1. 首页
  2. 问答
  3. WSO2身份服务器4 SAML metedata

WSO2身份服务器4 SAML metedata

2013-04-30 120 views
0

我有wso2身份服务器启动并在本地主机上运行:9443。 我已创建.net应用程序作为服务提供者。我的应用程序使用OIOSAML.NET框架。 我需要SAML格式的wso2 ids元数据。它应该是这样的:WSO2身份服务器4 SAML metedata

<?xml version="1.0"?> 
<q1:EntityDescriptor entityID="http://wso:9443/" ID="ide17674a8a4ca424da09d05939a841485" xmlns:q1="urn:oasis:names:tc:SAML:2.0:metadata"><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /><Reference URI="#ide17674a8a4ca424da09d05939a841485"><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /><DigestValue>yNQMi2eKXcIMbbHgd9pkMR6NrQk=</DigestValue></Reference></SignedInfo><SignatureValue>WxQRp4EZ5AVSsLjqt6jeiqIs2b05Uh8DeiwgmUxc8XnuAVqVvsjhqyzFONKNC56GnmnZSOtO2l8W8hIDw3pNhQhDa6iEdXQHE4flGFZTUlUCL3M5Owc/BN3MMv4dJqMvumMszz79QsTeTAuI779T3APytPOfB92V0+Rw3PrMMX8=</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIB0TCCATqgAwIBAgIQE0QKzPxrX51LbIQIblakJjANBgkqhkiG9w0BAQUFADAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcNMTIxMTIxMTE0NjUwWhcNMTcxMTIxMDAwMDAwWjAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL97SjGhJBcdoZ2Ug+1KWFZJPQVt7nR6Dxpi1EGEWM6/l51rqnEZXRtMbysnYipykzWfh7lzi4BYkwBXf+5rtp7q8WPA0QIWLnbDMhoOFFP41nPOYU0SSKJzbxOrTUCK0sRcMrksClONEgakRi/fYlSfzJb6t9morqL4E9bi+8qtAgMBAAGjJDAiMAsGA1UdDwQEAwIEsDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQUFAAOBgQAO3TS3Z/frP3Kul34Ehiq0fLcStiKxQqZ2K5qkT1ajo6/sYF9UB/3k69sayjqKueCy/YqGFxuTse0v72+OgoeN9vlHXsxOt0jZ4W0u58RSf52OoEu8P9lq182YSB1X6A6U+oWTXZsXstWWmV/p0y+vsjBjTS0Mk7BXxkdolqDSiA==</X509Certificate></X509Data></KeyInfo></Signature> 
    <q1:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> 
    <q1:KeyDescriptor use="signing"> 
     <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> 
     <X509Data> 
      <X509Certificate>MIIB0TCCATqgAwIBAgIQE0QKzPxrX51LbIQIblakJjANBgkqhkiG9w0BAQUFADAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcNMTIxMTIxMTE0NjUwWhcNMTcxMTIxMDAwMDAwWjAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL97SjGhJBcdoZ2Ug+1KWFZJPQVt7nR6Dxpi1EGEWM6/l51rqnEZXRtMbysnYipykzWfh7lzi4BYkwBXf+5rtp7q8WPA0QIWLnbDMhoOFFP41nPOYU0SSKJzbxOrTUCK0sRcMrksClONEgakRi/fYlSfzJb6t9morqL4E9bi+8qtAgMBAAGjJDAiMAsGA1UdDwQEAwIEsDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQUFAAOBgQAO3TS3Z/frP3Kul34Ehiq0fLcStiKxQqZ2K5qkT1ajo6/sYF9UB/3k69sayjqKueCy/YqGFxuTse0v72+OgoeN9vlHXsxOt0jZ4W0u58RSf52OoEu8P9lq182YSB1X6A6U+oWTXZsXstWWmV/p0y+vsjBjTS0Mk7BXxkdolqDSiA==</X509Certificate> 
     </X509Data> 
     </KeyInfo> 
    </q1:KeyDescriptor> 
    <q1:KeyDescriptor use="encryption"> 
     <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> 
     <X509Data> 
      <X509Certificate>MIIB0TCCATqgAwIBAgIQE0QKzPxrX51LbIQIblakJjANBgkqhkiG9w0BAQUFADAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcNMTIxMTIxMTE0NjUwWhcNMTcxMTIxMDAwMDAwWjAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL97SjGhJBcdoZ2Ug+1KWFZJPQVt7nR6Dxpi1EGEWM6/l51rqnEZXRtMbysnYipykzWfh7lzi4BYkwBXf+5rtp7q8WPA0QIWLnbDMhoOFFP41nPOYU0SSKJzbxOrTUCK0sRcMrksClONEgakRi/fYlSfzJb6t9morqL4E9bi+8qtAgMBAAGjJDAiMAsGA1UdDwQEAwIEsDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQUFAAOBgQAO3TS3Z/frP3Kul34Ehiq0fLcStiKxQqZ2K5qkT1ajo6/sYF9UB/3k69sayjqKueCy/YqGFxuTse0v72+OgoeN9vlHXsxOt0jZ4W0u58RSf52OoEu8P9lq182YSB1X6A6U+oWTXZsXstWWmV/p0y+vsjBjTS0Mk7BXxkdolqDSiA==</X509Certificate> 
     </X509Data> 
     </KeyInfo> 
    </q1:KeyDescriptor> 
    <q1:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://wso:9443/samlsso" /> 
    <q1:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://wso:9443/samlsso" /> 
    <Attribute Name="urn:oid:2.5.4.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" /> 
    <Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" /> 
    <Attribute Name="urn:oid:2.5.4.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" /> 
    <Attribute Name="urn:oid:1.3.6.1.4.1.1466.115.121.1.8" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" /> 
    <Attribute Name="dk:gov:saml:attribute:CvrNumberIdentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" /> 
    <Attribute Name="urn:dk:oes:2009-10:Xform:attribute:Role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" /> 
    </q1:IDPSSODescriptor> 
</q1:EntityDescriptor>

有什么办法导出这个元数据?

来源

2013-04-30 radikft

回答

1

可能是这个回复为时已晚。但是想到分享这个答案,因为这可能对搜索同一个WSO2 Identity Server元数据文件的其他人有帮助。

截至目前WSO2 IS 4.5.0,我们没有一个机制来生成元数据文件。但你可以手动。下面给出的是手动准备的那种方式的元数据文件。

<?xml version="1.0" encoding="UTF-8"?><md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://localhost:9443/samlsso" validUntil="2023-09-23T06:57:15.396Z"> 
    <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> 
     <md:KeyDescriptor use="signing"> 
     <ds:KeyInfo> 
      <ds:X509Data> 
       <ds:X509Certificate>MIICNTCCAZ6gAwIBAgIES343gjANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJVUzELMAkGA1UE 
CAwCQ0ExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxDTALBgNVBAoMBFdTTzIxEjAQBgNVBAMMCWxv 
Y2FsaG9zdDAeFw0xMDAyMTkwNzAyMjZaFw0zNTAyMTMwNzAyMjZaMFUxCzAJBgNVBAYTAlVTMQsw 
CQYDVQQIDAJDQTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzENMAsGA1UECgwEV1NPMjESMBAGA1UE 
AwwJbG9jYWxob3N0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCUp/oV1vWc8/TkQSiAvTou 
sMzOM4asB2iltr2QKozni5aVFu818MpOLZIr8LMnTzWllJvvaA5RAAdpbECb+48FjbBe0hseUdN5 
HpwvnH/DW8ZccGvk53I6Orq7hLCv1ZHtuOCokghz/ATrhyPq+QktMfXnRS4HrKGJTzxaCcU7OQID 
AQABoxIwEDAOBgNVHQ8BAf8EBAMCBPAwDQYJKoZIhvcNAQEFBQADgYEAW5wPR7cr1LAdq+IrR44i 
QlRG5ITCZXY9hI0PygLP2rHANh+PYfTmxbuOnykNGyhM6FjFLbW2uZHQTY1jMrPprjOrmyK5sjJR 
O4d1DeGHT/YnIjs9JogRKv4XHECwLtIVdAbIdWHEtVZJyMSktcyysFcvuhPQK8Qc/E/Wq8uHSCo=</ds:X509Certificate> 
      </ds:X509Data> 
     </ds:KeyInfo> 
     </md:KeyDescriptor> 
    <md:SingleLogoutService 
      Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" 
      Location="https://localhost:9443/samlsso" 
      ResponseLocation="https://localhost:9443/samlsso"/> 

    <md:SingleSignOnService 
      Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" 
      Location="https://localhost:9443/samlsso"/> 

    <md:SingleSignOnService 
      Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" 
      Location="https://localhost:9443/samlsso"/> 
</md:IDPSSODescriptor> 
</md:EntityDescriptor>

来源

2013-09-26 04:23:59 Tanya

相关问题

 相关问题