Metadata: Unify the metadata formats.
This patch updates all metadata files to use the same format. It also updates the examples in the documentation to match the actual files. git-svn-id: http://simplesamlphp.googlecode.com/svn/trunk@1835 44740490-163a-0410-bde0-09ae8108e29a
This commit is contained in:
parent
1a5bfec9c6
commit
c90caf4aa2
|
@ -6,19 +6,16 @@ This is a reference for the metadata files
|
|||
Both files have the following format:
|
||||
|
||||
<?php
|
||||
$metadata = array(
|
||||
/* The index of the array is the entity ID of this IdP. */
|
||||
'entity-id-1' => array(
|
||||
'host' => 'idp.example.org',
|
||||
/* Configuration options for the first IdP. */
|
||||
),
|
||||
'entity-id-2' => array(
|
||||
'host' => '__DEFAULT__',
|
||||
/* Configuration options for the default IdP. */
|
||||
),
|
||||
/* ... */
|
||||
/* The index of the array is the entity ID of this IdP. */
|
||||
$metadata['entity-id-1'] = array(
|
||||
'host' => 'idp.example.org',
|
||||
/* Configuration options for the first IdP. */
|
||||
);
|
||||
?>
|
||||
$metadata['entity-id-2'] = array(
|
||||
'host' => '__DEFAULT__',
|
||||
/* Configuration options for the default IdP. */
|
||||
);
|
||||
/* ... */
|
||||
|
||||
The entity ID should be an URI. It can, also be on the form
|
||||
`__DYNAMIC:1__`, `__DYNAMIC:2__`, `...`. In that case, the entity ID
|
||||
|
@ -214,26 +211,24 @@ These are some examples of IdP metadata
|
|||
### Minimal SAML 2.0 / Shibboleth 1.3 IdP ###
|
||||
|
||||
<?php
|
||||
$metadata = array(
|
||||
/*
|
||||
* We use the '__DYNAMIC:1__' entity ID so that the entity ID
|
||||
* will be autogenerated.
|
||||
*/
|
||||
$metadata['__DYNAMIC:1__'] = array(
|
||||
/*
|
||||
* We use the '__DYNAMIC:1__' entity ID so that the entity ID
|
||||
* will be autogenerated.
|
||||
* We use '__DEFAULT__' as the hostname so we won't have to
|
||||
* enter a hostname.
|
||||
*/
|
||||
'__DYNAMIC:1__' => array(
|
||||
/*
|
||||
* We use '__DEFAULT__' as the hostname so we won't have to
|
||||
* enter a hostname.
|
||||
*/
|
||||
'host' => '__DEFAULT__',
|
||||
'host' => '__DEFAULT__',
|
||||
|
||||
/* The private key and certificate used by this IdP. */
|
||||
'certificate' => 'server.crt',
|
||||
'privatekey' => 'server.pem',
|
||||
/* The private key and certificate used by this IdP. */
|
||||
'certificate' => 'server.crt',
|
||||
'privatekey' => 'server.pem',
|
||||
|
||||
/* The authentication source for this IdP. Must be one
|
||||
* from config/authsources.php.
|
||||
*/
|
||||
'auth' => 'example-userpass',
|
||||
),
|
||||
/*
|
||||
* The authentication source for this IdP. Must be one
|
||||
* from config/authsources.php.
|
||||
*/
|
||||
'auth' => 'example-userpass',
|
||||
);
|
||||
?>
|
||||
|
|
|
@ -4,17 +4,14 @@ IdP remote metadata reference
|
|||
This is a reference for metadata options available for `metadata/saml20-idp-remote.php` and `metadata/shib13-idp-remote.php`. Both files have the following format:
|
||||
|
||||
<?php
|
||||
$metadata = array(
|
||||
/* The index of the array is the entity ID of this IdP. */
|
||||
'entity-id-1' => array(
|
||||
/* Configuration options for the first IdP. */
|
||||
),
|
||||
'entity-id-2' => array(
|
||||
/* Configuration options for the second IdP. */
|
||||
),
|
||||
/* ... */
|
||||
/* The index of the array is the entity ID of this IdP. */
|
||||
$metadata['entity-id-1'] = array(
|
||||
/* Configuration options for the first IdP. */
|
||||
);
|
||||
?>
|
||||
$metadata['entity-id-2'] = array(
|
||||
/* Configuration options for the second IdP. */
|
||||
);
|
||||
/* ... */
|
||||
|
||||
|
||||
Common options
|
||||
|
@ -138,7 +135,6 @@ Examples
|
|||
### Configuration for openidp.feide.no ###
|
||||
|
||||
<?php
|
||||
$metadata = array();
|
||||
$metadata['https://openidp.feide.no'] = array(
|
||||
'name' => array(
|
||||
'en' => 'Feide OpenIdP - guest users',
|
||||
|
@ -149,7 +145,6 @@ Examples
|
|||
'SingleLogoutService' => 'https://openidp.feide.no/simplesaml/saml2/idp/SingleLogoutService.php',
|
||||
'certFingerprint' => 'c9ed4dfb07caf13fc21e0fec1572047eb8a7a4cb',
|
||||
);
|
||||
?>
|
||||
|
||||
|
||||
Calculating the fingerprint of a certificate
|
||||
|
@ -160,4 +155,4 @@ If you have obtained a certificate file, and want to calculate the fingerprint o
|
|||
$ openssl x509 -noout -fingerprint -in "server.crt"
|
||||
SHA1 Fingerprint=AF:E7:1C:28:EF:74:0B:C8:74:25:BE:13:A2:26:3D:37:97:1D:A1:F9
|
||||
|
||||
In this case, the certFingerprint option should be set to `AF:E7:1C:28:EF:74:0B:C8:74:25:BE:13:A2:26:3D:37:97:1D:A1:F9`.
|
||||
In this case, the certFingerprint option should be set to `AF:E7:1C:28:EF:74:0B:C8:74:25:BE:13:A2:26:3D:37:97:1D:A1:F9`.
|
||||
|
|
|
@ -4,19 +4,16 @@ SP hosted metadata reference
|
|||
This is a reference for the metadata files `metadata/saml20-sp-hosted.php` and `metadata/shib13-sp-hosted.php`. Both files have the following format:
|
||||
|
||||
<?php
|
||||
$metadata = array(
|
||||
/* The index of the array is the entity ID of this SP. */
|
||||
'entity-id-1' => array(
|
||||
'host' => 'sp.example.org',
|
||||
/* Configuration options for the first SP. */
|
||||
),
|
||||
'entity-id-2' => array(
|
||||
'host' => '__DEFAULT__',
|
||||
/* Configuration options for the default SP. */
|
||||
),
|
||||
/* ... */
|
||||
/* The index of the array is the entity ID of this SP. */
|
||||
$metadata['entity-id-1'] = array(
|
||||
'host' => 'sp.example.org',
|
||||
/* Configuration options for the first SP. */
|
||||
);
|
||||
?>
|
||||
$metadata['entity-id-2'] = array(
|
||||
'host' => '__DEFAULT__',
|
||||
/* Configuration options for the default SP. */
|
||||
);
|
||||
/* ... */
|
||||
|
||||
The entity ID should be an URI. It can also be on the form `__DYNAMIC:1__`, `__DYNAMIC:2__`, `...`. In that case, the entity ID will be generated automatically.
|
||||
|
||||
|
@ -160,17 +157,14 @@ These are some examples of SP metadata
|
|||
### Minimal SAML 2.0 / Shibboleth 1.3 SP ###
|
||||
|
||||
<?php
|
||||
$metadata = array(
|
||||
/*
|
||||
* We use the '__DYNAMIC:1__' entity ID so that the entity ID
|
||||
* will be autogenerated.
|
||||
*/
|
||||
$metadata['__DYNAMIC:1__'] = array(
|
||||
/*
|
||||
* We use the '__DYNAMIC:1__' entity ID so that the entity ID
|
||||
* will be autogenerated.
|
||||
* We use '__DEFAULT__' as the hostname so we won't have to
|
||||
* enter a hostname.
|
||||
*/
|
||||
'__DYNAMIC:1__' => array(
|
||||
/*
|
||||
* We use '__DEFAULT__' as the hostname so we won't have to
|
||||
* enter a hostname.
|
||||
*/
|
||||
'host' => '__DEFAULT__',
|
||||
),
|
||||
'host' => '__DEFAULT__',
|
||||
);
|
||||
?>
|
||||
|
|
|
@ -6,17 +6,14 @@ This is a reference for metadata options available for
|
|||
Both files have the following format:
|
||||
|
||||
<?php
|
||||
$metadata = array(
|
||||
/* The index of the array is the entity ID of this SP. */
|
||||
'entity-id-1' => array(
|
||||
/* Configuration options for the first SP. */
|
||||
),
|
||||
'entity-id-2' => array(
|
||||
/* Configuration options for the second SP. */
|
||||
),
|
||||
/* ... */
|
||||
/* The index of the array is the entity ID of this SP. */
|
||||
$metadata['entity-id-1'] = array(
|
||||
/* Configuration options for the first SP. */
|
||||
);
|
||||
?>
|
||||
$metadata['entity-id-2'] = array(
|
||||
/* Configuration options for the second SP. */
|
||||
);
|
||||
/* ... */
|
||||
|
||||
|
||||
Common options
|
||||
|
|
|
@ -1,38 +1,25 @@
|
|||
<?php
|
||||
/*
|
||||
* SAML 2.0 Meta data for simpleSAMLphp
|
||||
/**
|
||||
* SAML 2.0 IdP configuration for simpleSAMLphp.
|
||||
*
|
||||
* The SAML 2.0 IdP Hosted config is used by the SAML 2.0 IdP to identify itself.
|
||||
*
|
||||
* Required parameters:
|
||||
* - host
|
||||
* - privatekey
|
||||
* - certificate
|
||||
* - auth
|
||||
* - authority
|
||||
*
|
||||
* Optional Parameters:
|
||||
* - 'userid.attribute'
|
||||
* - 'redirect.sign'
|
||||
* See: https://rnd.feide.no/content/idp-hosted-metadata-reference
|
||||
*/
|
||||
|
||||
$metadata['__DYNAMIC:1__'] = array(
|
||||
/*
|
||||
* The hostname of the server (VHOST) that will use this SAML entity.
|
||||
*
|
||||
* Can be '__DEFAULT__', to use this entry by default.
|
||||
*/
|
||||
'host' => '__DEFAULT__',
|
||||
|
||||
$metadata = array(
|
||||
|
||||
// The SAML entity ID is the index of this config.
|
||||
'__DYNAMIC:1__' => array(
|
||||
|
||||
// The hostname of the server (VHOST) that this SAML entity will use.
|
||||
'host' => '__DEFAULT__',
|
||||
|
||||
// X.509 key and certificate. Relative to the cert directory.
|
||||
'privatekey' => 'server.pem',
|
||||
'certificate' => 'server.crt',
|
||||
|
||||
// Authentication plugin to use. login.php is the default one that uses LDAP.
|
||||
'auth' => 'auth/login.php'
|
||||
)
|
||||
/* X.509 key and certificate. Relative to the cert directory. */
|
||||
'privatekey' => 'server.pem',
|
||||
'certificate' => 'server.crt',
|
||||
|
||||
/*
|
||||
* Authentication source to use. Must be one that is configured in
|
||||
* 'config/authsources.php'.
|
||||
*/
|
||||
'auth' => 'example-userpass',
|
||||
);
|
||||
|
||||
?>
|
||||
|
|
|
@ -1,24 +1,22 @@
|
|||
<?php
|
||||
/*
|
||||
* SAML 2.0 Meta data for simpleSAMLphp
|
||||
*
|
||||
* The SAML 2.0 IdP Remote config is used by the SAML 2.0 SP to identify trusted SAML 2.0 IdPs.
|
||||
*
|
||||
*/
|
||||
|
||||
$metadata = array();
|
||||
|
||||
/**
|
||||
* SAML 2.0 remote IdP metadata for simpleSAMLphp.
|
||||
*
|
||||
* Remember to remove the IdPs you don't use from this file.
|
||||
*
|
||||
* See: https://rnd.feide.no/content/idp-remote-metadata-reference
|
||||
*/
|
||||
|
||||
/*
|
||||
* Guest IdP. allows users to sign up and register. Great for testing!
|
||||
*/
|
||||
|
||||
$metadata['https://openidp.feide.no'] = array(
|
||||
'name' => array(
|
||||
'name' => array(
|
||||
'en' => 'Feide OpenIdP - guest users',
|
||||
'no' => 'Feide Gjestebrukere',
|
||||
),
|
||||
'description' => 'Here you can login with your account on Feide RnD OpenID. If you do not already have an account on this identity provider, you can create a new one by following the create new account link and follow the instructions.',
|
||||
|
||||
|
||||
'send_metadata_email' => 'moria-support@uninett.no',
|
||||
'SingleSignOnService' => 'https://openidp.feide.no/simplesaml/saml2/idp/SSOService.php',
|
||||
'SingleLogoutService' => 'https://openidp.feide.no/simplesaml/saml2/idp/SingleLogoutService.php',
|
||||
|
@ -26,73 +24,75 @@ $metadata['https://openidp.feide.no'] = array(
|
|||
);
|
||||
|
||||
|
||||
/**
|
||||
* Feide, the norwegian federation. Test and production metadata.
|
||||
/*
|
||||
* Feide, the norwegian federation. Test and production metadata.
|
||||
*/
|
||||
$metadata['https://idp-test.feide.no'] = array(
|
||||
'name' => array(
|
||||
'name' => array(
|
||||
'en' => 'Feide Test environment',
|
||||
'no' => 'Feide testmiljø',
|
||||
),
|
||||
'description' => 'Feide test environment (idp-test.feide.no). Authenticate with your identity from a school or university in Norway.',
|
||||
'send_metadata_email' => 'moria-support@uninett.no',
|
||||
'SingleSignOnService' => 'https://idp-test.feide.no/simplesaml/saml2/idp/SSOService.php',
|
||||
'SingleLogoutService' => 'https://idp-test.feide.no/simplesaml/saml2/idp/SingleLogoutServiceiFrame.php',
|
||||
'SingleLogoutServiceResponse' => 'https://idp-test.feide.no/simplesaml/saml2/idp/SingleLogoutServiceiFrameResponse.php',
|
||||
'certFingerprint' => 'fa982efdb69f26e8073c8f815a82a0c5885960a2',
|
||||
'hint.cidr' => '158.38.0.0/16'
|
||||
'description' => 'Feide test environment (idp-test.feide.no). Authenticate with your identity from a school or university in Norway.',
|
||||
'send_metadata_email' => 'moria-support@uninett.no',
|
||||
|
||||
'SingleSignOnService' => 'https://idp-test.feide.no/simplesaml/saml2/idp/SSOService.php',
|
||||
'SingleLogoutService' => 'https://idp-test.feide.no/simplesaml/saml2/idp/SingleLogoutServiceiFrame.php',
|
||||
'SingleLogoutServiceResponse' => 'https://idp-test.feide.no/simplesaml/saml2/idp/SingleLogoutServiceiFrameResponse.php',
|
||||
|
||||
'certFingerprint' => 'fa982efdb69f26e8073c8f815a82a0c5885960a2',
|
||||
'hint.cidr' => '158.38.0.0/16',
|
||||
);
|
||||
|
||||
$metadata['https://idp.feide.no'] = array(
|
||||
'name' => 'Feide',
|
||||
'description' => array(
|
||||
'name' => 'Feide',
|
||||
'description' => array(
|
||||
'en' => 'Authenticate with your identity from a school or university in Norway.',
|
||||
'no' => 'Logg inn med din identitet fra skolen eller universitetet du er tilknyttet (i Norge).',
|
||||
),
|
||||
'send_metadata_email' => 'moria-support@uninett.no',
|
||||
'SingleSignOnService' => 'https://idp.feide.no/simplesaml/saml2/idp/SSOService.php',
|
||||
'SingleLogoutService' => 'https://idp.feide.no/simplesaml/saml2/idp/SingleLogoutServiceiFrame.php',
|
||||
'SingleLogoutServiceResponse' => 'https://idp.feide.no/simplesaml/saml2/idp/SingleLogoutServiceiFrameResponse.php',
|
||||
'certFingerprint' => 'cde69e332fa7dd0eaa99ee0ddf06916e8942ac53',
|
||||
'hint.cidr' => '158.38.0.0/16'
|
||||
'send_metadata_email' => 'moria-support@uninett.no',
|
||||
'SingleSignOnService' => 'https://idp.feide.no/simplesaml/saml2/idp/SSOService.php',
|
||||
'SingleLogoutService' => 'https://idp.feide.no/simplesaml/saml2/idp/SingleLogoutServiceiFrame.php',
|
||||
'SingleLogoutServiceResponse' => 'https://idp.feide.no/simplesaml/saml2/idp/SingleLogoutServiceiFrameResponse.php',
|
||||
'certFingerprint' => 'cde69e332fa7dd0eaa99ee0ddf06916e8942ac53',
|
||||
'hint.cidr' => '158.38.0.0/16',
|
||||
);
|
||||
|
||||
|
||||
|
||||
/**
|
||||
/*
|
||||
* Wayf, the danish federation metadata.
|
||||
*/
|
||||
$metadata['https://wayf.wayf.dk'] = array(
|
||||
'name' => array(
|
||||
'name' => array(
|
||||
'en' => 'DK-WAYF Production server',
|
||||
'da' => 'DK-WAYF Produktionsmiljøet',
|
||||
),
|
||||
'description' => 'Login with your identity from a danish school, university or library.',
|
||||
'send_metadata_email' => 'sekretariat@wayf.dk',
|
||||
'send_metadata_email' => 'sekretariat@wayf.dk',
|
||||
'SingleSignOnService' => 'https://wayf.wayf.dk/saml2/idp/SSOService.php',
|
||||
'SingleLogoutService' => 'https://wayf.wayf.dk/saml2/idp/SingleLogoutService.php',
|
||||
'certFingerprint' => 'c215d7bf9d51c7805055239f66b957d9a72ff44b'
|
||||
);
|
||||
|
||||
$metadata['https://betawayf.wayf.dk'] = array(
|
||||
'name' => array(
|
||||
'name' => array(
|
||||
'en' => 'DK-WAYF Quality Assurance',
|
||||
'da' => 'DK-WAYF Quality Assurance miljøet',
|
||||
),
|
||||
'description' => 'Login with your identity from a danish school, university or library.',
|
||||
'send_metadata_email' => 'sekretariat@wayf.dk',
|
||||
'send_metadata_email' => 'sekretariat@wayf.dk',
|
||||
'SingleSignOnService' => 'https://betawayf.wayf.dk/saml2/idp/SSOService.php',
|
||||
'SingleLogoutService' => 'https://betawayf.wayf.dk/saml2/idp/SingleLogoutService.php',
|
||||
'certFingerprint' => 'c215d7bf9d51c7805055239f66b957d9a72ff44b'
|
||||
);
|
||||
|
||||
$metadata['https://testidp.wayf.dk'] = array(
|
||||
'name' => array(
|
||||
'name' => array(
|
||||
'en' => 'DK-WAYF Test Server',
|
||||
'da' => 'DK-WAYF Test Miljøet',
|
||||
),
|
||||
'description' => 'Login with your identity from a danish school, university or library.',
|
||||
'send_metadata_email' => 'sekretariat@wayf.dk',
|
||||
'send_metadata_email' => 'sekretariat@wayf.dk',
|
||||
'SingleSignOnService' => 'https://testidp.wayf.dk/saml2/idp/SSOService.php',
|
||||
'SingleLogoutService' => 'https://testidp.wayf.dk/saml2/idp/SingleLogoutService.php',
|
||||
'certFingerprint' => '04b3b08bce004c27458b3e85b125273e67ef062b'
|
||||
|
|
|
@ -1,62 +1,27 @@
|
|||
<?php
|
||||
/*
|
||||
* SAML 2.0 Meta data for simpleSAMLphp
|
||||
*
|
||||
* The SAML 2.0 SP Remote config is used by the SAML 2.0 IdP to identify trusted SAML 2.0 SPs.
|
||||
*
|
||||
* Required parameters:
|
||||
* - AssertionConsumerService
|
||||
* - SingleLogoutService
|
||||
*
|
||||
* Optional parameters:
|
||||
*
|
||||
* - simplesaml.attributes (Will you send an attributestatement [true/false])
|
||||
* - NameIDFormat
|
||||
* - ForceAuthn (default: "false")
|
||||
* - simplesaml.nameidattribute (only needed when you are using NameID format email or persistent).
|
||||
*
|
||||
* - 'base64attributes' => false,
|
||||
* - 'simplesaml.attributes' => true,
|
||||
* - 'attributemap' => 'test',
|
||||
* - 'attributes' => array('mail'),
|
||||
* - 'userid.attribute'
|
||||
*
|
||||
* Request signing
|
||||
* When redirect.sign is true the certificate of the IDP
|
||||
* will be used to sign all messages sent with the HTTPRedirect binding.
|
||||
* The certificate from the IDP must be installed in the cert directory
|
||||
* before signing can be done.
|
||||
*
|
||||
* 'redirect.sign' => false,
|
||||
/**
|
||||
* SAML 2.0 remote SP metadata for simpleSAMLphp.
|
||||
*
|
||||
* See: https://rnd.feide.no/content/sp-remote-metadata-reference
|
||||
*/
|
||||
|
||||
$metadata = array(
|
||||
|
||||
/*
|
||||
* Example simpleSAMLphp SAML 2.0 SP
|
||||
*/
|
||||
'https://saml2sp.example.org' => array(
|
||||
'AssertionConsumerService' => 'https://saml2sp.example.org/simplesaml/saml2/sp/AssertionConsumerService.php',
|
||||
'SingleLogoutService' => 'https://saml2sp.example.org/simplesaml/saml2/sp/SingleLogoutService.php'
|
||||
),
|
||||
|
||||
/*
|
||||
* This example shows an example config that works with Google Apps for education.
|
||||
* What is important is that you have an attribute in your IdP that maps to the local part of the email address
|
||||
* at Google Apps. In example, if your google account is foo.com, and you have a user that has an email john@foo.com, then you
|
||||
* must set the simplesaml.nameidattribute to be the name of an attribute that for this user has the value of 'john'.
|
||||
*/
|
||||
'google.com' => array(
|
||||
'AssertionConsumerService' => 'https://www.google.com/a/g.feide.no/acs',
|
||||
'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:email',
|
||||
'simplesaml.nameidattribute' => 'uid',
|
||||
'simplesaml.attributes' => false
|
||||
)
|
||||
|
||||
|
||||
|
||||
/*
|
||||
* Example simpleSAMLphp SAML 2.0 SP
|
||||
*/
|
||||
$metadata['https://saml2sp.example.org'] = array(
|
||||
'AssertionConsumerService' => 'https://saml2sp.example.org/simplesaml/saml2/sp/AssertionConsumerService.php',
|
||||
'SingleLogoutService' => 'https://saml2sp.example.org/simplesaml/saml2/sp/SingleLogoutService.php',
|
||||
);
|
||||
|
||||
|
||||
?>
|
||||
/*
|
||||
* This example shows an example config that works with Google Apps for education.
|
||||
* What is important is that you have an attribute in your IdP that maps to the local part of the email address
|
||||
* at Google Apps. In example, if your google account is foo.com, and you have a user that has an email john@foo.com, then you
|
||||
* must set the simplesaml.nameidattribute to be the name of an attribute that for this user has the value of 'john'.
|
||||
*/
|
||||
$metadata['google.com'] = array(
|
||||
'AssertionConsumerService' => 'https://www.google.com/a/g.feide.no/acs',
|
||||
'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:email',
|
||||
'simplesaml.nameidattribute' => 'uid',
|
||||
'simplesaml.attributes' => FALSE,
|
||||
);
|
||||
|
|
|
@ -1,25 +1,26 @@
|
|||
<?php
|
||||
/*
|
||||
* Shibboleth 1.3 IdP Meta data for simpleSAMLphp
|
||||
*
|
||||
*
|
||||
/**
|
||||
* SAML 1.1 IdP configuration for simpleSAMLphp.
|
||||
*
|
||||
* See: https://rnd.feide.no/content/idp-hosted-metadata-reference
|
||||
*/
|
||||
|
||||
$metadata['__DYNAMIC:1__'] = array(
|
||||
|
||||
$metadata = array(
|
||||
'__DYNAMIC:1__' => array(
|
||||
/*
|
||||
* The hostname of the server (VHOST) that will use this SAML entity.
|
||||
*
|
||||
* Can be '__DEFAULT__', to use this entry by default.
|
||||
*/
|
||||
'host' => '__DEFAULT__',
|
||||
|
||||
'host' => '__DEFAULT__',
|
||||
'audience' => 'urn:mace:feide:shiblab',
|
||||
|
||||
// X.509 key and certificate. Relative to the cert directory.
|
||||
'privatekey' => 'server.pem',
|
||||
'certificate' => 'server.crt',
|
||||
|
||||
// Authentication plugin to use. login.php is the default one that uses LDAP.
|
||||
'auth' => 'auth/login.php'
|
||||
)
|
||||
/* X.509 key and certificate. Relative to the cert directory. */
|
||||
'privatekey' => 'server.pem',
|
||||
'certificate' => 'server.crt',
|
||||
|
||||
/*
|
||||
* Authentication source to use. Must be one that is configured in
|
||||
* 'config/authsources.php'.
|
||||
*/
|
||||
'auth' => 'example-userpass',
|
||||
);
|
||||
|
||||
?>
|
|
@ -1,18 +1,13 @@
|
|||
<?php
|
||||
/**
|
||||
* SAML 2.0 Meta data for simpleSAMLphp
|
||||
*
|
||||
*
|
||||
/**
|
||||
* SAML 1.1 remote IdP metadata for simpleSAMLphp.
|
||||
*
|
||||
* Remember to remove the IdPs you don't use from this file.
|
||||
*
|
||||
* See: https://rnd.feide.no/content/idp-remote-metadata-reference
|
||||
*/
|
||||
|
||||
|
||||
$metadata = array(
|
||||
'theproviderid-of-the-idp' => array(
|
||||
'SingleSignOnService' => 'https://idp.example.org/shibboleth-idp/SSO',
|
||||
'certFingerprint' => 'c7279a9f28f11380509e072441e3dc55fb9ab864'
|
||||
)
|
||||
$metadata['theproviderid-of-the-idp'] = array(
|
||||
'SingleSignOnService' => 'https://idp.example.org/shibboleth-idp/SSO',
|
||||
'certFingerprint' => 'c7279a9f28f11380509e072441e3dc55fb9ab864',
|
||||
);
|
||||
|
||||
?>
|
|
@ -1,18 +1,13 @@
|
|||
<?php
|
||||
/*
|
||||
* SAML 2.0 Meta data for simpleSAMLphp
|
||||
/**
|
||||
* SAML 1.1 SP configuration for simpleSAMLphp.
|
||||
*
|
||||
* See: https://rnd.feide.no/content/sp-hosted-metadata-reference
|
||||
*/
|
||||
|
||||
$metadata = array(
|
||||
|
||||
/*
|
||||
* Example of hosted Shibboleth 1.3 SP.
|
||||
*/
|
||||
'__DYNAMIC:1__' => array(
|
||||
'host' => '__DEFAULT__'
|
||||
)
|
||||
|
||||
/*
|
||||
* Example of hosted Shibboleth 1.3 SP.
|
||||
*/
|
||||
$metadata['__DYNAMIC:1__'] = array(
|
||||
'host' => '__DEFAULT__',
|
||||
);
|
||||
|
||||
?>
|
|
@ -1,36 +1,24 @@
|
|||
<?php
|
||||
/*
|
||||
* Shibboleth 1.3 Meta data for simpleSAMLphp
|
||||
*
|
||||
*
|
||||
*
|
||||
/**
|
||||
* SAML 1.1 remote SP metadata for simpleSAMLphp.
|
||||
*
|
||||
* See: https://rnd.feide.no/content/sp-remote-metadata-reference
|
||||
*/
|
||||
|
||||
|
||||
$metadata = array(
|
||||
|
||||
'https://sp.shiblab.feide.no' => array(
|
||||
'AssertionConsumerService' => 'http://sp.shiblab.feide.no/Shibboleth.sso/SAML/POST',
|
||||
'audience' => 'urn:mace:feide:shiblab',
|
||||
'base64attributes' => false
|
||||
),
|
||||
'urn:geant:edugain:component:be:switchaai-test:central' => array(
|
||||
'AssertionConsumerService' => 'https://edugain-login.switch.ch/ShiBE-R/WebSSOResponseListener',
|
||||
'audience' => 'urn:geant:edugain:component:be:switchaai-test:central',
|
||||
'base64attributes' => false
|
||||
),
|
||||
'urn:geant:edugain:component:be:rediris:rediris.es' => array(
|
||||
'AssertionConsumerService' => 'http://serrano.rediris.es:8080/PAPIWebSSOResponseListener/request',
|
||||
'audience' => 'urn:geant:edugain:component:be:rediris:rediris.es',
|
||||
'base64attributes' => false
|
||||
),
|
||||
'https://skjak.uninett.no/shibboleth/target' => array(
|
||||
'AssertionConsumerService' => 'https://skjak.uninett.no/Shibboleth.shire',
|
||||
'audience' => 'https://skjak.uninett.no/shibboleth/target',
|
||||
'base64attributes' => false
|
||||
)
|
||||
|
||||
$metadata['https://sp.shiblab.feide.no'] = array(
|
||||
'AssertionConsumerService' => 'http://sp.shiblab.feide.no/Shibboleth.sso/SAML/POST',
|
||||
'audience' => 'urn:mace:feide:shiblab',
|
||||
'base64attributes' => FALSE,
|
||||
);
|
||||
|
||||
?>
|
||||
$metadata['urn:geant:edugain:component:be:switchaai-test:central'] = array(
|
||||
'AssertionConsumerService' => 'https://edugain-login.switch.ch/ShiBE-R/WebSSOResponseListener',
|
||||
'audience' => 'urn:geant:edugain:component:be:switchaai-test:central',
|
||||
'base64attributes' => FALSE,
|
||||
);
|
||||
|
||||
$metadata['urn:geant:edugain:component:be:rediris:rediris.es'] = array(
|
||||
'AssertionConsumerService' => 'http://serrano.rediris.es:8080/PAPIWebSSOResponseListener/request',
|
||||
'audience' => 'urn:geant:edugain:component:be:rediris:rediris.es',
|
||||
'base64attributes' => FALSE,
|
||||
);
|
||||
|
|
|
@ -1,11 +1,9 @@
|
|||
<?php
|
||||
/**
|
||||
* WS-Federation remote IdP metadata for simpleSAMLphp.
|
||||
*/
|
||||
|
||||
$metadata = array(
|
||||
|
||||
'urn:federation:pingfederate:localhost' => array(
|
||||
'prp' => 'https://localhost:9031/idp/prp.wsf',
|
||||
'certificate' => 'pingfed-localhost.pem',
|
||||
),
|
||||
$metadata['urn:federation:pingfederate:localhost'] = array(
|
||||
'prp' => 'https://localhost:9031/idp/prp.wsf',
|
||||
'certificate' => 'pingfed-localhost.pem',
|
||||
);
|
||||
|
||||
?>
|
||||
|
|
|
@ -1,20 +1,11 @@
|
|||
<?php
|
||||
/*
|
||||
* WS-Federation Meta data for simpleSAMLphp
|
||||
*
|
||||
* The WS-Federation SP Hosted config is used by the WS-Federation SP to identify itself.
|
||||
/**
|
||||
* WS-Federation SP configuration for simpleSAMLphp.
|
||||
*
|
||||
* Required fields:
|
||||
* - host
|
||||
*/
|
||||
|
||||
$metadata = array(
|
||||
/*
|
||||
* Example of a hosted SP
|
||||
*/
|
||||
'__DYNAMIC:1__' => array(
|
||||
'host' => '__DEFAULT__'
|
||||
)
|
||||
$metadata['__DYNAMIC:1__'] = array(
|
||||
'host' => '__DEFAULT__',
|
||||
);
|
||||
|
||||
?>
|
||||
|
|
Reference in New Issue