Metadata SAML 2.0 IdP

Berikut ini adalah SimpleSAMLphp metadata yang telah digenerate untuk Anda. Anda dapat mengirim dokumen metadata ini kepada rekan yang dipercayai untuk mensetup federasi terpercaya.

Anda dapat mendapatkan xml metadata pada URL tersendiri:

https://googleidp.sanren.ac.za/simplesaml/saml2/idp/metadata.php

Metadata

Dalam format XML Metadata SAML 2.0

<?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://googleidp.sanren.ac.za/simplesaml/saml2/idp/metadata.php">
  <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    <md:Extensions>
      <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">sanren.ac.za</shibmd:Scope>
      <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">csir.co.za</shibmd:Scope>
      <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
        <mdui:DisplayName xml:lang="en">SANReN Competency Area</mdui:DisplayName>
        <mdui:Description xml:lang="en">To authenticate SANReN Competency Area staff</mdui:Description>
        <mdui:InformationURL xml:lang="en">http://www.sanren.ac.za</mdui:InformationURL>
      </mdui:UIInfo>
      <mdui:DiscoHints xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
        <mdui:IPHint>146.64.0.0/16</mdui:IPHint>
        <mdui:DomainHint>sanren.ac.za</mdui:DomainHint>
        <mdui:DomainHint>csir.co.za</mdui:DomainHint>
        <mdui:GeolocationHint>geo:-25.755799,28.2749455;u=50</mdui:GeolocationHint>
      </mdui:DiscoHints>
    </md:Extensions>
    <md:KeyDescriptor use="signing">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
          <ds:X509Certificate>MIIDBDCCAewCCQCSnXYfQItNdjANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJaQTEUMBIGA1UECgwLQ1NJUiBTQU5SZU4xHzAdBgNVBAMMFmdvb2dsZWlkcC5zYW5yZW4uYWMuemEwHhcNMTgwNjE0MDY0ODQ1WhcNMjgwNjEzMDY0ODQ1WjBEMQswCQYDVQQGEwJaQTEUMBIGA1UECgwLQ1NJUiBTQU5SZU4xHzAdBgNVBAMMFmdvb2dsZWlkcC5zYW5yZW4uYWMuemEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEOMgXJN5C+cYpsTialdRL52x6bqkWp4TJaTT3fyYJE1AzpkmDyXV/Np939oVDifi+gs3iRg/RzFYvljuI7yUabwYY0WeoktVj9Di3H4B96k/a7VYj9dS/3YbV8VE9DPRixGzqKv3G1/lAF+uxd85yPl0Mutn0+0FEGiKeGR/o3Dy3RPSfWOvMvc2GhcAEW83LLDPDUppIZrHI6GryqoLvKVcuXs4+CLP5+qc81FNlJSj65X8P1yyGyV9lwuxraSXe2HFOgyAN4ZrS2MTQmi9Ttb8q3Wqstq02Ugx1ZwXfXSEAFnaEaUf9l6EOC4vmTCtlEr0+SGVFscFKN/AMbEqNAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAJC3P44IodWKHwt2uPmSS33cA8rbTQR9L+j69TbvJ0lvjJ6utbdXCVysnMnRYsY68cl9kGK0a+Yxf3FqekH5V5mUcuQCgQIFxfqDX8udu/BzoFJ8XJWWZ/RYYY/FOeE8Y8y9hz9bS2MXhzgV7fsZfDPRfzrAxzokD3TNOTrIpeNxA9ccJoguHMnp1k/KWlv0Ij4IjHDGKIG4NZcLWW/CUNdYu5WHzpzgj0Y+gOaVZsofhMakpLuYWwQhioH9jW5SF+1jHIWPSfxd8PWLYiq5pOKGO8CHhq6C07fPS6ngkiyQiXI5pdUqMxUUd86GmVuJ3fUk/+PW0InXcsl7eaUlLbY=</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:KeyDescriptor use="encryption">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
          <ds:X509Certificate>MIIDBDCCAewCCQCSnXYfQItNdjANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJaQTEUMBIGA1UECgwLQ1NJUiBTQU5SZU4xHzAdBgNVBAMMFmdvb2dsZWlkcC5zYW5yZW4uYWMuemEwHhcNMTgwNjE0MDY0ODQ1WhcNMjgwNjEzMDY0ODQ1WjBEMQswCQYDVQQGEwJaQTEUMBIGA1UECgwLQ1NJUiBTQU5SZU4xHzAdBgNVBAMMFmdvb2dsZWlkcC5zYW5yZW4uYWMuemEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEOMgXJN5C+cYpsTialdRL52x6bqkWp4TJaTT3fyYJE1AzpkmDyXV/Np939oVDifi+gs3iRg/RzFYvljuI7yUabwYY0WeoktVj9Di3H4B96k/a7VYj9dS/3YbV8VE9DPRixGzqKv3G1/lAF+uxd85yPl0Mutn0+0FEGiKeGR/o3Dy3RPSfWOvMvc2GhcAEW83LLDPDUppIZrHI6GryqoLvKVcuXs4+CLP5+qc81FNlJSj65X8P1yyGyV9lwuxraSXe2HFOgyAN4ZrS2MTQmi9Ttb8q3Wqstq02Ugx1ZwXfXSEAFnaEaUf9l6EOC4vmTCtlEr0+SGVFscFKN/AMbEqNAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAJC3P44IodWKHwt2uPmSS33cA8rbTQR9L+j69TbvJ0lvjJ6utbdXCVysnMnRYsY68cl9kGK0a+Yxf3FqekH5V5mUcuQCgQIFxfqDX8udu/BzoFJ8XJWWZ/RYYY/FOeE8Y8y9hz9bS2MXhzgV7fsZfDPRfzrAxzokD3TNOTrIpeNxA9ccJoguHMnp1k/KWlv0Ij4IjHDGKIG4NZcLWW/CUNdYu5WHzpzgj0Y+gOaVZsofhMakpLuYWwQhioH9jW5SF+1jHIWPSfxd8PWLYiq5pOKGO8CHhq6C07fPS6ngkiyQiXI5pdUqMxUUd86GmVuJ3fUk/+PW0InXcsl7eaUlLbY=</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://googleidp.sanren.ac.za/simplesaml/saml2/idp/SingleLogoutService.php"/>
    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
    <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://googleidp.sanren.ac.za/simplesaml/saml2/idp/SSOService.php"/>
  </md:IDPSSODescriptor>
  <md:Organization>
    <md:OrganizationName xml:lang="en">Council for Scientific and Industrial Research</md:OrganizationName>
    <md:OrganizationName xml:lang="af">Wetenskaplike en Nywerheidnavorsingsraad</md:OrganizationName>
    <md:OrganizationDisplayName xml:lang="en">SANReN Competency Area</md:OrganizationDisplayName>
    <md:OrganizationURL xml:lang="en">http://www.sanren.ac.za/</md:OrganizationURL>
  </md:Organization>
  <md:ContactPerson contactType="support">
    <md:GivenName>SANReN Sysadmins</md:GivenName>
    <md:EmailAddress>mailto:sysadmin@sanren.ac.za</md:EmailAddress>
    <md:TelephoneNumber>+27.12.841.2308</md:TelephoneNumber>
  </md:ContactPerson>
  <md:ContactPerson contactType="technical">
    <md:GivenName>SANReN Sysadmin Support</md:GivenName>
    <md:EmailAddress>mailto:sysadmin@sanren.ac.za</md:EmailAddress>
    <md:TelephoneNumber>+27.12.841.2308</md:TelephoneNumber>
  </md:ContactPerson>
  <md:ContactPerson contactType="other" xmlns:remd="http://refeds.org/metadata" remd:contactType="http://refeds.org/metadata/contactType/security">
    <md:GivenName>SANReN CSIRT</md:GivenName>
    <md:EmailAddress>mailto:csirt@sanren.ac.za</md:EmailAddress>
    <md:TelephoneNumber>+27.12.841.4111</md:TelephoneNumber>
  </md:ContactPerson>
  <md:ContactPerson contactType="technical">
    <md:GivenName>Administrators</md:GivenName>
    <md:EmailAddress>mailto:sysadmin@sanren.ac.za</md:EmailAddress>
  </md:ContactPerson>
</md:EntityDescriptor>

Dalam format file biasa SimpleSAMLphp - gunakan ini jika Anda menggunakan entiti SimpleSAMLphp pada sisi lain:

$metadata['https://googleidp.sanren.ac.za/simplesaml/saml2/idp/metadata.php'] = [
    'metadata-set' => 'saml20-idp-remote',
    'entityid' => 'https://googleidp.sanren.ac.za/simplesaml/saml2/idp/metadata.php',
    'SingleSignOnService' => [
        [
            'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
            'Location' => 'https://googleidp.sanren.ac.za/simplesaml/saml2/idp/SSOService.php',
        ],
    ],
    'SingleLogoutService' => [
        [
            'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
            'Location' => 'https://googleidp.sanren.ac.za/simplesaml/saml2/idp/SingleLogoutService.php',
        ],
    ],
    'certData' => 'MIIDBDCCAewCCQCSnXYfQItNdjANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJaQTEUMBIGA1UECgwLQ1NJUiBTQU5SZU4xHzAdBgNVBAMMFmdvb2dsZWlkcC5zYW5yZW4uYWMuemEwHhcNMTgwNjE0MDY0ODQ1WhcNMjgwNjEzMDY0ODQ1WjBEMQswCQYDVQQGEwJaQTEUMBIGA1UECgwLQ1NJUiBTQU5SZU4xHzAdBgNVBAMMFmdvb2dsZWlkcC5zYW5yZW4uYWMuemEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEOMgXJN5C+cYpsTialdRL52x6bqkWp4TJaTT3fyYJE1AzpkmDyXV/Np939oVDifi+gs3iRg/RzFYvljuI7yUabwYY0WeoktVj9Di3H4B96k/a7VYj9dS/3YbV8VE9DPRixGzqKv3G1/lAF+uxd85yPl0Mutn0+0FEGiKeGR/o3Dy3RPSfWOvMvc2GhcAEW83LLDPDUppIZrHI6GryqoLvKVcuXs4+CLP5+qc81FNlJSj65X8P1yyGyV9lwuxraSXe2HFOgyAN4ZrS2MTQmi9Ttb8q3Wqstq02Ugx1ZwXfXSEAFnaEaUf9l6EOC4vmTCtlEr0+SGVFscFKN/AMbEqNAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAJC3P44IodWKHwt2uPmSS33cA8rbTQR9L+j69TbvJ0lvjJ6utbdXCVysnMnRYsY68cl9kGK0a+Yxf3FqekH5V5mUcuQCgQIFxfqDX8udu/BzoFJ8XJWWZ/RYYY/FOeE8Y8y9hz9bS2MXhzgV7fsZfDPRfzrAxzokD3TNOTrIpeNxA9ccJoguHMnp1k/KWlv0Ij4IjHDGKIG4NZcLWW/CUNdYu5WHzpzgj0Y+gOaVZsofhMakpLuYWwQhioH9jW5SF+1jHIWPSfxd8PWLYiq5pOKGO8CHhq6C07fPS6ngkiyQiXI5pdUqMxUUd86GmVuJ3fUk/+PW0InXcsl7eaUlLbY=',
    'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
    'OrganizationName' => [
        'en' => 'Council for Scientific and Industrial Research',
        'af' => 'Wetenskaplike en Nywerheidnavorsingsraad',
    ],
    'OrganizationDisplayName' => [
        'en' => 'SANReN Competency Area',
    ],
    'OrganizationURL' => [
        'en' => 'http://www.sanren.ac.za/',
    ],
    'scope' => [
        'sanren.ac.za',
        'csir.co.za',
    ],
    'UIInfo' => [
        'DisplayName' => [
            'en' => 'SANReN Competency Area',
        ],
        'Description' => [
            'en' => 'To authenticate SANReN Competency Area staff',
        ],
        'InformationURL' => [
            'en' => 'http://www.sanren.ac.za',
        ],
    ],
    'DiscoHints' => [
        'IPHint' => [
            '146.64.0.0/16',
        ],
        'DomainHint' => [
            'sanren.ac.za',
            'csir.co.za',
        ],
        'GeolocationHint' => [
            'geo:-25.755799,28.2749455;u=50',
        ],
    ],
    'contacts' => [
        [
            'contactType' => 'support',
            'emailAddress' => 'mailto:sysadmin@sanren.ac.za',
            'givenName' => 'SANReN Sysadmins',
            'telephoneNumber' => '+27.12.841.2308',
        ],
        [
            'contactType' => 'technical',
            'emailAddress' => 'mailto:sysadmin@sanren.ac.za',
            'givenName' => 'SANReN Sysadmin Support',
            'telephoneNumber' => '+27.12.841.2308',
        ],
        [
            'contactType' => 'other',
            'emailAddress' => 'mailto:csirt@sanren.ac.za',
            'givenName' => 'SANReN CSIRT',
            'telephoneNumber' => '+27.12.841.4111',
            'attributes' => [
                'xmlns:remd' => 'http://refeds.org/metadata',
                'remd:contactType' => 'http://refeds.org/metadata/contactType/security',
            ],
        ],
        [
            'emailAddress' => 'sysadmin@sanren.ac.za',
            'contactType' => 'technical',
            'givenName' => 'Administrators',
        ],
    ],
];

Sertifikat

Download sertifikat X509 sebagai file dikodekan-PEM.

idp.crt