70nBSW+92su+D6klVpEqzjCkXb/tbVLt5JQDdCzG3NtZjtBTL1LABm9x49behbyOveTpEpYweWmmkcMxto47tlnxsMCRPD/u3GAj0tXz76AdeMw9RUdH87VFWaUCsHH5Tfe0WFCSjwJF+edpCHNpC9T7kkS9mWfTH6mLP+aCpezPZFAcxY0gDliraPvagd6ZAv0REVGNWan4oL+Ss=</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.netcomposite.net/simplesaml/saml2/idp/SingleLogoutService.php"/>
    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
    <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.netcomposite.net/simplesaml/saml2/idp/SSOService.php"/>
  </md:IDPSSODescriptor>
  <md:ContactPerson contactType="technical">
    <md:GivenName>Administrator</md:GivenName>
    <md:EmailAddress>mailto:info@netcomposite.com</md:EmailAddress>
  </md:ContactPerson>
</md:EntityDescriptor>

In formato flat per SimpleSAMLphp - da utilizzare se dall'altra parte c'è un'entità che utilizza SimpleSAMLphp

$metadata['https://idp.netcomposite.net/simplesaml/saml2/idp/metadata.php'] = [
    'metadata-set' => 'saml20-idp-remote',
    'entityid' => 'https://idp.netcomposite.net/simplesaml/saml2/idp/metadata.php',
    'SingleSignOnService' => [
        [
            'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
            'Location' => 'https://idp.netcomposite.net/simplesaml/saml2/idp/SSOService.php',
        ],
    ],
    'SingleLogoutService' => [
        [
            'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
            'Location' => 'https://idp.netcomposite.net/simplesaml/saml2/idp/SingleLogoutService.php',
        ],
    ],
    'certData' => 'MIIFAjCCA+qgAwIBAgISBs2EryJzpxdgT/R+6XCQSe/cMA0GCSqGSIb3DQEBCwUAMDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQDEwNSMTIwHhcNMjYwNDMwMjMyMTM1WhcNMjYwNzI5MjMyMTM0WjAfMR0wGwYDVQQDExRpZHAubmV0Y29tcG9zaXRlLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM3zW1rx1nH3xEwwDyuaR773vyxo2O+C3qJGBPYCjN56qX8zrlgTNII3fwngvT/j05JlMOm0VilGkqYN1nWaDkqJV0mKBHYuTHAY+JE09d/MTlZtwd/Yz1xcxzss2u+39i5mDBGnVYFvHcyU3dU4SU+fzseRxLPuaB0WVyCufVmHCG1ZhTNT7hNTgl+uTfpArxRIYyinPlkdKSn2ZpRyoDMtF+jMIptBelQwhY3/ixcGpz0IN8y6g10rAGgcOQhd+eEapw47JRXGT+X//Dfr9kc6l4VJ9EB5RhXDoT7z+KTv/97UgfwCasiU/K7ikRqBZKK9cp8iiFnlUDk2E3D3r4sCAwEAAaOCAiIwggIeMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBS/3wqRgt0AkuNJM4/rP52RO96tPjAfBgNVHSMEGDAWgBQAtSnyLY5vMeibTK14Pvrc6QzR0jAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAKGF2h0dHA6Ly9yMTIuaS5sZW5jci5vcmcvMB8GA1UdEQQYMBaCFGlkcC5uZXRjb21wb3NpdGUubmV0MBMGA1UdIAQMMAowCAYGZ4EMAQIBMC4GA1UdHwQnMCUwI6AhoB+GHWh0dHA6Ly9yMTIuYy5sZW5jci5vcmcvOTMuY3JsMIIBDAYKKwYBBAHWeQIEAgSB/QSB+gD4AHYAyKPEf8ezrbk1awE/anoSbeM6TkOlxkb5l605dZkdz5oAAAGd4OgvjgAABAMARzBFAiBfmp83WPDJi7M/XL09wyCfs2kBySWs8x8bq3y1XrpQwgIhALFwJJ+zPUp4nqIfqToMZlV90/4n3m5lRMlqFwGIGXKVAH4ARq+GPTs+5Z+ld96oJF02sNntIqIj9GF3QSKUUu6VUF8AAAGd4OgwOgAIAAAFAAVZ378EAwBHMEUCIQDaappZBM0vQXLrZRuSgYZtnK1+WWtQkkimb/rag/qXbgIgZKeyT7zC+tGO0VQiovWRWHEmscE/SEgdMimiifEp1rAwDQYJKoZIhvcNAQELBQADggEBAB4tmyvphmYnwjPki03cgwaAJXQnr9RYbNVSYNJEuuxljqQh6CRmiZKnStMlbapQZWkPq/jWoCXkSHtmz3jChSAawj1baPipDF3yfGKiIOCBJOeF2i8yPuODZqePF75ByGwDkU70nBSW+92su+D6klVpEqzjCkXb/tbVLt5JQDdCzG3NtZjtBTL1LABm9x49behbyOveTpEpYweWmmkcMxto47tlnxsMCRPD/u3GAj0tXz76AdeMw9RUdH87VFWaUCsHH5Tfe0WFCSjwJF+edpCHNpC9T7kkS9mWfTH6mLP+aCpezPZFAcxY0gDliraPvagd6ZAv0REVGNWan4oL+Ss=',
    'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
    'contacts' => [
        [
            'emailAddress' => 'info@netcomposite.com',
            'contactType' => 'technical',
            'givenName' => 'Administrator',
        ],
    ],
];

Certificati

Scarica i certificati X509 come file PEM-encoded

idp.crt