Refeds


Subject Request for test connection to various SAML SP software
From Andreas Åkre Solberg <andreas.solberg@xxxxxxxxxx>
Date Fri, 2 Jul 2010 11:35:36 +0200

Hi, I'm working on automated testing of SAML 2.0 SP implementations and deployments. It's by all means work in progress, and I'll provide some more information as well as put up a public service, as soon as the work is more complete.

For now check out the teaser video:

	https://rnd.feide.no/content/federation-lab-automated-saml-20-sp-compliance-testing

(ignore the text of the tests, some will be removed, some will be changed, and a bunch will be added)

What I am asking for is people that have configured various test SPs, to add metadata for my developer version of the test-tool - it will make it easier for me to work on the test-tool. Right now, I got SimpleSAMLphp SP, Shibboleth SP, mod_mellon and Ping Identity SP connected. I'm kindly asking those of you that have test installations of other implementations; in example such as:
- Sun OpenSSO
- Novell Access Manager
- Rolands python SP
- zxid
- lasso based stuff
- other...

What you should do is the following:

1) Add the metadata below to your SP trust store
2) Send me metadata of your SP
3) Send me a WAYFless URL that will initiate authn, and afterwards dump attributes, in particular content of edupersonprincipalname (using oid naming).

Thanks in advance.

< ?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; entityID="http://fedlab.bridge.feide.no/simplesaml/module.php/fedlab";>
  <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    <md:KeyDescriptor use="signing">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
        <ds:X509Data>
          <ds:X509Certificate>MIIDUjCCArugAwIBAgIJAKUTNWcdpKB/MA0GCSqGSIb3DQEBBQUAMHoxCzAJBgNVBAYTAk5PMRIwEAYDVQQIEwlUcm9uZGhlaW0xEjAQBgNVBAcTCVRyb25kaGVpbTEQMA4GA1UEChMHVU5JTkVUVDEQMA4GA1UECxMHVU5JTkVUVDEfMB0GA1UEAxMWZmVkbGFiLmJyaWRnZS5mZWlkZS5ubzAeFw0xMDA2MjkxMzE0NThaFw0yMDA2MjgxMzE0NThaMHoxCzAJBgNVBAYTAk5PMRIwEAYDVQQIEwlUcm9uZGhlaW0xEjAQBgNVBAcTCVRyb25kaGVpbTEQMA4GA1UEChMHVU5JTkVUVDEQMA4GA1UECxMHVU5JTkVUVDEfMB0GA1UEAxMWZmVkbGFiLmJyaWRnZS5mZWlkZS5ubzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2D19iQV2KFG1+dz/ORZlIPnEK/EzbVDba6VBvAREmmbl89+Lint7xGcBQCi+vnyg30JCjWS/4OymGGS7i9OweHwLhihFf2lTxE9yIqdVZvX0pbgE5m+ZToHov+OO0PBP/HfYOhpXZQasN1kbWAGNDR0+fX0VqWmBpubU/hZbBdkCAwEAAaOB3zCB3DAdBgNVHQ4EFgQUslvHcZRsJm0QawJd3e6JGgz9V64wgawGA1UdIwSBpDCBoYAUslvHcZRsJm0QawJd3e6JGgz9V66hfqR8MHoxCzAJBgNVBAYTAk5PMRIwEAYDVQQIEwlUcm9uZGhlaW0xEjAQBgNVBAcTCVRyb25kaGVpbTEQMA4GA1UEChMHVU5JTkVUVDEQMA4GA1UECxMHVU5JTkVUVDEfMB0GA1UEAxMWZmVkbGFiLmJyaWRnZS5mZWlkZS5ub4IJAKUTNWcdpKB/MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAL6R6W7ZiCZAtIDCAKz0+LMmlB+CFohqsQauD2q1BmRbpGhW9r5HJUq992UR2yrxvCb1mqLo+WbLizwXN/KnQZHa+tOu7NdQA0SgpVLWQtIPiEzShDMJZuKn9xifjHI+mtMK7S7/sI8kkapgzIij69vbbdS82os0CgChFoYpC8Ak=</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:KeyDescriptor use="encryption">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
        <ds:X509Data>
          <ds:X509Certificate>MIIDUjCCArugAwIBAgIJAKUTNWcdpKB/MA0GCSqGSIb3DQEBBQUAMHoxCzAJBgNVBAYTAk5PMRIwEAYDVQQIEwlUcm9uZGhlaW0xEjAQBgNVBAcTCVRyb25kaGVpbTEQMA4GA1UEChMHVU5JTkVUVDEQMA4GA1UECxMHVU5JTkVUVDEfMB0GA1UEAxMWZmVkbGFiLmJyaWRnZS5mZWlkZS5ubzAeFw0xMDA2MjkxMzE0NThaFw0yMDA2MjgxMzE0NThaMHoxCzAJBgNVBAYTAk5PMRIwEAYDVQQIEwlUcm9uZGhlaW0xEjAQBgNVBAcTCVRyb25kaGVpbTEQMA4GA1UEChMHVU5JTkVUVDEQMA4GA1UECxMHVU5JTkVUVDEfMB0GA1UEAxMWZmVkbGFiLmJyaWRnZS5mZWlkZS5ubzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2D19iQV2KFG1+dz/ORZlIPnEK/EzbVDba6VBvAREmmbl89+Lint7xGcBQCi+vnyg30JCjWS/4OymGGS7i9OweHwLhihFf2lTxE9yIqdVZvX0pbgE5m+ZToHov+OO0PBP/HfYOhpXZQasN1kbWAGNDR0+fX0VqWmBpubU/hZbBdkCAwEAAaOB3zCB3DAdBgNVHQ4EFgQUslvHcZRsJm0QawJd3e6JGgz9V64wgawGA1UdIwSBpDCBoYAUslvHcZRsJm0QawJd3e6JGgz9V66hfqR8MHoxCzAJBgNVBAYTAk5PMRIwEAYDVQQIEwlUcm9uZGhlaW0xEjAQBgNVBAcTCVRyb25kaGVpbTEQMA4GA1UEChMHVU5JTkVUVDEQMA4GA1UECxMHVU5JTkVUVDEfMB0GA1UEAxMWZmVkbGFiLmJyaWRnZS5mZWlkZS5ub4IJAKUTNWcdpKB/MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAL6R6W7ZiCZAtIDCAKz0+LMmlB+CFohqsQauD2q1BmRbpGhW9r5HJUq992UR2yrxvCb1mqLo+WbLizwXN/KnQZHa+tOu7NdQA0SgpVLWQtIPiEzShDMJZuKn9xifjHI+mtMK7S7/sI8kkapgzIij69vbbdS82os0CgChFoYpC8Ak=</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://fedlab.bridge.feide.no/simplesaml/module.php/fedlab/idp.php"/>
  </md:IDPSSODescriptor>
  <md:ContactPerson contactType="technical">
    <md:SurName>Administrator</md:SurName>
    <md:EmailAddress>na@xxxxxxxxxxx</md:EmailAddress>
  </md:ContactPerson>
</md:EntityDescriptor>

Attachment: smime.p7s
Description: S/MIME cryptographic signature