SAML 2.0 IdP Metadata
Here is the metadata that SimpleSAMLphp has generated for you. You may send this metadata document to trusted partners to setup a trusted federation.
You can get the metadata xml on a dedicated URL:
https://login.ktu.lt/simplesaml/saml2/idp/metadata.php
Metadata
In SAML 2.0 Metadata XML format:
<?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://login.ktu.lt/simplesaml/saml2/idp/metadata.php">
<md:Extensions>
<mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
<saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://macedir.org/entity-category-support" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">http://refeds.org/category/research-and-scholarship</saml:AttributeValue>
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">http://www.geant.net/uri/dataprotection-code-of-conduct/v1</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">https://refeds.org/sirtfi</saml:AttributeValue>
</saml:Attribute>
</mdattr:EntityAttributes>
<mdrpi:RegistrationInfo xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" registrationAuthority="https://fedi.litnet.lt" registrationInstant="2014-05-01T11:00:03Z">
<mdrpi:RegistrationPolicy xml:lang="en">https://fedi.litnet.lt/en</mdrpi:RegistrationPolicy>
<mdrpi:RegistrationPolicy xml:lang="lt">https://fedi.litnet.lt/lt</mdrpi:RegistrationPolicy>
</mdrpi:RegistrationInfo>
</md:Extensions>
<md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:Extensions>
<shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ktu.lt</shibmd:Scope>
</md:Extensions>
<md:KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>MIIElTCCA32gAwIBAgIJALYznSATuns+MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJMVDEPMA0GA1UECBMGS2F1bmFzMQ8wDQYDVQQHEwZLYXVuYXMxKjAoBgNVBAoTIUthdW5vIHRlY2hub2xvZ2lqb3MgdW5pdmVyc2l0ZXRhczEVMBMGA1UEAxMMbG9naW4ua3R1Lmx0MRkwFwYJKoZIhvcNAQkBFgpzc29Aa3R1Lmx0MB4XDTE0MDgwNDEzMDY0MFoXDTI0MDgwMzEzMDY0MFowgY0xCzAJBgNVBAYTAkxUMQ8wDQYDVQQIEwZLYXVuYXMxDzANBgNVBAcTBkthdW5hczEqMCgGA1UEChMhS2F1bm8gdGVjaG5vbG9naWpvcyB1bml2ZXJzaXRldGFzMRUwEwYDVQQDEwxsb2dpbi5rdHUubHQxGTAXBgkqhkiG9w0BCQEWCnNzb0BrdHUubHQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr3YT9UZdS87hoUW2O+nElhco6e1mSJnCVfDXliqaOAv421+khPEqJuKeL1pCeDNHpSlcbVlmdNiwb3SZGUxaXoenTFxaqCZPV09Ggny5f9YBkEzaDOJpB3yGfvbhyrmoRM6zeziATUJiHcns395XuJwd2nwbkNGwY4u4BO7ennVZeQR2r9GOyL+yz3Kly+q8YhIEw0DBXYoPXKhfHBr+otszV9CRXCgnDgVQ7lqqMbxJiK/n7skd1WLRjxxIuTBh3UfTSKmmy3RqwA/NlUYl5Uh42GFE/D0UlKYwzNoBjsV7QXkkmMf8vUiy/x7Tj6PM4zsg716AOafJCPESSuKQJAgMBAAGjgfUwgfIwHQYDVR0OBBYEFMCp68JzkZdFKWHkjPn0XTCo98WhMIHCBgNVHSMEgbowgbeAFMCp68JzkZdFKWHkjPn0XTCo98WhoYGTpIGQMIGNMQswCQYDVQQGEwJMVDEPMA0GA1UECBMGS2F1bmFzMQ8wDQYDVQQHEwZLYXVuYXMxKjAoBgNVBAoTIUthdW5vIHRlY2hub2xvZ2lqb3MgdW5pdmVyc2l0ZXRhczEVMBMGA1UEAxMMbG9naW4ua3R1Lmx0MRkwFwYJKoZIhvcNAQkBFgpzc29Aa3R1Lmx0ggkAtjOdIBO6ez4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAdpZ936wIu3ArrlB0/+RL5FreCZnnXhvxSOGWUZzrzq143BXnClnd/i9oZMMz5C4apRk6f7USWQZFeYrzSb8dpSjgJUYXPcCT5REf+u2aMOoPtmwGGg+zkQKY18WZYC3BW4LPwzNocH3YYBhPrxTkKX/d+xjGM9/b0yOCwdJjj0BlwXq5unq0LIK49aSIyuHwA23d+drva9TON936JL4SEqchA2hbnws1elOJNIiykHUJfKqYy/dY9rqRSx+Hf8gsa2TNLU3sl57neVdLF6p6w/3g4mjB111B4U382kXULKO7Y+J1uffkJ71sGBdRWsvH09i0ReJWzbWxAtF2jtzfkw==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:KeyDescriptor use="encryption">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>MIIElTCCA32gAwIBAgIJALYznSATuns+MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJMVDEPMA0GA1UECBMGS2F1bmFzMQ8wDQYDVQQHEwZLYXVuYXMxKjAoBgNVBAoTIUthdW5vIHRlY2hub2xvZ2lqb3MgdW5pdmVyc2l0ZXRhczEVMBMGA1UEAxMMbG9naW4ua3R1Lmx0MRkwFwYJKoZIhvcNAQkBFgpzc29Aa3R1Lmx0MB4XDTE0MDgwNDEzMDY0MFoXDTI0MDgwMzEzMDY0MFowgY0xCzAJBgNVBAYTAkxUMQ8wDQYDVQQIEwZLYXVuYXMxDzANBgNVBAcTBkthdW5hczEqMCgGA1UEChMhS2F1bm8gdGVjaG5vbG9naWpvcyB1bml2ZXJzaXRldGFzMRUwEwYDVQQDEwxsb2dpbi5rdHUubHQxGTAXBgkqhkiG9w0BCQEWCnNzb0BrdHUubHQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr3YT9UZdS87hoUW2O+nElhco6e1mSJnCVfDXliqaOAv421+khPEqJuKeL1pCeDNHpSlcbVlmdNiwb3SZGUxaXoenTFxaqCZPV09Ggny5f9YBkEzaDOJpB3yGfvbhyrmoRM6zeziATUJiHcns395XuJwd2nwbkNGwY4u4BO7ennVZeQR2r9GOyL+yz3Kly+q8YhIEw0DBXYoPXKhfHBr+otszV9CRXCgnDgVQ7lqqMbxJiK/n7skd1WLRjxxIuTBh3UfTSKmmy3RqwA/NlUYl5Uh42GFE/D0UlKYwzNoBjsV7QXkkmMf8vUiy/x7Tj6PM4zsg716AOafJCPESSuKQJAgMBAAGjgfUwgfIwHQYDVR0OBBYEFMCp68JzkZdFKWHkjPn0XTCo98WhMIHCBgNVHSMEgbowgbeAFMCp68JzkZdFKWHkjPn0XTCo98WhoYGTpIGQMIGNMQswCQYDVQQGEwJMVDEPMA0GA1UECBMGS2F1bmFzMQ8wDQYDVQQHEwZLYXVuYXMxKjAoBgNVBAoTIUthdW5vIHRlY2hub2xvZ2lqb3MgdW5pdmVyc2l0ZXRhczEVMBMGA1UEAxMMbG9naW4ua3R1Lmx0MRkwFwYJKoZIhvcNAQkBFgpzc29Aa3R1Lmx0ggkAtjOdIBO6ez4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAdpZ936wIu3ArrlB0/+RL5FreCZnnXhvxSOGWUZzrzq143BXnClnd/i9oZMMz5C4apRk6f7USWQZFeYrzSb8dpSjgJUYXPcCT5REf+u2aMOoPtmwGGg+zkQKY18WZYC3BW4LPwzNocH3YYBhPrxTkKX/d+xjGM9/b0yOCwdJjj0BlwXq5unq0LIK49aSIyuHwA23d+drva9TON936JL4SEqchA2hbnws1elOJNIiykHUJfKqYy/dY9rqRSx+Hf8gsa2TNLU3sl57neVdLF6p6w/3g4mjB111B4U382kXULKO7Y+J1uffkJ71sGBdRWsvH09i0ReJWzbWxAtF2jtzfkw==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.ktu.lt/simplesaml/saml2/idp/SingleLogoutService.php"/>
<md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
<md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.ktu.lt/simplesaml/saml2/idp/SSOService.php"/>
<md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.ktu.lt/simplesaml/saml2/idp/SSOService.php"/>
</md:IDPSSODescriptor>
<md:Organization>
<md:OrganizationName xml:lang="en">Kaunas University of Technology</md:OrganizationName>
<md:OrganizationName xml:lang="lt">Kauno technologijos universitetas</md:OrganizationName>
<md:OrganizationDisplayName xml:lang="en">Kaunas University of Technology</md:OrganizationDisplayName>
<md:OrganizationDisplayName xml:lang="lt">Kauno technologijos universitetas</md:OrganizationDisplayName>
<md:OrganizationURL xml:lang="en">https://ktu.edu</md:OrganizationURL>
<md:OrganizationURL xml:lang="lt">https://en.ktu.edu/</md:OrganizationURL>
</md:Organization>
<md:ContactPerson contactType="other" xmlns:remd="http://refeds.org/metadata" remd:contactType="http://refeds.org/metadata/contactType/security">
<md:GivenName>Litnet</md:GivenName>
<md:SurName>CERT</md:SurName>
<md:EmailAddress>mailto:cert@litnet.lt</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson contactType="technical">
<md:GivenName>KTU</md:GivenName>
<md:SurName>SSO</md:SurName>
<md:EmailAddress>sso@ktu.lt</md:EmailAddress>
</md:ContactPerson>
</md:EntityDescriptor>
In SimpleSAMLphp flat file format - use this if you are using a SimpleSAMLphp entity on the other side:
$metadata['https://login.ktu.lt/simplesaml/saml2/idp/metadata.php'] = array (
'metadata-set' => 'saml20-idp-remote',
'entityid' => 'https://login.ktu.lt/simplesaml/saml2/idp/metadata.php',
'SingleSignOnService' =>
array (
0 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
'Location' => 'https://login.ktu.lt/simplesaml/saml2/idp/SSOService.php',
),
1 =>
array (
'index' => 0,
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP',
'Location' => 'https://login.ktu.lt/simplesaml/saml2/idp/SSOService.php',
),
),
'SingleLogoutService' =>
array (
0 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
'Location' => 'https://login.ktu.lt/simplesaml/saml2/idp/SingleLogoutService.php',
),
),
'certData' => 'MIIElTCCA32gAwIBAgIJALYznSATuns+MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJMVDEPMA0GA1UECBMGS2F1bmFzMQ8wDQYDVQQHEwZLYXVuYXMxKjAoBgNVBAoTIUthdW5vIHRlY2hub2xvZ2lqb3MgdW5pdmVyc2l0ZXRhczEVMBMGA1UEAxMMbG9naW4ua3R1Lmx0MRkwFwYJKoZIhvcNAQkBFgpzc29Aa3R1Lmx0MB4XDTE0MDgwNDEzMDY0MFoXDTI0MDgwMzEzMDY0MFowgY0xCzAJBgNVBAYTAkxUMQ8wDQYDVQQIEwZLYXVuYXMxDzANBgNVBAcTBkthdW5hczEqMCgGA1UEChMhS2F1bm8gdGVjaG5vbG9naWpvcyB1bml2ZXJzaXRldGFzMRUwEwYDVQQDEwxsb2dpbi5rdHUubHQxGTAXBgkqhkiG9w0BCQEWCnNzb0BrdHUubHQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr3YT9UZdS87hoUW2O+nElhco6e1mSJnCVfDXliqaOAv421+khPEqJuKeL1pCeDNHpSlcbVlmdNiwb3SZGUxaXoenTFxaqCZPV09Ggny5f9YBkEzaDOJpB3yGfvbhyrmoRM6zeziATUJiHcns395XuJwd2nwbkNGwY4u4BO7ennVZeQR2r9GOyL+yz3Kly+q8YhIEw0DBXYoPXKhfHBr+otszV9CRXCgnDgVQ7lqqMbxJiK/n7skd1WLRjxxIuTBh3UfTSKmmy3RqwA/NlUYl5Uh42GFE/D0UlKYwzNoBjsV7QXkkmMf8vUiy/x7Tj6PM4zsg716AOafJCPESSuKQJAgMBAAGjgfUwgfIwHQYDVR0OBBYEFMCp68JzkZdFKWHkjPn0XTCo98WhMIHCBgNVHSMEgbowgbeAFMCp68JzkZdFKWHkjPn0XTCo98WhoYGTpIGQMIGNMQswCQYDVQQGEwJMVDEPMA0GA1UECBMGS2F1bmFzMQ8wDQYDVQQHEwZLYXVuYXMxKjAoBgNVBAoTIUthdW5vIHRlY2hub2xvZ2lqb3MgdW5pdmVyc2l0ZXRhczEVMBMGA1UEAxMMbG9naW4ua3R1Lmx0MRkwFwYJKoZIhvcNAQkBFgpzc29Aa3R1Lmx0ggkAtjOdIBO6ez4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAdpZ936wIu3ArrlB0/+RL5FreCZnnXhvxSOGWUZzrzq143BXnClnd/i9oZMMz5C4apRk6f7USWQZFeYrzSb8dpSjgJUYXPcCT5REf+u2aMOoPtmwGGg+zkQKY18WZYC3BW4LPwzNocH3YYBhPrxTkKX/d+xjGM9/b0yOCwdJjj0BlwXq5unq0LIK49aSIyuHwA23d+drva9TON936JL4SEqchA2hbnws1elOJNIiykHUJfKqYy/dY9rqRSx+Hf8gsa2TNLU3sl57neVdLF6p6w/3g4mjB111B4U382kXULKO7Y+J1uffkJ71sGBdRWsvH09i0ReJWzbWxAtF2jtzfkw==',
'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
'OrganizationName' =>
array (
'en' => 'Kaunas University of Technology',
'lt' => 'Kauno technologijos universitetas',
),
'OrganizationDisplayName' =>
array (
'en' => 'Kaunas University of Technology',
'lt' => 'Kauno technologijos universitetas',
),
'OrganizationURL' =>
array (
'en' => 'https://ktu.edu',
'lt' => 'https://en.ktu.edu/',
),
'scope' =>
array (
0 => 'ktu.lt',
),
'EntityAttributes' =>
array (
'http://macedir.org/entity-category-support' =>
array (
0 => 'http://refeds.org/category/research-and-scholarship',
1 => 'http://www.geant.net/uri/dataprotection-code-of-conduct/v1',
),
'urn:oasis:names:tc:SAML:attribute:assurance-certification' =>
array (
0 => 'https://refeds.org/sirtfi',
),
),
'UIInfo' =>
array (
'DisplayName' =>
array (
'en' => 'Kaunas University of Technology',
'lt' => 'Kauno technologijos universitetas',
),
'Description' =>
array (
'en' => 'KTU Single Sign On',
'lt' => 'KTU vieningas prisijungimas',
),
'InformationURL' =>
array (
'en' => 'http://ktu.edu',
'lt' => 'http://ktu.edu',
),
'Keywords' =>
array (
'en' =>
array (
0 => 'Kaunas',
1 => 'Kaunas University of Technology',
),
'lt' =>
array (
0 => 'Kaunas',
1 => 'Kauno technologijos universitetas',
),
),
'Logo' =>
array (
0 =>
array (
'url' => 'https://tinklas.ktu.lt/images/logo/ktu_80x88.png',
'height' => 88,
'width' => 80,
'lang' => 'en',
),
1 =>
array (
'url' => 'https://tinklas.ktu.lt/images/logo/ktu_80x88.png',
'height' => 88,
'width' => 80,
'lang' => 'lt',
),
2 =>
array (
'url' => 'https://tinklas.ktu.lt/images/logo/ktu_16x16.png',
'height' => 16,
'width' => 16,
'lang' => 'en',
),
3 =>
array (
'url' => 'https://tinklas.ktu.lt/images/logo/ktu_16x16.png',
'height' => 16,
'width' => 16,
'lang' => 'lt',
),
),
),
'DiscoHints' =>
array (
'IPHint' =>
array (
0 => '158.129.0.0/19',
1 => '158.129.32.0/21',
2 => '83.171.8.0/22',
3 => '83.171.15.0/24',
4 => '83.171.18.0/23',
5 => '83.171.20.0/24',
6 => '193.219.32.0/22',
7 => '193.219.36.0/24',
8 => '193.219.61.0/24',
9 => '193.219.63.0/24',
10 => '193.219.66.0/23',
11 => '193.219.68.0/22',
12 => '193.219.74.0/24',
13 => '193.219.154.0/24',
14 => '193.219.156.0/22',
15 => '193.219.160.0/24',
16 => '193.219.170.0/23',
17 => '193.219.174.0/23',
18 => '193.219.176.0/25',
19 => '193.219.184.0/24',
20 => '2001:778:200::/48',
),
'DomainHint' =>
array (
0 => 'ktu.lt',
1 => 'ktu.edu',
),
'GeolocationHint' =>
array (
0 => 'geo:54.898986,23.912564',
1 => 'geo:54.899057,23.917424',
2 => 'geo:54.898912,23.921925',
3 => 'geo:54.905337,23.951043',
4 => 'geo:54.905435,23.956579',
5 => 'geo:54.901102,23.960211',
),
),
'RegistrationInfo' =>
array (
'authority' => 'https://fedi.litnet.lt',
'instant' => '2014-05-01T11:00:03.577Z',
'policies' =>
array (
'en' => 'https://fedi.litnet.lt/en',
'lt' => 'https://fedi.litnet.lt/lt',
),
),
'contacts' =>
array (
0 =>
array (
'contactType' => 'other',
'givenName' => 'Litnet',
'surName' => 'CERT',
'emailAddress' => 'mailto:cert@litnet.lt',
'attributes' =>
array (
'xmlns:remd' => 'http://refeds.org/metadata',
'remd:contactType' => 'http://refeds.org/metadata/contactType/security',
),
),
1 =>
array (
'emailAddress' => 'sso@ktu.lt',
'contactType' => 'technical',
'givenName' => 'KTU',
'surName' => 'SSO',
),
),
);
Certificates
Download the X509 certificates as PEM-encoded files.
Copyright © 2015 KTU ITD