[shibboleth-sp2] 06/119: Remove wayf references.

Ferenc Wágner wferi-guest at moszumanska.debian.org
Tue Jan 26 21:29:44 UTC 2016


This is an automated email from the git hooks/post-receive script.

wferi-guest pushed a commit to annotated tag 1.3.1
in repository shibboleth-sp2.

commit b12e5ecc522dd49660a822e94e59bc4765eaa471
Author: Scott Cantor <cantor.2 at osu.edu>
Date:   Thu Dec 28 02:05:06 2006 +0000

    Remove wayf references.
---
 configs/example-metadata.xml.in | 88 +----------------------------------------
 1 file changed, 2 insertions(+), 86 deletions(-)

diff --git a/configs/example-metadata.xml.in b/configs/example-metadata.xml.in
index f772a43..f02cee8 100644
--- a/configs/example-metadata.xml.in
+++ b/configs/example-metadata.xml.in
@@ -44,8 +44,6 @@
 			<Extensions>
 				<!-- This is a Shibboleth extension to express attribute scope rules. -->
 				<shibmd:Scope>example.org</shibmd:Scope>
-				<!-- This enables testing against Internet2's test site. -->
-				<shibmd:Scope>example.edu</shibmd:Scope>
 			</Extensions>
 			
 			<!--
@@ -62,8 +60,7 @@
 			to the ones presented in the XML Signature or SSL session.
 			
 			When an inline certificate is used, do not assume that an expired certificate
-			will be detected and rejected. Often only the key will be extracted without
-			regard for the certificate, but at the same time, it may be risky to include
+			will be detected and rejected. At the same time, it may be risky to include
 			an expired certificate and assume it will work. Your SAML implementation
 			may provide specific guidance on this.
 			-->
@@ -90,43 +87,11 @@ w14fpgtAk2x8xD7cpHsZ073JHxEcjEetD8PTtrFdNu6GwIrv6Sk=
 			    </ds:KeyInfo>
 			</KeyDescriptor>
 
-			<!-- This key is used by Internet2's test site. -->
-			<KeyDescriptor use="signing">
-			    <ds:KeyInfo>
-			        <ds:X509Data>
-			        	<ds:X509Certificate>
-MIIDADCCAmmgAwIBAgICBPIwDQYJKoZIhvcNAQEEBQAwgakxCzAJBgNVBAYTAlVT
-MRIwEAYDVQQIEwlXaXNjb25zaW4xEDAOBgNVBAcTB01hZGlzb24xIDAeBgNVBAoT
-F1VuaXZlcnNpdHkgb2YgV2lzY29uc2luMSswKQYDVQQLEyJEaXZpc2lvbiBvZiBJ
-bmZvcm1hdGlvbiBUZWNobm9sb2d5MSUwIwYDVQQDExxIRVBLSSBTZXJ2ZXIgQ0Eg
-LS0gMjAwMjA3MDFBMB4XDTA1MDUyNjAxMDE1MloXDTA5MDcwNTAxMDE1MlowPjEL
-MAkGA1UEBhMCVVMxEjAQBgNVBAoTCUludGVybmV0MjEbMBkGA1UEAxMSd2F5Zi5p
-bnRlcm5ldDIuZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpUs
-kDqIN54O/AbF9rVqe8FJ1q/Ep7edGGOQUjlnt2c2AyVuvveSfW/Hh82DjdF0HMaW
-C5kv/ZInBLi4kO6Xx2EjPijZmK11WxHx+WbhgCziY4KzetL3XT63QdCSSQVnaEJV
-oM9yWsOOHpeWaFiX2alAfkYbCVt9kQiB2amyCuwcOwPWh0Saf7UTEyXoE9IMNWUz
-oaydiwm6TH2zJ7ZNMogeL14o5Fv7I6znKwVGvqrz6iIGWTI7v/ZmnF/jwyW4GOdS
-fX7s/G+M6uSndSM5si+s7iE+MdtP0qZ2M3xd4zWSpYTWRnq3uVMc9w04mF5LZM5q
-B8ktgtaTLS5X2sWv6QIDAQABox0wGzAMBgNVHRMBAf8EAjAAMAsGA1UdDwQEAwIF
-oDANBgkqhkiG9w0BAQQFAAOBgQBDiDqvFbuhMMxAQ89CNBFLiXkcMLrX2Ht96Zux
-JfS8fAx/Obbz5im1jK7peLhFr/9KgLtAkoz4aWtBL+qWcL3a1VYTu9H3Q2w9QbV2
-rxmbK0h8tw6qTA+F4FrErGufQv+kEmm1WRXXeyqEcsadZpsXauRD8iraq9f5WrLX
-AtThLg==
-			        	</ds:X509Certificate>
-			        </ds:X509Data>
-			    </ds:KeyInfo>
-			</KeyDescriptor>
-			
 			<!-- This tells SPs where/how to resolve SAML 1.x artifacts into SAML assertions. -->
 			<ArtifactResolutionService index="1"
 				Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
 				Location="https://idp.example.org:8443/shibboleth-idp/Artifact"/>
 
-			<!-- This enables testing against Internet2's test site. -->
-			<ArtifactResolutionService index="2"
-				Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
-				Location="https://wayf.internet2.edu:8443/shibboleth-idp/Artifact"/>
-			
 			<!-- This tells SPs that you support only the Shib handle format. -->
 			<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
 			
@@ -134,9 +99,6 @@ AtThLg==
 			<SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest"
 			    Location="https://idp.example.org/shibboleth-idp/SSO"/>
 
-			<!-- This enables testing against Internet2's test site. -->
-			<SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest"
-			    Location="https://wayf.internet2.edu/shibboleth-idp/SSO"/>
 		</IDPSSODescriptor>
 		
 		<!-- Most Shib IdPs also support SAML attribute queries, so this role is also included. -->
@@ -144,8 +106,6 @@ AtThLg==
 			<Extensions>
 				<!-- This is a Shibboleth extension to express attribute scope rules. -->
 				<shibmd:Scope>example.org</shibmd:Scope>
-				<!-- This enables testing against Internet2's test site. -->
-				<shibmd:Scope>example.edu</shibmd:Scope>
 			</Extensions>
 			
 			<!-- The certificate has to be repeated here (or a different one specified if necessary). -->
@@ -172,41 +132,10 @@ w14fpgtAk2x8xD7cpHsZ073JHxEcjEetD8PTtrFdNu6GwIrv6Sk=
 			    </ds:KeyInfo>
 			</KeyDescriptor>
 
-			<!-- This key is used by Internet2's test site. -->
-			<KeyDescriptor use="signing">
-			    <ds:KeyInfo>
-			        <ds:X509Data>
-			        	<ds:X509Certificate>
-MIIDADCCAmmgAwIBAgICBPIwDQYJKoZIhvcNAQEEBQAwgakxCzAJBgNVBAYTAlVT
-MRIwEAYDVQQIEwlXaXNjb25zaW4xEDAOBgNVBAcTB01hZGlzb24xIDAeBgNVBAoT
-F1VuaXZlcnNpdHkgb2YgV2lzY29uc2luMSswKQYDVQQLEyJEaXZpc2lvbiBvZiBJ
-bmZvcm1hdGlvbiBUZWNobm9sb2d5MSUwIwYDVQQDExxIRVBLSSBTZXJ2ZXIgQ0Eg
-LS0gMjAwMjA3MDFBMB4XDTA1MDUyNjAxMDE1MloXDTA5MDcwNTAxMDE1MlowPjEL
-MAkGA1UEBhMCVVMxEjAQBgNVBAoTCUludGVybmV0MjEbMBkGA1UEAxMSd2F5Zi5p
-bnRlcm5ldDIuZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpUs
-kDqIN54O/AbF9rVqe8FJ1q/Ep7edGGOQUjlnt2c2AyVuvveSfW/Hh82DjdF0HMaW
-C5kv/ZInBLi4kO6Xx2EjPijZmK11WxHx+WbhgCziY4KzetL3XT63QdCSSQVnaEJV
-oM9yWsOOHpeWaFiX2alAfkYbCVt9kQiB2amyCuwcOwPWh0Saf7UTEyXoE9IMNWUz
-oaydiwm6TH2zJ7ZNMogeL14o5Fv7I6znKwVGvqrz6iIGWTI7v/ZmnF/jwyW4GOdS
-fX7s/G+M6uSndSM5si+s7iE+MdtP0qZ2M3xd4zWSpYTWRnq3uVMc9w04mF5LZM5q
-B8ktgtaTLS5X2sWv6QIDAQABox0wGzAMBgNVHRMBAf8EAjAAMAsGA1UdDwQEAwIF
-oDANBgkqhkiG9w0BAQQFAAOBgQBDiDqvFbuhMMxAQ89CNBFLiXkcMLrX2Ht96Zux
-JfS8fAx/Obbz5im1jK7peLhFr/9KgLtAkoz4aWtBL+qWcL3a1VYTu9H3Q2w9QbV2
-rxmbK0h8tw6qTA+F4FrErGufQv+kEmm1WRXXeyqEcsadZpsXauRD8iraq9f5WrLX
-AtThLg==
-			        	</ds:X509Certificate>
-			        </ds:X509Data>
-			    </ds:KeyInfo>
-			</KeyDescriptor>
-
 			<!-- This tells SPs how and where to send queries. -->
 			<AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
 			    Location="https://idp.example.org:8443/shibboleth-idp/AA"/>
 
-			<!-- This enables testing against Internet2's test site. -->
-			<AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
-			    Location="https://wayf.internet2.edu:8443/shibboleth-idp/AA"/>
-
 			<!-- This tells SPs that you support only the Shib handle format. -->
 			<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
 		</AttributeAuthorityDescriptor>
@@ -243,8 +172,7 @@ AtThLg==
 			Signature or SSL session.
 			
 			When an inline certificate is used, do not assume that an expired certificate
-			will be detected and rejected. Often only the key will be extracted without
-			regard for the certificate, but at the same time, it may be risky to include
+			will be detected and rejected. At the same time, it may be risky to include
 			an expired certificate and assume it will work. Your SAML implementation
 			may provide specific guidance on this.
 			-->
@@ -288,18 +216,6 @@ gmYsTmak+kxO93JprrOd9xp8aZPMEprL7VCdrhbZEfyYER0=
 			<AssertionConsumerService index="2"
 				Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01"
 				Location="https://sp.example.org/Shibboleth.sso/SAML/Artifact"/>
-			<AssertionConsumerService index="3"
-		        Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"
-		        Location="https://sp.example.org/shibboleth-sp/Shibboleth.sso/SAML/POST"/>
-		    <AssertionConsumerService index="4"
-		        Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01"
-		        Location="https://sp.example.org/shibboleth-sp/Shibboleth.sso/SAML/Artifact"/>
-			<AssertionConsumerService index="5"
-				Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"
-				Location="https://sp.example.org:9443/shibboleth-sp/Shibboleth.sso/SAML/POST"/>
-			<AssertionConsumerService index="6"
-				Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01"
-				Location="https://sp.example.org:9443/shibboleth-sp/Shibboleth.sso/SAML/Artifact"/>
 
 		</SPSSODescriptor>
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-shibboleth/shibboleth-sp2.git



More information about the Pkg-shibboleth-devel mailing list