Dual Purpose Standard Metadata Configuration File
The dual purpose standard metadata file would contain one <EntityDescriptor> element containing both <IDPSSODescriptor> and <SPSSODescriptor> elements. The following sample is a standard metadata configuration file in which the data configures zosma21.central.sun.com as both a service provider and an identity provider.
<EntityDescriptor
xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
entityID="zosma21.central.sun.com/">
<IDPSSODescriptor
WantAuthnRequestsSigned="false"
protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<ArtifactResolutionService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://zosma21.central.sun.com:80/amserver/ArtifactResolver/
metaAlias/idp"
index="0"
isDefault="1"/>
<SingleLogoutService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="http://zosma21.central.sun.com:80/amserver/IDPSloRedirect/
metaAlias/idp"
ResponseLocation="http://zosma21.central.sun.com:80/amserver/
IDPSloRedirect/metaAlias/idp"/>
<SingleLogoutService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://zosma21.central.sun.com:80/amserver/
IDPSloSoap/metaAlias/idp"/>
<ManageNameIDService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="http://zosma21.central.sun.com:80/amserver/IDPMniRedirect/
metaAlias/idp"
ResponseLocation="http://zosma21.central.sun.com:80/amserver/
IDPMniRedirect/metaAlias/idp"/>
<ManageNameIDService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://zosma21.central.sun.com:80/amserver/IDPMniSoap/
metaAlias/idp"/>
<NameIDFormat>
urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
</NameIDFormat>
<NameIDFormat>
urn:oasis:names:tc:SAML:2.0:nameid-format:transient
</NameIDFormat>
<SingleSignOnService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="http://zosma21.central.sun.com:80/amserver/SSORedirect/
metaAlias/idp"/>
<SingleSignOnService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://zosma21.central.sun.com:80/amserver/SSOSoap/
metaAlias/idp"/>
</IDPSSODescriptor>
<SPSSODescriptor
AuthnRequestsSigned="false"
WantAssertionsSigned="false"
protocolSupportEnumeration=
"urn:oasis:names:tc:SAML:2.0:protocol">
<SingleLogoutService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="http://zosma21.central.sun.com:80/amserver/SPSloRedirect/
metaAlias/sp"
ResponseLocation="http://zosma21.central.sun.com:80/amserver/
SPSloRedirect/metaAlias/sp"/>
<SingleLogoutService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://zosma21.central.sun.com:80/amserver/SPSloSoap/
metaAlias/sp"/>
<ManageNameIDService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="http://zosma21.central.sun.com:80/amserver/SPMniRedirect/
metaAlias/sp"
ResponseLocation="http://zosma21.central.sun.com:80/amserver/
SPMniRedirect/metaAlias/sp"/>
<ManageNameIDService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://zosma21.central.sun.com:80/amserver/SPMniSoap/
metaAlias/sp"
ResponseLocation="http://zosma21.central.sun.com:80/amserver/
SPMniSoap/metaAlias/sp"/>
<NameIDFormat>
urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
</NameIDFormat>
<NameIDFormat>
urn:oasis:names:tc:SAML:2.0:nameid-format:transient
</NameIDFormat>
<AssertionConsumerService
isDefault="true"
index="0"
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
Location="http://zosma21.central.sun.com:80/amserver/Consumer/
metaAlias/sp"/>
<AssertionConsumerService
index="1"
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Location="http://zosma21.central.sun.com:80/amserver/Consumer/
metaAlias/sp"/>
</SPSSODescriptor>
</EntityDescriptor>
- © 2010, Oracle Corporation and/or its affiliates