SAML 2.0 IdP Metadata
Here is the metadata that SimpleSAMLphp has generated for you. You may send this metadata document to trusted partners to setup a trusted federation.
You can get the metadata xml on a dedicated URL:
https://login.ktu.lt/simplesaml/saml2/idp/metadata.php
Metadata
In SAML 2.0 Metadata XML format:
<?xml version="1.0"?> <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://login.ktu.lt/simplesaml/saml2/idp/metadata.php"> <md:Extensions> <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://macedir.org/entity-category-support" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">http://refeds.org/category/research-and-scholarship</saml:AttributeValue> <saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">http://www.geant.net/uri/dataprotection-code-of-conduct/v1</saml:AttributeValue> </saml:Attribute> <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">https://refeds.org/sirtfi</saml:AttributeValue> </saml:Attribute> </mdattr:EntityAttributes> <mdrpi:RegistrationInfo xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" registrationAuthority="https://fedi.litnet.lt" registrationInstant="2014-05-01T11:00:03Z"> <mdrpi:RegistrationPolicy xml:lang="en">https://fedi.litnet.lt/en</mdrpi:RegistrationPolicy> <mdrpi:RegistrationPolicy xml:lang="lt">https://fedi.litnet.lt/lt</mdrpi:RegistrationPolicy> </mdrpi:RegistrationInfo> </md:Extensions> <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <md:Extensions> <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ktu.lt</shibmd:Scope> </md:Extensions> <md:KeyDescriptor use="signing"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>MIIElTCCA32gAwIBAgIJALYznSATuns+MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJMVDEPMA0GA1UECBMGS2F1bmFzMQ8wDQYDVQQHEwZLYXVuYXMxKjAoBgNVBAoTIUthdW5vIHRlY2hub2xvZ2lqb3MgdW5pdmVyc2l0ZXRhczEVMBMGA1UEAxMMbG9naW4ua3R1Lmx0MRkwFwYJKoZIhvcNAQkBFgpzc29Aa3R1Lmx0MB4XDTE0MDgwNDEzMDY0MFoXDTI0MDgwMzEzMDY0MFowgY0xCzAJBgNVBAYTAkxUMQ8wDQYDVQQIEwZLYXVuYXMxDzANBgNVBAcTBkthdW5hczEqMCgGA1UEChMhS2F1bm8gdGVjaG5vbG9naWpvcyB1bml2ZXJzaXRldGFzMRUwEwYDVQQDEwxsb2dpbi5rdHUubHQxGTAXBgkqhkiG9w0BCQEWCnNzb0BrdHUubHQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr3YT9UZdS87hoUW2O+nElhco6e1mSJnCVfDXliqaOAv421+khPEqJuKeL1pCeDNHpSlcbVlmdNiwb3SZGUxaXoenTFxaqCZPV09Ggny5f9YBkEzaDOJpB3yGfvbhyrmoRM6zeziATUJiHcns395XuJwd2nwbkNGwY4u4BO7ennVZeQR2r9GOyL+yz3Kly+q8YhIEw0DBXYoPXKhfHBr+otszV9CRXCgnDgVQ7lqqMbxJiK/n7skd1WLRjxxIuTBh3UfTSKmmy3RqwA/NlUYl5Uh42GFE/D0UlKYwzNoBjsV7QXkkmMf8vUiy/x7Tj6PM4zsg716AOafJCPESSuKQJAgMBAAGjgfUwgfIwHQYDVR0OBBYEFMCp68JzkZdFKWHkjPn0XTCo98WhMIHCBgNVHSMEgbowgbeAFMCp68JzkZdFKWHkjPn0XTCo98WhoYGTpIGQMIGNMQswCQYDVQQGEwJMVDEPMA0GA1UECBMGS2F1bmFzMQ8wDQYDVQQHEwZLYXVuYXMxKjAoBgNVBAoTIUthdW5vIHRlY2hub2xvZ2lqb3MgdW5pdmVyc2l0ZXRhczEVMBMGA1UEAxMMbG9naW4ua3R1Lmx0MRkwFwYJKoZIhvcNAQkBFgpzc29Aa3R1Lmx0ggkAtjOdIBO6ez4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAdpZ936wIu3ArrlB0/+RL5FreCZnnXhvxSOGWUZzrzq143BXnClnd/i9oZMMz5C4apRk6f7USWQZFeYrzSb8dpSjgJUYXPcCT5REf+u2aMOoPtmwGGg+zkQKY18WZYC3BW4LPwzNocH3YYBhPrxTkKX/d+xjGM9/b0yOCwdJjj0BlwXq5unq0LIK49aSIyuHwA23d+drva9TON936JL4SEqchA2hbnws1elOJNIiykHUJfKqYy/dY9rqRSx+Hf8gsa2TNLU3sl57neVdLF6p6w/3g4mjB111B4U382kXULKO7Y+J1uffkJ71sGBdRWsvH09i0ReJWzbWxAtF2jtzfkw==</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:KeyDescriptor use="encryption"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>MIIElTCCA32gAwIBAgIJALYznSATuns+MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJMVDEPMA0GA1UECBMGS2F1bmFzMQ8wDQYDVQQHEwZLYXVuYXMxKjAoBgNVBAoTIUthdW5vIHRlY2hub2xvZ2lqb3MgdW5pdmVyc2l0ZXRhczEVMBMGA1UEAxMMbG9naW4ua3R1Lmx0MRkwFwYJKoZIhvcNAQkBFgpzc29Aa3R1Lmx0MB4XDTE0MDgwNDEzMDY0MFoXDTI0MDgwMzEzMDY0MFowgY0xCzAJBgNVBAYTAkxUMQ8wDQYDVQQIEwZLYXVuYXMxDzANBgNVBAcTBkthdW5hczEqMCgGA1UEChMhS2F1bm8gdGVjaG5vbG9naWpvcyB1bml2ZXJzaXRldGFzMRUwEwYDVQQDEwxsb2dpbi5rdHUubHQxGTAXBgkqhkiG9w0BCQEWCnNzb0BrdHUubHQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr3YT9UZdS87hoUW2O+nElhco6e1mSJnCVfDXliqaOAv421+khPEqJuKeL1pCeDNHpSlcbVlmdNiwb3SZGUxaXoenTFxaqCZPV09Ggny5f9YBkEzaDOJpB3yGfvbhyrmoRM6zeziATUJiHcns395XuJwd2nwbkNGwY4u4BO7ennVZeQR2r9GOyL+yz3Kly+q8YhIEw0DBXYoPXKhfHBr+otszV9CRXCgnDgVQ7lqqMbxJiK/n7skd1WLRjxxIuTBh3UfTSKmmy3RqwA/NlUYl5Uh42GFE/D0UlKYwzNoBjsV7QXkkmMf8vUiy/x7Tj6PM4zsg716AOafJCPESSuKQJAgMBAAGjgfUwgfIwHQYDVR0OBBYEFMCp68JzkZdFKWHkjPn0XTCo98WhMIHCBgNVHSMEgbowgbeAFMCp68JzkZdFKWHkjPn0XTCo98WhoYGTpIGQMIGNMQswCQYDVQQGEwJMVDEPMA0GA1UECBMGS2F1bmFzMQ8wDQYDVQQHEwZLYXVuYXMxKjAoBgNVBAoTIUthdW5vIHRlY2hub2xvZ2lqb3MgdW5pdmVyc2l0ZXRhczEVMBMGA1UEAxMMbG9naW4ua3R1Lmx0MRkwFwYJKoZIhvcNAQkBFgpzc29Aa3R1Lmx0ggkAtjOdIBO6ez4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAdpZ936wIu3ArrlB0/+RL5FreCZnnXhvxSOGWUZzrzq143BXnClnd/i9oZMMz5C4apRk6f7USWQZFeYrzSb8dpSjgJUYXPcCT5REf+u2aMOoPtmwGGg+zkQKY18WZYC3BW4LPwzNocH3YYBhPrxTkKX/d+xjGM9/b0yOCwdJjj0BlwXq5unq0LIK49aSIyuHwA23d+drva9TON936JL4SEqchA2hbnws1elOJNIiykHUJfKqYy/dY9rqRSx+Hf8gsa2TNLU3sl57neVdLF6p6w/3g4mjB111B4U382kXULKO7Y+J1uffkJ71sGBdRWsvH09i0ReJWzbWxAtF2jtzfkw==</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.ktu.lt/simplesaml/saml2/idp/SingleLogoutService.php"/> <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat> <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.ktu.lt/simplesaml/saml2/idp/SSOService.php"/> <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.ktu.lt/simplesaml/saml2/idp/SSOService.php"/> </md:IDPSSODescriptor> <md:Organization> <md:OrganizationName xml:lang="en">Kaunas University of Technology</md:OrganizationName> <md:OrganizationName xml:lang="lt">Kauno technologijos universitetas</md:OrganizationName> <md:OrganizationDisplayName xml:lang="en">Kaunas University of Technology</md:OrganizationDisplayName> <md:OrganizationDisplayName xml:lang="lt">Kauno technologijos universitetas</md:OrganizationDisplayName> <md:OrganizationURL xml:lang="en">https://ktu.edu</md:OrganizationURL> <md:OrganizationURL xml:lang="lt">https://en.ktu.edu/</md:OrganizationURL> </md:Organization> <md:ContactPerson contactType="other" xmlns:remd="http://refeds.org/metadata" remd:contactType="http://refeds.org/metadata/contactType/security"> <md:GivenName>Litnet</md:GivenName> <md:SurName>CERT</md:SurName> <md:EmailAddress>mailto:cert@litnet.lt</md:EmailAddress> </md:ContactPerson> <md:ContactPerson contactType="technical"> <md:GivenName>KTU</md:GivenName> <md:SurName>SSO</md:SurName> <md:EmailAddress>sso@ktu.lt</md:EmailAddress> </md:ContactPerson> </md:EntityDescriptor>
In SimpleSAMLphp flat file format - use this if you are using a SimpleSAMLphp entity on the other side:
$metadata['https://login.ktu.lt/simplesaml/saml2/idp/metadata.php'] = array ( 'metadata-set' => 'saml20-idp-remote', 'entityid' => 'https://login.ktu.lt/simplesaml/saml2/idp/metadata.php', 'SingleSignOnService' => array ( 0 => array ( 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'Location' => 'https://login.ktu.lt/simplesaml/saml2/idp/SSOService.php', ), 1 => array ( 'index' => 0, 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP', 'Location' => 'https://login.ktu.lt/simplesaml/saml2/idp/SSOService.php', ), ), 'SingleLogoutService' => array ( 0 => array ( 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'Location' => 'https://login.ktu.lt/simplesaml/saml2/idp/SingleLogoutService.php', ), ), 'certData' => 'MIIElTCCA32gAwIBAgIJALYznSATuns+MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJMVDEPMA0GA1UECBMGS2F1bmFzMQ8wDQYDVQQHEwZLYXVuYXMxKjAoBgNVBAoTIUthdW5vIHRlY2hub2xvZ2lqb3MgdW5pdmVyc2l0ZXRhczEVMBMGA1UEAxMMbG9naW4ua3R1Lmx0MRkwFwYJKoZIhvcNAQkBFgpzc29Aa3R1Lmx0MB4XDTE0MDgwNDEzMDY0MFoXDTI0MDgwMzEzMDY0MFowgY0xCzAJBgNVBAYTAkxUMQ8wDQYDVQQIEwZLYXVuYXMxDzANBgNVBAcTBkthdW5hczEqMCgGA1UEChMhS2F1bm8gdGVjaG5vbG9naWpvcyB1bml2ZXJzaXRldGFzMRUwEwYDVQQDEwxsb2dpbi5rdHUubHQxGTAXBgkqhkiG9w0BCQEWCnNzb0BrdHUubHQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr3YT9UZdS87hoUW2O+nElhco6e1mSJnCVfDXliqaOAv421+khPEqJuKeL1pCeDNHpSlcbVlmdNiwb3SZGUxaXoenTFxaqCZPV09Ggny5f9YBkEzaDOJpB3yGfvbhyrmoRM6zeziATUJiHcns395XuJwd2nwbkNGwY4u4BO7ennVZeQR2r9GOyL+yz3Kly+q8YhIEw0DBXYoPXKhfHBr+otszV9CRXCgnDgVQ7lqqMbxJiK/n7skd1WLRjxxIuTBh3UfTSKmmy3RqwA/NlUYl5Uh42GFE/D0UlKYwzNoBjsV7QXkkmMf8vUiy/x7Tj6PM4zsg716AOafJCPESSuKQJAgMBAAGjgfUwgfIwHQYDVR0OBBYEFMCp68JzkZdFKWHkjPn0XTCo98WhMIHCBgNVHSMEgbowgbeAFMCp68JzkZdFKWHkjPn0XTCo98WhoYGTpIGQMIGNMQswCQYDVQQGEwJMVDEPMA0GA1UECBMGS2F1bmFzMQ8wDQYDVQQHEwZLYXVuYXMxKjAoBgNVBAoTIUthdW5vIHRlY2hub2xvZ2lqb3MgdW5pdmVyc2l0ZXRhczEVMBMGA1UEAxMMbG9naW4ua3R1Lmx0MRkwFwYJKoZIhvcNAQkBFgpzc29Aa3R1Lmx0ggkAtjOdIBO6ez4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAdpZ936wIu3ArrlB0/+RL5FreCZnnXhvxSOGWUZzrzq143BXnClnd/i9oZMMz5C4apRk6f7USWQZFeYrzSb8dpSjgJUYXPcCT5REf+u2aMOoPtmwGGg+zkQKY18WZYC3BW4LPwzNocH3YYBhPrxTkKX/d+xjGM9/b0yOCwdJjj0BlwXq5unq0LIK49aSIyuHwA23d+drva9TON936JL4SEqchA2hbnws1elOJNIiykHUJfKqYy/dY9rqRSx+Hf8gsa2TNLU3sl57neVdLF6p6w/3g4mjB111B4U382kXULKO7Y+J1uffkJ71sGBdRWsvH09i0ReJWzbWxAtF2jtzfkw==', 'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient', 'OrganizationName' => array ( 'en' => 'Kaunas University of Technology', 'lt' => 'Kauno technologijos universitetas', ), 'OrganizationDisplayName' => array ( 'en' => 'Kaunas University of Technology', 'lt' => 'Kauno technologijos universitetas', ), 'OrganizationURL' => array ( 'en' => 'https://ktu.edu', 'lt' => 'https://en.ktu.edu/', ), 'scope' => array ( 0 => 'ktu.lt', ), 'EntityAttributes' => array ( 'http://macedir.org/entity-category-support' => array ( 0 => 'http://refeds.org/category/research-and-scholarship', 1 => 'http://www.geant.net/uri/dataprotection-code-of-conduct/v1', ), 'urn:oasis:names:tc:SAML:attribute:assurance-certification' => array ( 0 => 'https://refeds.org/sirtfi', ), ), 'UIInfo' => array ( 'DisplayName' => array ( 'en' => 'Kaunas University of Technology', 'lt' => 'Kauno technologijos universitetas', ), 'Description' => array ( 'en' => 'KTU Single Sign On', 'lt' => 'KTU vieningas prisijungimas', ), 'InformationURL' => array ( 'en' => 'http://ktu.edu', 'lt' => 'http://ktu.edu', ), 'Keywords' => array ( 'en' => array ( 0 => 'Kaunas', 1 => 'Kaunas University of Technology', ), 'lt' => array ( 0 => 'Kaunas', 1 => 'Kauno technologijos universitetas', ), ), 'Logo' => array ( 0 => array ( 'url' => 'https://tinklas.ktu.lt/images/logo/ktu_80x88.png', 'height' => 88, 'width' => 80, 'lang' => 'en', ), 1 => array ( 'url' => 'https://tinklas.ktu.lt/images/logo/ktu_80x88.png', 'height' => 88, 'width' => 80, 'lang' => 'lt', ), 2 => array ( 'url' => 'https://tinklas.ktu.lt/images/logo/ktu_16x16.png', 'height' => 16, 'width' => 16, 'lang' => 'en', ), 3 => array ( 'url' => 'https://tinklas.ktu.lt/images/logo/ktu_16x16.png', 'height' => 16, 'width' => 16, 'lang' => 'lt', ), ), ), 'DiscoHints' => array ( 'IPHint' => array ( 0 => '158.129.0.0/19', 1 => '158.129.32.0/21', 2 => '83.171.8.0/22', 3 => '83.171.15.0/24', 4 => '83.171.18.0/23', 5 => '83.171.20.0/24', 6 => '193.219.32.0/22', 7 => '193.219.36.0/24', 8 => '193.219.61.0/24', 9 => '193.219.63.0/24', 10 => '193.219.66.0/23', 11 => '193.219.68.0/22', 12 => '193.219.74.0/24', 13 => '193.219.154.0/24', 14 => '193.219.156.0/22', 15 => '193.219.160.0/24', 16 => '193.219.170.0/23', 17 => '193.219.174.0/23', 18 => '193.219.176.0/25', 19 => '193.219.184.0/24', 20 => '2001:778:200::/48', ), 'DomainHint' => array ( 0 => 'ktu.lt', 1 => 'ktu.edu', ), 'GeolocationHint' => array ( 0 => 'geo:54.898986,23.912564', 1 => 'geo:54.899057,23.917424', 2 => 'geo:54.898912,23.921925', 3 => 'geo:54.905337,23.951043', 4 => 'geo:54.905435,23.956579', 5 => 'geo:54.901102,23.960211', ), ), 'RegistrationInfo' => array ( 'authority' => 'https://fedi.litnet.lt', 'instant' => '2014-05-01T11:00:03.577Z', 'policies' => array ( 'en' => 'https://fedi.litnet.lt/en', 'lt' => 'https://fedi.litnet.lt/lt', ), ), 'contacts' => array ( 0 => array ( 'contactType' => 'other', 'givenName' => 'Litnet', 'surName' => 'CERT', 'emailAddress' => 'mailto:cert@litnet.lt', 'attributes' => array ( 'xmlns:remd' => 'http://refeds.org/metadata', 'remd:contactType' => 'http://refeds.org/metadata/contactType/security', ), ), 1 => array ( 'emailAddress' => 'sso@ktu.lt', 'contactType' => 'technical', 'givenName' => 'KTU', 'surName' => 'SSO', ), ), );
Certificates
Download the X509 certificates as PEM-encoded files.
Copyright © 2015 KTU ITD