Jämförda versioner

Nyckel

  • Dessa rader lades till.
  • Denna rad togs bort.
  • Formateringen ändrades.

...

Expandera
titlexml <saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"...

Expandera
titlexml <saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"...

<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Destination="https://www.testaeid.se/saml/module.php/saml/sp/saml2-acs.php/default-sp" ID="_23f4a13532d16df6b72af01c9a609f35" InResponseTo="_1e4918edeca3909b15fd301648da48e3bcc2da3724" IssueInstant="2024-09-26T12:12:07.060Z" Version="2.0" > <saml2:Issuer>https://eid-connect.test.funktionstjanster.se/saml2/62b41ad31dbc33e6bb963f44</saml2:Issuer> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /> <ds:Reference URI="#_23f4a13532d16df6b72af01c9a609f35"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xsd" /> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" /> <ds:DigestValue>Z2bVwao15zvB3COMMH6NV9HAktdm33NQxZtpB5ZQ67c=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue> vUZXfAt8P7usNseebq3Let8IRVOmYdjDT0yT16SprCPAg+/FLTlJWZf3nEyBtllNebxc2pCI/1rn kkxvZeSZFMTKxL/udFxkBzSmD6phQivR6VUSpRPp7QxBXejeAxFX+vcwYrZi441Z81V0sLIxl1S4 lmLOTzEaZVAAPZ6T72g0zPVewGF2FAI0fneXnmaWBgYk/tOLMXi9OpMys468D7TyNXWedkP0WB59 LlW/L2NvnwGUHU6mWPi2Q1znveQFT9XDwemhc29gl1zn5J9ReirojKOT1zh9tIbLk/CqJNvyXQvx pazkVq/N23ijnmEqzwkvAvwt5860bAE0gKSd4A== </ds:SignatureValue> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate>MIIEejCCAmKgAwIBAgIURCL8DMtCZIWzue3wu3XLu8+bJicwDQYJKoZIhvcNAQELBQAwSDELMAkGA1UEBhMCU0UxFzAVBgNVBAoTDkNHSSBTdmVyaWdlIEFCMSAwHgYDVQQDExdjYS5mdW5rdGlvbnN0amFuc3Rlci5zZTAeFw0yNDAyMTUwMDAwMDBaFw0yNjAyMTQyMzU5NTlaMFAxFDASBgNVBAMTC2RlZmF1bHQtaWRwMRcwFQYDVQQKEw5DR0kgU3ZlcmlnZSBBQjELMAkGA1UEBhMCU0UxEjAQBgNVBAgTCVN0b2NraG9sbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMBEUHzloQ0hFFQfkjBBulMYmj1pFEgvB1RT+/YTT0jAkKs2j3fgy6kit0+S+X33YFPHL/TUdIwOYw1TzpSiAoU3QhLbmOSMF0RiVvSzD18oLm7A3M3TuVlwa4LlZuQSBvAiJWv2Gj5eSiIovYyUiSc2o6xJ4U9L+FDfrvzDDA/+p7AspQUPM724sv9MgjnUm8nUvZ4AyuNk5oaNaXpFg7EqwYmV5En3wATHUW2FlZg9tuN/cv5CYI0cckzrMrFnY0ch0DZRSvnFGHsAqH1+sz0HFO7LaIsyYCqd6vcZmkuJ3vDrbkwgHf0iepVg7nr5sEHTW35g3+1A7eIxPe7cfs0CAwEAAaNUMFIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU6LFe4ujFshcwv9kqTMAWIhruPdkwCwYDVR0PBAQDAgPoMBYGA1UdEQQPMA2CC2RlZmF1bHQtaWRwMA0GCSqGSIb3DQEBCwUAA4ICAQCo5aqLCF+CsG5IhRdw7tHTUnmEk2wt+JbISJHoZTd6MRGnSLJBJRywOCqklzrHO/wEk9YCtecKmqckg81O/W6LFzNA5C70VsMZC7yct6dQTFq4rbzcKY9mmrp3pu4M91RyInyS54eLI4zuLNrLDtyJg5JOaf9zR2qspjgnNc3rR6JR1HgB5hw5dMYXKpRM+qlzBqVCBaDiwD8q0txbb/QsNglAyLM9+fgAL6goaIf6QBhsFuI/SXd86T5Sbqb7KzZLDeLQ65gtARWcjKPBgY1Va99eE2gUPMAa5OPhsiZnJLZ5TNEuK68o+Ww8jPLMVLCavPAxjD3tr1JErD2V+XMQlsQcdMMFAjn2QNdYj//DmRZWUaQ7erkDl3leRmcojWqe0DNEvVcLhw3lVBbLqfWGiz7UF2ikpsJwIJx5lwnPm+ihG4wVKSgt5hmnxBu9RchsU4KcV5oKswX2oFKvDQ2xYdRByVuO6rjMEQ0+wYnpneNJbD5/OSTJEervqhBCeK/TcD3+AgCoSGeZWH3UpsG45XoW3QAGPzowrijoVoIjpgp/9fY+QOK8pIdP4oU6x/WcZdoM76hiT1t/ZQHqdeLbq+K1QuZZYLf/i6HcznH20rWWmO+BhNVJvTGeJ16f91jPqY4ict30lgfmzkIfTysaktRtOy2h0MpkD9JxP2ZOiw==</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </ds:Signature> <saml2p:Status> <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" /> </saml2p:Status> <saml2:Assertion ID="_a5770ec4-29ec-4c0a-86e4-97f5a7e4abb0" IssueInstant="2024-09-26T12:12:07.060Z" Version="2.0" > <saml2:Issuer>https://eid-connect.test.funktionstjanster.se/saml2/62b41ad31dbc33e6bb963f44</saml2:Issuer> <saml2:Subject> <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_840460a08876f27d6f92dc2c4d5e94ed</saml2:NameID> <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"> <saml2:SubjectConfirmationData Address="85.119.130.113" InResponseTo="_1e4918edeca3909b15fd301648da48e3bcc2da3724" NotOnOrAfter="2024-09-26T12:28:47.060Z" Recipient="https://www.testaeid.se/saml/module.php/saml/sp/saml2-acs.php/default-sp" /> </saml2:SubjectConfirmation> </saml2:Subject> <saml2:Conditions NotBefore="2024-09-26T12:12:07.060Z" NotOnOrAfter="2024-09-26T12:28:47.060Z" > <saml2:AudienceRestriction> <saml2:Audience>https://www.testaeid.se/saml/module.php/saml/sp/metadata.php/default-sp</saml2:Audience> </saml2:AudienceRestriction> </saml2:Conditions> <saml2:AuthnStatement AuthnInstant="2024-09-26T12:12:07.060Z" SessionIndex="_a5770ec4-29ec-4c0a-86e4-97f5a7e4abb0" SessionNotOnOrAfter="2024-09-26T12:28:47.060Z" > <saml2:SubjectLocality Address="85.119.130.113" /> <saml2:AuthnContext> <saml2:AuthnContextClassRef>http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml2:AuthnContextClassRef> </saml2:AuthnContext> </saml2:AuthnStatement> <saml2:AttributeStatement> <saml2:Attribute Name="LoginMethod"> <saml2:AttributeValue xsi:type="xsd:string">bankid.qr-start-token</saml2:AttributeValue> </saml2:Attribute> <saml2:Attribute Name="Subject_SerialNumber"> <saml2:AttributeValue xsi:type="xsd:string">197802032388</saml2:AttributeValue> </saml2:Attribute> <saml2:Attribute Name="Subject_Surname"> <saml2:AttributeValue xsi:type="xsd:string">Larsson</saml2:AttributeValue> </saml2:Attribute> <saml2:Attribute Name="Subject_CommonName"> <saml2:AttributeValue xsi:type="xsd:string">Anna Larsson</saml2:AttributeValue> </saml2:Attribute> <saml2:Attribute Name="Subject_GivenName"> <saml2:AttributeValue xsi:type="xsd:string">Anna</saml2:AttributeValue> </saml2:Attribute> </saml2:AttributeStatement> </saml2:Assertion> </saml2p:Response>

Logout Request

Observera att Logout Request inte per automatik fungerar hela vägen ut i IdP test. IdP:n vet inte var SLO-responsen skall skickas, men användaren blir ändå utloggad ur IdP:n. Skall hela SLO-flödet testas i IdP test måste test-SP konfigureras in speciellt i IdP test vilket normalt inte görs/ingår. I produktion konfigureras SLO normalt för varje SP.

...