SAML 2.0 IdP 元信息
这里是SimpleSAMLphp为你生成的元信息,你应该发送这个元信息文档给你的信任的合作伙伴以建立信任的联盟
你可以在 获取元信息XML
https://login.fleetforum.org/saml2/idp/metadata.php
元信息
在SAML 2.0 XML 元信息格式中:
<?xml version="1.0"?> <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://login.fleetforum.org/saml2/idp/metadata.php"> <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <md:KeyDescriptor use="signing"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>MIIDJDCCAgygAwIBAgIJALGA2SU++trDMA0GCSqGSIb3DQEBCwUAMCcxJTAjBgNVBAMMHFNBTUwgSURQIFNpZ25pbmcgY2VydGlmaWNhdGUwHhcNMTgwNjI5MTUxOTQxWhcNMTgwNzI5MTUxOTQxWjAnMSUwIwYDVQQDDBxTQU1MIElEUCBTaWduaW5nIGNlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCAMZf93ewl6dNCOS+uk3eBg2gPT5+6w1wkPyGwqRdHZJiXBOl8Bg9RPIr7G0KaVzFSfo8mQgXu3iJJPvntb73fKDxRvjCTZz6WQqFRT7TmhThKVH9UrxNzU24/Rs6zwHhKMMP106Xb7Bj7ZIY/0DEBx77Ir23r2G7NCdnxdLiR5NVNBwHNpIJw7W5L3auhdjMy9lSC07m0KYO3iVPzMIR0rNLgJXsk1Ah5JxO4IHy59DLHtuOh59p08m07lfP1E+W136iZ6mu7eXArmz5DC2m9EI6PutpWqJEogjxFw5Cz1Q9/rR+3fdcLbRSOGuVk5S1Aghs/iCzCHGLQEytYlZwIDAQABo1MwUTAdBgNVHQ4EFgQUFpp7d7H86IeYlw4XZtSxrVDV/h0wHwYDVR0jBBgwFoAUFpp7d7H86IeYlw4XZtSxrVDV/h0wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAXIvEz7cQGoyWcEYLrqFbOniM5p8dDEvMqIJIUY502GgNDOrmFLJm1KGkWWv0iIJawALYAYaiSL+fw4uwPHxpZe3womGMamEu5o3rbo6EsBlhoL4YrX4sUcYdW2S+jkiFpZIUM6DQxV7l2jjP/AwDKaYHx4Pjz/O1YBi5FZco4ba5Tm/Vuh71bwdK9DBHiIwPgCO5T8u1ty/OpBkepnw6OeQJQfo91jHhlWNygpbjSaR19vqqjPTl151eIXN3zCciWE0SN30tOIiutlGVVR48Sk15LqrFExhfLrxaRtbplwgu+8ZODH2NtdzZAVXy/gFsheEUoRfz08oz5VgV1t/tAA==</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:KeyDescriptor use="encryption"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>MIIDJDCCAgygAwIBAgIJALGA2SU++trDMA0GCSqGSIb3DQEBCwUAMCcxJTAjBgNVBAMMHFNBTUwgSURQIFNpZ25pbmcgY2VydGlmaWNhdGUwHhcNMTgwNjI5MTUxOTQxWhcNMTgwNzI5MTUxOTQxWjAnMSUwIwYDVQQDDBxTQU1MIElEUCBTaWduaW5nIGNlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCAMZf93ewl6dNCOS+uk3eBg2gPT5+6w1wkPyGwqRdHZJiXBOl8Bg9RPIr7G0KaVzFSfo8mQgXu3iJJPvntb73fKDxRvjCTZz6WQqFRT7TmhThKVH9UrxNzU24/Rs6zwHhKMMP106Xb7Bj7ZIY/0DEBx77Ir23r2G7NCdnxdLiR5NVNBwHNpIJw7W5L3auhdjMy9lSC07m0KYO3iVPzMIR0rNLgJXsk1Ah5JxO4IHy59DLHtuOh59p08m07lfP1E+W136iZ6mu7eXArmz5DC2m9EI6PutpWqJEogjxFw5Cz1Q9/rR+3fdcLbRSOGuVk5S1Aghs/iCzCHGLQEytYlZwIDAQABo1MwUTAdBgNVHQ4EFgQUFpp7d7H86IeYlw4XZtSxrVDV/h0wHwYDVR0jBBgwFoAUFpp7d7H86IeYlw4XZtSxrVDV/h0wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAXIvEz7cQGoyWcEYLrqFbOniM5p8dDEvMqIJIUY502GgNDOrmFLJm1KGkWWv0iIJawALYAYaiSL+fw4uwPHxpZe3womGMamEu5o3rbo6EsBlhoL4YrX4sUcYdW2S+jkiFpZIUM6DQxV7l2jjP/AwDKaYHx4Pjz/O1YBi5FZco4ba5Tm/Vuh71bwdK9DBHiIwPgCO5T8u1ty/OpBkepnw6OeQJQfo91jHhlWNygpbjSaR19vqqjPTl151eIXN3zCciWE0SN30tOIiutlGVVR48Sk15LqrFExhfLrxaRtbplwgu+8ZODH2NtdzZAVXy/gFsheEUoRfz08oz5VgV1t/tAA==</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.fleetforum.org/saml2/idp/SingleLogoutService.php"/> <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat> <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.fleetforum.org/saml2/idp/SSOService.php"/> </md:IDPSSODescriptor> <md:ContactPerson contactType="technical"> <md:GivenName>Administrator</md:GivenName> <md:EmailAddress>steve.kinuthia@fleetforum.org</md:EmailAddress> </md:ContactPerson> </md:EntityDescriptor>
如果你想在其他网站使用的SimpleSAMLphp,那么你应该使用SimpleSAMLphp扁平的文件格式
$metadata['https://login.fleetforum.org/saml2/idp/metadata.php'] = array ( 'metadata-set' => 'saml20-idp-remote', 'entityid' => 'https://login.fleetforum.org/saml2/idp/metadata.php', 'SingleSignOnService' => array ( 0 => array ( 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'Location' => 'https://login.fleetforum.org/saml2/idp/SSOService.php', ), ), 'SingleLogoutService' => array ( 0 => array ( 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'Location' => 'https://login.fleetforum.org/saml2/idp/SingleLogoutService.php', ), ), 'certData' => 'MIIDJDCCAgygAwIBAgIJALGA2SU++trDMA0GCSqGSIb3DQEBCwUAMCcxJTAjBgNVBAMMHFNBTUwgSURQIFNpZ25pbmcgY2VydGlmaWNhdGUwHhcNMTgwNjI5MTUxOTQxWhcNMTgwNzI5MTUxOTQxWjAnMSUwIwYDVQQDDBxTQU1MIElEUCBTaWduaW5nIGNlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCAMZf93ewl6dNCOS+uk3eBg2gPT5+6w1wkPyGwqRdHZJiXBOl8Bg9RPIr7G0KaVzFSfo8mQgXu3iJJPvntb73fKDxRvjCTZz6WQqFRT7TmhThKVH9UrxNzU24/Rs6zwHhKMMP106Xb7Bj7ZIY/0DEBx77Ir23r2G7NCdnxdLiR5NVNBwHNpIJw7W5L3auhdjMy9lSC07m0KYO3iVPzMIR0rNLgJXsk1Ah5JxO4IHy59DLHtuOh59p08m07lfP1E+W136iZ6mu7eXArmz5DC2m9EI6PutpWqJEogjxFw5Cz1Q9/rR+3fdcLbRSOGuVk5S1Aghs/iCzCHGLQEytYlZwIDAQABo1MwUTAdBgNVHQ4EFgQUFpp7d7H86IeYlw4XZtSxrVDV/h0wHwYDVR0jBBgwFoAUFpp7d7H86IeYlw4XZtSxrVDV/h0wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAXIvEz7cQGoyWcEYLrqFbOniM5p8dDEvMqIJIUY502GgNDOrmFLJm1KGkWWv0iIJawALYAYaiSL+fw4uwPHxpZe3womGMamEu5o3rbo6EsBlhoL4YrX4sUcYdW2S+jkiFpZIUM6DQxV7l2jjP/AwDKaYHx4Pjz/O1YBi5FZco4ba5Tm/Vuh71bwdK9DBHiIwPgCO5T8u1ty/OpBkepnw6OeQJQfo91jHhlWNygpbjSaR19vqqjPTl151eIXN3zCciWE0SN30tOIiutlGVVR48Sk15LqrFExhfLrxaRtbplwgu+8ZODH2NtdzZAVXy/gFsheEUoRfz08oz5VgV1t/tAA==', 'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient', 'contacts' => array ( 0 => array ( 'emailAddress' => 'steve.kinuthia@fleetforum.org', 'contactType' => 'technical', 'givenName' => 'Administrator', ), ), );
证书
下载X509证书作为PEM编码的文件