<?xml version=“1.0” encoding=“UTF-8”?> <EntitiesDescriptor
xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:elab="http://eduserv.org.uk/labels" xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:shibmeta="urn:mace:shibboleth:metadata:1.0" xmlns:ukfedlabel="http://ukfederation.org.uk/2006/11/label" xmlns:wayf="http://sdss.ac.uk/2006/06/WAYF" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:metadata sstc-saml-schema-metadata-2.0.xsd urn:mace:shibboleth:metadata:1.0 shibboleth-metadata-1.0.xsd http://www.w3.org/2001/04/xmlenc# xenc-schema.xsd http://www.w3.org/2000/09/xmldsig# xmldsig-core-schema.xsd" ID="ef20101029T160501Z" Name="http://examplefederation.org" validUntil="2010-11-12T16:05:01Z"> <EntityDescriptor ID="ef00001" entityID="https://shib.example.ac.uk/shibboleth"> <Extensions> <shibmd:Scope regexp="false">example.ac.uk</shibmd:Scope> <ukfedlabel:UKFederationMember/> <ukfedlabel:AccountableUsers/> </Extensions> <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol"> <Extensions> <shibmd:Scope regexp="false">example.ac.uk</shibmd:Scope> </Extensions> <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.example.ac.uk:8443/shibboleth-idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/> <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shib.example.ac.uk:8443/shibboleth-idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/> <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat> <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib.example.ac.uk/shibboleth-idp/profile/Shibboleth/SSO"/> <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shib.example.ac.uk/shibboleth-idp/profile/SAML2/POST/SSO"/> <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shib.example.ac.uk/shibboleth-idp/profile/SAML2/POST-SimpleSign/SSO"/> <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shib.example.ac.uk/shibboleth-idp/profile/SAML2/Redirect/SSO"/> </IDPSSODescriptor> <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol"> <Extensions> <shibmd:Scope regexp="false">example.ac.uk</shibmd:Scope> </Extensions> <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.example.ac.uk:8443/shibboleth-idp/profile/SAML1/SOAP/AttributeQuery"/> <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shib.example.ac.uk:8443/shibboleth-idp/profile/SAML2/SOAP/AttributeQuery"/> <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat> <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> </AttributeAuthorityDescriptor> <Organization> <OrganizationName xml:lang="en">The University of Example</OrganizationName> <OrganizationDisplayName xml:lang="en">University of Example</OrganizationDisplayName> <OrganizationURL xml:lang="en">http://www.example.ac.uk/</OrganizationURL> </Organization> <ContactPerson contactType="support"> <GivenName>IT Service Desk</GivenName> <EmailAddress>mailto:IT-Servicedesk@example.ac.uk</EmailAddress> </ContactPerson> <ContactPerson contactType="technical"> <GivenName>A</GivenName> <SurName>Person</SurName> <EmailAddress>mailto:a.person@example.ac.uk</EmailAddress> </ContactPerson> </EntityDescriptor> <EntityDescriptor ID="ef00002" entityID="https://idp.example.exampleshire.sch.uk/shibboleth"> <Extensions> <shibmd:Scope regexp="false">example.ac.uk</shibmd:Scope> <ukfedlabel:UKFederationMember/> <ukfedlabel:AccountableUsers/> </Extensions> <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol"> <Extensions> <shibmd:Scope regexp="false">example.exampleshire.sch.uk</shibmd:Scope> </Extensions> <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.example.exampleshire.sch.uk:8443/shibboleth-idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/> <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.exampleshire.sch.uk:8443/shibboleth-idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/> <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat> <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.example.exampleshire.sch.uk/shibboleth-idp/profile/Shibboleth/SSO"/> <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.example.exampleshire.sch.uk/shibboleth-idp/profile/SAML2/POST/SSO"/> <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.example.exampleshire.sch.uk/shibboleth-idp/profile/SAML2/POST-SimpleSign/SSO"/> <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.example.exampleshire.sch.uk/shibboleth-idp/profile/SAML2/Redirect/SSO"/> </IDPSSODescriptor> <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol"> <Extensions> <shibmd:Scope regexp="false">example.exampleshire.sch.uk</shibmd:Scope> </Extensions> <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.example.exampleshire.sch.uk:8443/shibboleth-idp/profile/SAML1/SOAP/AttributeQuery"/> <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.exampleshire.sch.uk:8443/shibboleth-idp/profile/SAML2/SOAP/AttributeQuery"/> <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat> <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> </AttributeAuthorityDescriptor> <Organization> <OrganizationName xml:lang="en">Example Secondary School</OrganizationName> <OrganizationDisplayName xml:lang="en">Example Secondary School</OrganizationDisplayName> <OrganizationURL xml:lang="en">http://www.example.exampleshire.sch.uk/</OrganizationURL> </Organization> <ContactPerson contactType="support"> <GivenName>IT Service Desk</GivenName> <EmailAddress>mailto:support@example.exampleshire.sch.uk</EmailAddress> </ContactPerson> <ContactPerson contactType="technical"> <GivenName>A</GivenName> <SurName>Person</SurName> <EmailAddress>mailto:sysadmin@example.exampleshire.sch.uk</EmailAddress> </ContactPerson> </EntityDescriptor> <EntityDescriptor ID="ef00003" entityID="https://login.example.com/shibboleth"> <Extensions> <shibmd:Scope regexp="false">example.com</shibmd:Scope> <ukfedlabel:UKFederationMember/> <ukfedlabel:AccountableUsers/> <wayf:HideFromWAYF/> </Extensions> <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol"> <Extensions> <shibmd:Scope regexp="false">example.com</shibmd:Scope> </Extensions> <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.example.com:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/> <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.example.com:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/> <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat> <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://login.example.com/idp/profile/Shibboleth/SSO"/> <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://login.example.com/idp/profile/SAML2/POST/SSO"/> <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://login.example.com/idp/profile/SAML2/POST-SimpleSign/SSO"/> <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.example.com/idp/profile/SAML2/Redirect/SSO"/> </IDPSSODescriptor> <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol"> <Extensions> <shibmd:Scope regexp="false">example.com</shibmd:Scope> </Extensions> <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.example.com:8443/idp/profile/SAML1/SOAP/AttributeQuery"/> <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.example.com:8443/idp/profile/SAML2/SOAP/AttributeQuery"/> <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat> <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> </AttributeAuthorityDescriptor> <Organization> <OrganizationName xml:lang="en">Example Online</OrganizationName> <OrganizationDisplayName xml:lang="en">Example Online</OrganizationDisplayName> <OrganizationURL xml:lang="en">http://example.com</OrganizationURL> </Organization> <ContactPerson contactType="support"> <GivenName>IT Service Desk</GivenName> <EmailAddress>mailto:help@example.com</EmailAddress> </ContactPerson> <ContactPerson contactType="technical"> <GivenName>A</GivenName> <SurName>Person</SurName> <EmailAddress>mailto:guru@example.com</EmailAddress> </ContactPerson> </EntityDescriptor>
</EntitiesDescriptor>