<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://SP-HostName/shibboleth-sp">
↑ホスト名
<!-- An SP supporting SAML 1 and 2 contains this element with protocol support as shown. -->
<SPSSODescriptor
↑ ホスト名
<SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol
urnurn:oasis:names:tc:SAML:1.1:protocol">
<Extensions>
<!-- Extension to permit the SP to receive IdP discovery responses. -->
<idpdisc:DiscoveryResponse
<Extensions>
<idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol "
index="1"
Binding" Location="https://SP-HostName/Shibboleth.sso/DS" index="1" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
/>
Location=" ↑ ホスト名
<mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
<mdui:DisplayName xml:lang="ja"> 実習セミナーSPテストXX</mdui:DisplayName>
<mdui:DisplayName xml:lang="en">Ex-SP-TestXX</mdui:DisplayName>
↑ SP名称(英/日)
<mdui:Description xml:lang="ja"> テスト用サービス</mdui:Description>
↑ サービス内容
<mdui:Logo height="50" width="50">https://SP-HostName/logo/logo.jpg</mdui:Logo>
↑ ロゴ画像URL
<mdui:InformationURL xml:lang="ja">https://SP-HostName/jp/</mdui:InformationURL>
<mdui:InformationURL xml:lang="en">https://SP-HostName /Shibboleth.sso/DS"/>
↑ホスト名
</Extensions>
<KeyDescriptor>
<ds:KeyInfo /en/</mdui:InformationURL>
↑ SP情報URL(英/日)
</mdui:UIInfo> <!--
<RequestedAttributeExtension xmlns=" http://www.gakunin.jp/ns/uapprove-jp/metadata" FriendlyName="eduPersonTargetedID">
<Description xml:lang="ja">ユーザを一意に識別するため</Description>
</RequestedAttributeExtension>
-->
</Extensions>
<KeyDescriptor>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>
MIIEvTCCA6WgAwIBAgIIYjMyaJjCRmowDQYJKoZIhvcNAQEFBQAwfTELMAkGA1UE
BhMCSlAxETAPBgNVBAcTCEFjYWRlbWUyMSowKAYDVQQKEyFOYXRpb25hbCBJbnN0
aXR1dGUgb2YgSW5mb3JtYXRpY3MxDTALBgNVBAsTBFVQS0kxIDAeBgNVBAsTF05J
(中略)
kBFfvNBdrux4CkIsKhpYQXCAIEuy12CFZUXEtHB5XxeBkntbs2lfP/rWbg2J1Ige
<ds:X509Data>
<ds:X509Certificate>
MIIFITCCBAmgAwIBAgIIBpAaVBrt6kMwDQYJKoZIhvcNAQEFBQAwfTELMAkGA1UE
BhMCSlAxETAPBgNVBAcTCEFjYWRlbWUyMSowKAYDVQQKEyFOYXRpb25hbCBJbnN0
aXR1dGUgb2YgSW5mb3JtYXRpY3MxDTALBgNVBAsTBFVQS0kxIDAeBgNVBAsTF05J
(中略)
kBFfvNBdrux4CkIsKhpYQXCAIEuy12CFZUXEtHB5XxeBkntbs2lfP/rWbg2J1Ige
zZc6shCn3VdrL2douVFjaAXlc8zwys/KIpLzNSxOOGwJdKxFTaIzH/emcqKj93Jd
↑設定した証明書に変更(
DC1rrFMhoPE=
↑ 設定した証明書に変更(
/etc/shibboleth/cert/server. crt)
crt)
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<!--
This tells IdPs where and how to send authentication assertions. Mostly
the SP will tell the IdP what location to use in its request, but this
is how the IdP validates the location and also figures out which
SAML version/binding to use.
-->
<AssertionConsumerService index="1" isDefault="true"
</KeyDescriptor>
<AssertionConsumerService isDefault="true" Location="https://SP-HostName/Shibboleth.sso/SAML2/POST" index="1" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
/>
↑ ホスト名
<AssertionConsumerService Location="https://SP-HostName/Shibboleth.sso/SAML2/POST "/>
↑ホスト名
<AssertionConsumerService -SimpleSign" index="2"
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign"
/>
↑ ホスト名
<AssertionConsumerService Location="https://SP-HostName/Shibboleth.sso/SAML2/ POST-SimpleSign"/>
↑ホスト名
<AssertionConsumerService Artifact" index="3"
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
/>
↑ ホスト名
<AssertionConsumerService Location="https://SP-HostName/Shibboleth.sso/ SAML2SAML/ Artifact"/>
↑ホスト名
<AssertionConsumerService POST" index="4"
Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"
/>
↑ ホスト名
<AssertionConsumerService Location="https://SP-HostName/Shibboleth.sso/SAML/ POST"/>
↑ホスト名
<AssertionConsumerService Artifact" index="5"
Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01 "
Location="https://SP-HostName/Shibboleth.sso/SAML/Artifact"/>
↑ホスト名
</SPSSODescriptor>
<!-- This is just information about the entity in human terms. -->
<Organization>
<OrganizationName "/>
↑ ホスト名
<!--
<AttributeConsumingService index="1" isDefault="true">
<ServiceName xml:lang="ja">実習セミナーSPテストXX</ServiceName> <ServiceName xml:lang="en">Ex-SP-TestXX</ServiceName> <ServiceDescription xml:lang="ja">テスト用サービス</ServiceDescription> <RequestedAttribute FriendlyName="eduPersonTargetedID" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> </AttributeConsumingService> --> </SPSSODescriptor>
<Organization>
<OrganizationName xml:lang="en">Training Seminar University</OrganizationName>
<OrganizationName
<OrganizationName xml:lang="ja"> 実習セミナー大学</OrganizationName>
↑機関名(英/日)
<OrganizationDisplayName ↑ 機関名称(英/日)
<OrganizationDisplayName xml:lang="en">Ex-SP-TestXX</OrganizationDisplayName>
<OrganizationDisplayName
<OrganizationDisplayName xml:lang="ja"> 実習セミナーSPテストXX</OrganizationDisplayName>
↑SP名称(英/日)
<OrganizationURL
↑ SP名称(英/日)
<OrganizationURL xml:lang="en">http://YourHomePage/ en/</OrganizationURL>
<OrganizationURL xml:lang="ja">http://YourHomePage/ja/</OrganizationURL>
↑機関URL(英/日)
</Organization>
<ContactPerson contactType="technical">
↑連絡先ポジションを以下から選択
[technical, support, administrative, billing, other]
<GivenName>Your GivenName</GivenName>
↑連絡先名
<SurName>Your SurName</SurName>
↑連絡先名
<EmailAddress>admin@example.org</EmailAddress>
↑連絡先のe-mailアドレス
(メタデータは公開されるのでalias名などを推奨:システム運用基準4.4項参照)
</ContactPerson>
</EntityDescriptor>
|