From 8d00811c49ae155436570e2560b81a011034ec60 Mon Sep 17 00:00:00 2001
From: Ryan Rumbaugh <rrumbaugh@nebraska.edu>
Date: Thu, 23 Jun 2022 09:55:03 -0500
Subject: [PATCH] Update FESD for NeBIS
---
nefed.xml | 80 +++----------------------------------------------------
1 file changed, 4 insertions(+), 76 deletions(-)
diff --git a/nefed.xml b/nefed.xml
index 404c03e..7fac231 100644
--- a/nefed.xml
+++ b/nefed.xml
@@ -16807,7 +16807,7 @@ KNGked4df0r1o5CozJ35FjKx1fiYucuvGXU+UZd5Yg6sF6MRhQqud32X3eOFJXS/ndm/jGit7B6A
<EmailAddress>security@nebraska.edu</EmailAddress>
</ContactPerson>
</EntityDescriptor>
- <EntityDescriptor entityID="FESD@nebraska.edu" validUntil="2038-01-01T00:00:01Z" ID="S005056ba-6802-1eec-b68e-92c04a2b498e" xmlns:m="urn:oasis:names:tc:SAML:2.0:metadata">
+ <EntityDescriptor entityID="FESD@nebraska.edu" ID="S005056ba-6802-1eec-b68e-92c04a2b498e" xmlns:m="urn:oasis:names:tc:SAML:2.0:metadata">
<Extensions>
<mdrpi:RegistrationInfo registrationAuthority="https://nebraska.edu/nefed" />
<mdattr:EntityAttributes>
@@ -16826,26 +16826,6 @@ KNGked4df0r1o5CozJ35FjKx1fiYucuvGXU+UZd5Yg6sF6MRhQqud32X3eOFJXS/ndm/jGit7B6A
<mdui:Logo height="85" width="141" xml:lang="en"></mdui:Logo>
</mdui:UIInfo>
</Extensions>
- <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:SignedInfo>
- <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
- <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
- <ds:Reference URI="#S005056ba-6802-1eec-b68e-92c04a2b498e">
- <ds:Transforms>
- <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
- <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
- </ds:Transforms>
- <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <ds:DigestValue>thyexyT/0tpyTKn+Q25lue/TF3k=</ds:DigestValue>
- </ds:Reference>
- </ds:SignedInfo>
- <ds:SignatureValue>A1gv1dBg490fpV8N8cMgnh1qpmzbVIk1YCXDJW3d8F7mEv4m0oEl+WxMdJIGhTXtT9OiwCH9XhdZ JKLO4HOOguGT32XvnR0Ei3IEEoJY2pmCaF01j7ukpsSXA4YgnVJRSYG97sIP7Kw4PhCCq4BukALK zvLYSXhnmHjx07wUOWdbkdxaduGottl0FaiF/Lw7/qtclYAbHyK9SFfezmr+qor2tz43/uPIcbcI YVNlB8i2lhaE43bzuYsLBygnANn15CLp+6xF+sdG7dDthceR3hxkn6D4J7RuVqu8aQkusVWZUBYg t41kGYTU8fAH0bt28rEVRC/NKv8SbyTcg0WhoA==</ds:SignatureValue>
- <ds:KeyInfo>
- <ds:X509Data>
- <ds:X509Certificate>MIIDWzCCAkMCCAogIgUZGSEBMA0GCSqGSIb3DQEBCwUAMHAxCzAJBgNVBAYTAkRFMRwwGgYDVQQK ExNTQVAgVHJ1c3QgQ29tbXVuaXR5MRMwEQYDVQQLEwpTQVAgV2ViIEFTMRQwEgYDVQQLEwtJMDgy MDAyODM0ODEYMBYGA1UEAwwPRlNEX1NTRkFfUzJTVlBTMB4XDTIyMDUxOTE5MjEwMVoXDTM4MDEw MTAwMDAwMVowcDELMAkGA1UEBhMCREUxHDAaBgNVBAoTE1NBUCBUcnVzdCBDb21tdW5pdHkxEzAR BgNVBAsTClNBUCBXZWIgQVMxFDASBgNVBAsTC0kwODIwMDI4MzQ4MRgwFgYDVQQDDA9GU0RfU1NG QV9TMlNWUFMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY6pkbwPSL+bcEh+tghdSV m7Bhua3M4z9/XMtqY8FESbrFTXRN8zKjSfsRMlU9AnvLe311QMQnFNKA/EA6OVtIcHCAZV1QHj+n gNL8VJMb0GiW80uOv8FXuml7BWANk5O5AsxaOBN7+Kp6fmFF21o1cpeYQdd905uBRpmsC25hJt7q 6ybhhdNSozIXZcGd8AoyIccDa6S9aLvUqcdCB6gSQtr2BQYvvKt2NPAIXcFhkPRgNWjnPMGtfKQX u1d1+w3q72RvGiPICT8LWrJge1RZ168SE62pRhq8G50fXHjWqgkCd4vLvH3GuzEKWLA2cTVi61uh XKRsgO9zjXE3lNPbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBADwH69b+GUUZjeluTHkHQfcoIRt3 x7Y0jOzXuDmaba4wcde3QBaUCFAUQXnhW6qoj9d+kItFOXHLDlTQnxq4RMuv0A/hwbb6nNeC/b// tWVE9Cvu/IXQQyqNcYQFzXdpP3G9XbtLTQIZtmpKeMXcIbSmTfvs9TZ2lHA8ARmFQxybsbAVgRpz fDzZp0UbnuAf3mMpeZEGw3XY+XK2lezoBtnGzxDDBe/HrImP1PvMn/3bDaENunErjNe9nspHf22D 7xwK+zdI7aWBzOWuMLLZPIHQ90Y72b2pSG8F4ABDzgXiUipeOLkGfI3K1brXxVAO/FPZhMCmjJGG 7UQEb/8k+4Q=</ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- </ds:Signature>
<SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" AuthnRequestsSigned="true" WantAssertionsSigned="true">
<KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
@@ -16866,62 +16846,10 @@ KNGked4df0r1o5CozJ35FjKx1fiYucuvGXU+UZd5Yg6sF6MRhQqud32X3eOFJXS/ndm/jGit7B6A
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://fesd.nebraska.edu/sap/saml2/sp/slo/005" ResponseLocation="https://fesd.nebraska.edu/sap/saml2/sp/slo/response/005" />
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://fesd.nebraska.edu/sap/saml2/sp/slo/005" />
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://fesd.nebraska.edu/sap/saml2/sp/slo/005" />
- <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://fesd.nebraska.edu/sap/saml2/sp/acs/005" index="0" isDefault="true" />
- <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://fesd.nebraska.edu/sap/saml2/sp/acs/005" index="1" />
- <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://fesd.nebraska.edu/sap/saml2/sp/acs/005" index="2" />
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://fesd.nebraska.edu/sap/saml2/sp/register/005" index="0" isDefault="true" />
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://fesd.nebraska.edu/sap/saml2/sp/register/005" index="1" />
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://fesd.nebraska.edu/sap/saml2/sp/register/005" index="2" />
</SPSSODescriptor>
- <RoleDescriptor xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <KeyDescriptor use="signing">
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:X509Data>
- <ds:X509Certificate>MIIDWzCCAkMCCAogIgUZGSEBMA0GCSqGSIb3DQEBCwUAMHAxCzAJBgNVBAYTAkRFMRwwGgYDVQQK ExNTQVAgVHJ1c3QgQ29tbXVuaXR5MRMwEQYDVQQLEwpTQVAgV2ViIEFTMRQwEgYDVQQLEwtJMDgy MDAyODM0ODEYMBYGA1UEAwwPRlNEX1NTRkFfUzJTVlBTMB4XDTIyMDUxOTE5MjEwMVoXDTM4MDEw MTAwMDAwMVowcDELMAkGA1UEBhMCREUxHDAaBgNVBAoTE1NBUCBUcnVzdCBDb21tdW5pdHkxEzAR BgNVBAsTClNBUCBXZWIgQVMxFDASBgNVBAsTC0kwODIwMDI4MzQ4MRgwFgYDVQQDDA9GU0RfU1NG QV9TMlNWUFMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY6pkbwPSL+bcEh+tghdSV m7Bhua3M4z9/XMtqY8FESbrFTXRN8zKjSfsRMlU9AnvLe311QMQnFNKA/EA6OVtIcHCAZV1QHj+n gNL8VJMb0GiW80uOv8FXuml7BWANk5O5AsxaOBN7+Kp6fmFF21o1cpeYQdd905uBRpmsC25hJt7q 6ybhhdNSozIXZcGd8AoyIccDa6S9aLvUqcdCB6gSQtr2BQYvvKt2NPAIXcFhkPRgNWjnPMGtfKQX u1d1+w3q72RvGiPICT8LWrJge1RZ168SE62pRhq8G50fXHjWqgkCd4vLvH3GuzEKWLA2cTVi61uh XKRsgO9zjXE3lNPbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBADwH69b+GUUZjeluTHkHQfcoIRt3 x7Y0jOzXuDmaba4wcde3QBaUCFAUQXnhW6qoj9d+kItFOXHLDlTQnxq4RMuv0A/hwbb6nNeC/b// tWVE9Cvu/IXQQyqNcYQFzXdpP3G9XbtLTQIZtmpKeMXcIbSmTfvs9TZ2lHA8ARmFQxybsbAVgRpz fDzZp0UbnuAf3mMpeZEGw3XY+XK2lezoBtnGzxDDBe/HrImP1PvMn/3bDaENunErjNe9nspHf22D 7xwK+zdI7aWBzOWuMLLZPIHQ90Y72b2pSG8F4ABDzgXiUipeOLkGfI3K1brXxVAO/FPZhMCmjJGG 7UQEb/8k+4Q=</ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- </KeyDescriptor>
- <KeyDescriptor use="encryption">
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:X509Data>
- <ds:X509Certificate>MIIDWzCCAkMCCAogIgUZGSEBMA0GCSqGSIb3DQEBCwUAMHAxCzAJBgNVBAYTAkRFMRwwGgYDVQQK ExNTQVAgVHJ1c3QgQ29tbXVuaXR5MRMwEQYDVQQLEwpTQVAgV2ViIEFTMRQwEgYDVQQLEwtJMDgy MDAyODM0ODEYMBYGA1UEAwwPRlNEX1NTRkFfUzJTVlBFMB4XDTIyMDUxOTE5MjEwMVoXDTM4MDEw MTAwMDAwMVowcDELMAkGA1UEBhMCREUxHDAaBgNVBAoTE1NBUCBUcnVzdCBDb21tdW5pdHkxEzAR BgNVBAsTClNBUCBXZWIgQVMxFDASBgNVBAsTC0kwODIwMDI4MzQ4MRgwFgYDVQQDDA9GU0RfU1NG QV9TMlNWUEUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5BrMU66I/OV0NY16uMp2s AwFVQwhHl+Ub4IC/ZwhQaBFs4lleQDEORQ3yG+56adcLyzrmvMyMejwzU4HRnQZcz+O8I53j+1PT p1Wbn/Ad1phTPk7cQabYDg6QnYsihm+EGu0UbHBXdjGUl90BdnXDrrhkLqD/YsKmV+Fe0k77Yla1 ikl2hIwT4RN8ysnmGzoE6LiYQzTiWEeS8uoHcIMfgNKahFmk58mN5M6MT/oiQkOrjR1REu9Nmmvb k2ue8i41ZNq8CDrptZ39bi/uN4LrO0L/7QBzVS0edOwnB4iWldgq54XPVIQqIYW6GsQMbhnQVopW QCjb3kvExDJHncOtAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGoLqHUmr0NA+iAUazExGtl0OSE5 Iudtgj6vFJsuDt45qeM2UbbZ5ZTILPVdFBm7r0eZWKHFBB+mKb/UwfNgsW8lEOZ5MhcgWD0WrsPr t7brmFSQ1VkwfM2lHzAmf6GAY3Wuy8XVFdw48rwMYY7J6Ag+A8hS3I8VhVG1/s7fZRO6nzm9B5LA c3+tQuzFygb4lHKvAQOO7l/sqWL6Yg33ImRIFu8vQZx8FlIQy1KmgoZG2zHC7Nra17e8mkXseF8d aZDtER9Jokuz8+d6DjfnM69beXn1Uy5t55Els4jaRIcXGeWHUBHWguIPO4rOu/bdkzYhwTuSUq48 rSYrLXlg28w=</ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- </KeyDescriptor>
- <fed:ClaimTypesRequested>
- <auth:ClaimType Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true" xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" />
- </fed:ClaimTypesRequested>
- <fed:ApplicationServiceEndpoint>
- <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing">
- <wsa:Address>http://itssapfid.nebraska.edu:8199/</wsa:Address>
- </wsa:EndpointReference>
- </fed:ApplicationServiceEndpoint>
- <fed:ApplicationServiceEndpoint>
- <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing">
- <wsa:Address>https://itssapfid.nebraska.edu:1443/</wsa:Address>
- </wsa:EndpointReference>
- </fed:ApplicationServiceEndpoint>
- <fed:TargetScopes>
- <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing">
- <wsa:Address>http://itssapfid.nebraska.edu:8199/</wsa:Address>
- </wsa:EndpointReference>
- <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing">
- <wsa:Address>https://itssapfid.nebraska.edu:1443/</wsa:Address>
- </wsa:EndpointReference>
- </fed:TargetScopes>
- </RoleDescriptor>
- <RoleDescriptor xsi:type="fed:SecurityTokenServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <KeyDescriptor use="signing">
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:X509Data>
- <ds:X509Certificate>MIIDWzCCAkMCCAogIgUZGSEBMA0GCSqGSIb3DQEBCwUAMHAxCzAJBgNVBAYTAkRFMRwwGgYDVQQK ExNTQVAgVHJ1c3QgQ29tbXVuaXR5MRMwEQYDVQQLEwpTQVAgV2ViIEFTMRQwEgYDVQQLEwtJMDgy MDAyODM0ODEYMBYGA1UEAwwPRlNEX1NTRkFfUzJTVlBTMB4XDTIyMDUxOTE5MjEwMVoXDTM4MDEw MTAwMDAwMVowcDELMAkGA1UEBhMCREUxHDAaBgNVBAoTE1NBUCBUcnVzdCBDb21tdW5pdHkxEzAR BgNVBAsTClNBUCBXZWIgQVMxFDASBgNVBAsTC0kwODIwMDI4MzQ4MRgwFgYDVQQDDA9GU0RfU1NG QV9TMlNWUFMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY6pkbwPSL+bcEh+tghdSV m7Bhua3M4z9/XMtqY8FESbrFTXRN8zKjSfsRMlU9AnvLe311QMQnFNKA/EA6OVtIcHCAZV1QHj+n gNL8VJMb0GiW80uOv8FXuml7BWANk5O5AsxaOBN7+Kp6fmFF21o1cpeYQdd905uBRpmsC25hJt7q 6ybhhdNSozIXZcGd8AoyIccDa6S9aLvUqcdCB6gSQtr2BQYvvKt2NPAIXcFhkPRgNWjnPMGtfKQX u1d1+w3q72RvGiPICT8LWrJge1RZ168SE62pRhq8G50fXHjWqgkCd4vLvH3GuzEKWLA2cTVi61uh XKRsgO9zjXE3lNPbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBADwH69b+GUUZjeluTHkHQfcoIRt3 x7Y0jOzXuDmaba4wcde3QBaUCFAUQXnhW6qoj9d+kItFOXHLDlTQnxq4RMuv0A/hwbb6nNeC/b// tWVE9Cvu/IXQQyqNcYQFzXdpP3G9XbtLTQIZtmpKeMXcIbSmTfvs9TZ2lHA8ARmFQxybsbAVgRpz fDzZp0UbnuAf3mMpeZEGw3XY+XK2lezoBtnGzxDDBe/HrImP1PvMn/3bDaENunErjNe9nspHf22D 7xwK+zdI7aWBzOWuMLLZPIHQ90Y72b2pSG8F4ABDzgXiUipeOLkGfI3K1brXxVAO/FPZhMCmjJGG 7UQEb/8k+4Q=</ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- </KeyDescriptor>
- <fed:ClaimTypesOffered>
- <auth:ClaimType Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true" xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" />
- </fed:ClaimTypesOffered>
- <fed:TokenTypesOffered>
- <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion" />
- </fed:TokenTypesOffered>
- </RoleDescriptor>
<Organization>
<OrganizationName xml:lang="en">Front End Service</OrganizationName>
<OrganizationDisplayName xml:lang="en">Front End Service</OrganizationDisplayName>
--
GitLab