From 9b9327eedc37de00d51c322bf9327da9b16c33f7 Mon Sep 17 00:00:00 2001
From: Ryan Rumbaugh <rrumbaugh@nebraska.edu>
Date: Mon, 12 Aug 2024 15:50:54 -0500
Subject: [PATCH] Use complete metadata
---
nefed.xml | 94 +++++++++++++++++++++++++++++++++----------------------
1 file changed, 56 insertions(+), 38 deletions(-)
diff --git a/nefed.xml b/nefed.xml
index 51498eb..9d8d2e6 100644
--- a/nefed.xml
+++ b/nefed.xml
@@ -34769,15 +34769,23 @@ PRD49iI+tL/VkGo=
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512" />
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384" />
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
+ <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224" />
<alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512" />
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384" />
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256" />
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224" />
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" />
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" />
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
+ <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256" />
+ <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1" />
<alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
+ <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
<mdrpi:RegistrationInfo registrationAuthority="https://nebraska.edu/nefed" />
<mdattr:EntityAttributes>
<saml:Attribute Name="http://macedir.org/entity-category"
- NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml:AttributeValue>https://nebraska.edu/category/registered-by-nefed</saml:AttributeValue>
</saml:Attribute>
</mdattr:EntityAttributes>
@@ -34796,9 +34804,10 @@ PRD49iI+tL/VkGo=
<KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:KeyName>access.libnova.com</ds:KeyName>
+ <ds:KeyName>https://access.libnova.com/shibboleth</ds:KeyName>
<ds:X509Data>
- <ds:X509Certificate>
- MIIELzCCApegAwIBAgIUWRy0Im8Xh7pylJWbtwjtRvx3Bz0wDQYJKoZIhvcNAQEL
+ <ds:X509SubjectName>CN=access.libnova.com</ds:X509SubjectName>
+ <ds:X509Certificate>MIIELzCCApegAwIBAgIUWRy0Im8Xh7pylJWbtwjtRvx3Bz0wDQYJKoZIhvcNAQEL
BQAwHTEbMBkGA1UEAxMSYWNjZXNzLmxpYm5vdmEuY29tMB4XDTIwMDkwOTExMzQz
N1oXDTMwMDkwNzExMzQzN1owHTEbMBkGA1UEAxMSYWNjZXNzLmxpYm5vdmEuY29t
MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAmYHffkCCf9W4If0rDJkG
@@ -34828,45 +34837,54 @@ PRD49iI+tL/VkGo=
<KeyDescriptor use="encryption">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:KeyName>access.libnova.com</ds:KeyName>
- <ds:X509Data>
- <ds:X509Certificate>
- MIIELzCCApegAwIBAgIUWRy0Im8Xh7pylJWbtwjtRvx3Bz0wDQYJKoZIhvcNAQEL
- BQAwHTEbMBkGA1UEAxMSYWNjZXNzLmxpYm5vdmEuY29tMB4XDTIwMDkwOTExMzQz
- N1oXDTMwMDkwNzExMzQzN1owHTEbMBkGA1UEAxMSYWNjZXNzLmxpYm5vdmEuY29t
- MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAmYHffkCCf9W4If0rDJkG
- iOERBF6LK/R2tI7uI9cV2w0rsqLpVT9h6HH+ZZb9YPj6yva5nkefWvkvO7L+LJhc
- AefDrHp91APJ6G2XfMzQNrxyq0NV3V6wM6hr/mvp81DR2LpYspOdF9c+PRm6EMs8
- MS5zN7j79MG7JderKeCN1JtPlOX1NbRoDsiXk9YKXSwL5d/jvAyo16NYhNCITcdQ
- P0gGmsFRfrZTXzXBv2Vv2Hg1Vx7p3uQ9StX8P9r8pznlJFK9xXg6eq7v75Mui+fx
- KG3jZouvDZuiRqufraXVNS0zgoqzaMyVjVffWT/P/xG0z/CnvUi2Wf+MYRcOVUFc
- onbo9okMKKbVtBCiwoYG54bRt1B4gWTlr9ZrMqVK0GiB2IffqEn7wY49ZEAwWkWo
- qFFpIkAtszI1AOYghUD0r7RkjbnIlR4Z8zf7dLYqAXc9o70tDkjeqNZtUvVZXBt0
- zfJbc7R0vKYEtw0m5RqSSXancmrPLO55rgsdD9ZVOSmxAgMBAAGjZzBlMEQGA1Ud
+ <ds:KeyName>https://access.libnova.com/shibboleth</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=access.libnova.com</ds:X509SubjectName>
+ <ds:X509Certificate>MIIELzCCApegAwIBAgIUfWgwBkl8xksgeZCaGDTr5a6TS5gwDQYJKoZIhvcNAQEL
+ BQAwHTEbMBkGA1UEAxMSYWNjZXNzLmxpYm5vdmEuY29tMB4XDTIwMDkwOTExMzcw
+ MloXDTMwMDkwNzExMzcwMlowHTEbMBkGA1UEAxMSYWNjZXNzLmxpYm5vdmEuY29t
+ MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAv5eZagBTOuXy0f1qlerx
+ cy96gdcERn6YaTd6aP9juOuJkvRkKUapZ4NVKVjT7wUp5fJ8pYVM/uCczo5W8Wyn
+ qLTLtzURwUEkWCkRenMNvTMH46bKdOFC8u7DEnnvpHzDaUNM58uZpUux97xpCMEc
+ pJE0Wsr/xlmTJn6/WSOa0U1VMvEELnfmrBjtMT2FJNDV0gTcw/MODImVRq6SKfz1
+ lOD2f+Cl5/XLxKGjRTZ5i65m+Po2SqKsDFGWaoZCm5tKZfPKd3UmhXN0iDSUFkfz
+ zDwUMChWgMMnMuujMjfufAeMYn1KL0zfGujVt4Yn0Vxzhr/BbWZL7kUfUvLTqEK8
+ NsIeTFbNXQnmBqbAvHbJuG6tRsXbU7RxIgctKvWrQlN1Wef6p1M6RcZPLrYMyEBz
+ J+8T9QaK0SGmhIsP4jyAlFc9KphhLxM3zoL78YFjH9p3T2AqEjZWCLcVcMPvR6pY
+ rhUnL7Hlze82bFaJYR2yz1aDYLSBHi0RBukcyisH/PsjAgMBAAGjZzBlMEQGA1Ud
EQQ9MDuCEmFjY2Vzcy5saWJub3ZhLmNvbYYlaHR0cHM6Ly9hY2Nlc3MubGlibm92
- YS5jb20vc2hpYmJvbGV0aDAdBgNVHQ4EFgQUYOY2PE1ItINjiDw19meTEnFm0BMw
- DQYJKoZIhvcNAQELBQADggGBACskdrEKqwJRM9yTj3tUgbdFVz1DOWP3VwCb/RNA
- KDuOjSDRJDJ5nc+DZdG0vCrMMFnXQHTAxKhujI8mywyOMhtp1/xBXntuii//+B4M
- h0Zs0ocTPX2krLndGd5ysHsby5v2iINfHt4sYtW3iqv/at5IByT/dAhKWvnjzqBU
- icjDyiqKwnicyoHZN1F42cln2LvRftIqz3SYLwilHeL/xyy0hZRft58tjGSuO/Co
- HNrYWXYAsGC7wN4XL3DUdIksJmLM7kDyZHBUQAV9nJPUs9oltJIrKFUwdqX1kgsO
- B3lf54LEU9RiSgE28ZyXw7X4gRTuSni+JMAXyZO8qou/fw7oTTnxPMYbZIGbGJT4
- +UZXea6Ffsrd09IG2DUK1GarhUmKuyQNxdaJXLKxOc92xrNtL+hn+Cq4wdrLXiRh
- tjvqf2dWNArMWg2fbZi9RLy6A37vr6BZofsR+/wS3oOOdLNOAh9JVFzW4OZRMa1J
- L6poBMb96iQBy8MHI4uW3km0Nw==
- </ds:X509Certificate>
+ YS5jb20vc2hpYmJvbGV0aDAdBgNVHQ4EFgQUjKhvAVksA+03z3KE3GqVdUnrRqww
+ DQYJKoZIhvcNAQELBQADggGBACPEgywVmb7l/tU/qV2+r6CHfszOtovrY5QdvwvI
+ /sh9XkdDSNpC7wbF44M0E9f6SFOFBmgDBzA0loV/+D4x6e7w2h1qsN5r0wm4wRsX
+ oBz5u9lFBqXjJ0e9+A30f7OvXwYLgrK5J4ipOx+2FPdcsLP8irxm6Y2UfpkDn8Y2
+ egkX4R3LBX0ZDGbNcKel5e0ovA7r5yhJ/axhCnT2GVRPn818BZxCEpCyVx0ww/Fy
+ OqQmpRdQw68nBRQ9XelOnvbmQQENvK0e/j10n0QoGoDQNjdroH1UWPKIqQuzuSHx
+ 0djZYOhz7Cmujfd9oNR1XP//nO9ZZkvvU5ETbbBPjYtXG93TFQRrnhNOd/kOVOPO
+ GTrbtXvt7P2IS0JcX5VSEAv5nbbz3hbtF9xaJ9No3x8Qmr6U4UIFN7vx9fX+gEQQ
+ I+e0OVeXUm31poZD/7HZxi04yxkP5JEhX1HvaqSRAzHeW+qYgUGWlPfFtBXhYk17
+ cy+XljuxZO3xnVMr7iqaoLh3Zg==
+ </ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
+ <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm" />
+ <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm" />
+ <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm" />
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc" />
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
+ <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep" />
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" />
</KeyDescriptor>
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://access.libnova.com/Shibboleth.sso/SLO/R..." />
- <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://access.libnova.com/Shibboleth.sso/SLO/R..." />
- <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
- <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://access.libnova.com/Shibboleth.sso" index="1" />
- <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://access.libnova.com/Shibboleth.sso/SAML2..." index="2" />
- <AttributeConsumingService index="1">
- <ServiceName xml:lang="en">Libnova Access</ServiceName>
- <RequestedAttribute Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" />
- <RequestedAttribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" />
- </AttributeConsumingService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://access.libnova.com/Shibboleth.sso/Artifact/SOAP" index="1" />
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://access.libnova.com/Shibboleth.sso/SLO/SOAP" />
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://access.libnova.com/Shibboleth.sso/SLO/POST" />
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://access.libnova.com/Shibboleth.sso/SLO/Artifact" />
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://access.libnova.com/Shibboleth.sso/SLO/Redirect" />
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://access.libnova.com/Shibboleth.sso/SAML2/POST" index="1" />
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://access.libnova.com/Shibboleth.sso/SAML2/POST-SimpleSign" index="2" />
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://access.libnova.com/Shibboleth.sso/SAML2/Artifact" index="3" />
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://access.libnova.com/Shibboleth.sso/SAML2/ECP" index="4" />
</SPSSODescriptor>
<Organization>
<OrganizationName xml:lang="en-US">Libnova LIBSAFE Go</OrganizationName>
--
GitLab