The dual purpose standard metadata file would contain one <EntityDescriptor> element containing both <IDPSSODescriptor> and <SPSSODescriptor> elements. The following sample is a standard metadata configuration file in which the data configures zosma21.central.sun.com as both a service provider and an identity provider.
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="zosma21.central.sun.com/"> <IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://zosma21.central.sun.com:80/amserver/ArtifactResolver/ metaAlias/idp" index="0" isDefault="1"/> <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://zosma21.central.sun.com:80/amserver/IDPSloRedirect/ metaAlias/idp" ResponseLocation="http://zosma21.central.sun.com:80/amserver/ IDPSloRedirect/metaAlias/idp"/> <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://zosma21.central.sun.com:80/amserver/ IDPSloSoap/metaAlias/idp"/> <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://zosma21.central.sun.com:80/amserver/IDPMniRedirect/ metaAlias/idp" ResponseLocation="http://zosma21.central.sun.com:80/amserver/ IDPMniRedirect/metaAlias/idp"/> <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://zosma21.central.sun.com:80/amserver/IDPMniSoap/ metaAlias/idp"/> <NameIDFormat> urn:oasis:names:tc:SAML:2.0:nameid-format:persistent </NameIDFormat> <NameIDFormat> urn:oasis:names:tc:SAML:2.0:nameid-format:transient </NameIDFormat> <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://zosma21.central.sun.com:80/amserver/SSORedirect/ metaAlias/idp"/> <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://zosma21.central.sun.com:80/amserver/SSOSoap/ metaAlias/idp"/> </IDPSSODescriptor> <SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="false" protocolSupportEnumeration= "urn:oasis:names:tc:SAML:2.0:protocol"> <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://zosma21.central.sun.com:80/amserver/SPSloRedirect/ metaAlias/sp" ResponseLocation="http://zosma21.central.sun.com:80/amserver/ SPSloRedirect/metaAlias/sp"/> <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://zosma21.central.sun.com:80/amserver/SPSloSoap/ metaAlias/sp"/> <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://zosma21.central.sun.com:80/amserver/SPMniRedirect/ metaAlias/sp" ResponseLocation="http://zosma21.central.sun.com:80/amserver/ SPMniRedirect/metaAlias/sp"/> <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://zosma21.central.sun.com:80/amserver/SPMniSoap/ metaAlias/sp" ResponseLocation="http://zosma21.central.sun.com:80/amserver/ SPMniSoap/metaAlias/sp"/> <NameIDFormat> urn:oasis:names:tc:SAML:2.0:nameid-format:persistent </NameIDFormat> <NameIDFormat> urn:oasis:names:tc:SAML:2.0:nameid-format:transient </NameIDFormat> <AssertionConsumerService isDefault="true" index="0" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://zosma21.central.sun.com:80/amserver/Consumer/ metaAlias/sp"/> <AssertionConsumerService index="1" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://zosma21.central.sun.com:80/amserver/Consumer/ metaAlias/sp"/> </SPSSODescriptor> </EntityDescriptor>